I want to develop an ASP.NET application that can detect the user logged on a Window Domain. These credentials are going to be used to logging on the ASP.NET application.
How can I do this?
Thanks!
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
In IIS, turn on Integrated Windows Authentication, and in code, if you use:
Request.ServerVariables["LOGON_USER"]
it will return the windows username of the logged in user, i.e. MYDOMAIN\MYUSERNAME
回答2:
For ASP.net, you can probably use
HttpContext.Current.User.Identity
If IIS is configured correctly (no anonymous logons, at least)
回答3:
Here is C# code I use to authenticate against the Active Directory
using System;
using System.DirectoryServices;
namespace XYZcompany.Enterprise
{
public class AuthenicationMgr
{
private static readonly int AD_ERR_LOGON_FAIL = -2147023570;
private static readonly string _path = "LDAP://xxx.yyy.ggg";
private static readonly string _domain = "xxx.yyy.ggg";
public static bool IsAuthenticated(string username, string pwd)
{
bool authenticatedFlag = true;
string domainAndUsername = _domain + "\\" + username;
DirectoryEntry entry = new DirectoryEntry(_path, domainAndUsername, pwd);
try
{
// Bind to the native AdsObject to force authentication.
Object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
if (result == null)
{
authenticatedFlag = false;
}
else
{
authenticatedFlag = true;
}
}
catch (System.Runtime.InteropServices.COMException ex)
{
if (ex.ErrorCode == AD_ERR_LOGON_FAIL)
{
authenticatedFlag = false;
}
else
{
throw new ApplicationException("Unable to authenticate user due to system error.", ex);
}
}
return authenticatedFlag;
}
}
}
回答4:
You should look into the active directory membership provider. It's built into ASP.NET.
回答5:
System.Security.Principal.WindowsIdentity.GetCurrent().User.ToString
