affriedl
Posts: 24
|
Posted: 11/21/2006, 2:14 PM |
|
Here's some code I have put together on the quick, hope it is useful.
1. Put the included class at the bottom of the the DataUtility.cs class that was created by CCS.
2. Create your login form.
3. In the login pages Login_Button_DoLogin_OnClick event you need to replace the line that reads if ( Membership.ValidateUser(Loginlogin.Text,Loginpassword.Text)) { with the following code: if ( ADSecurity.LogonUser(Loginlogin.Text,Loginpassword.Text) ) {
I have successfully validated the user against ActiveDirectory in this manner although I still am up in the air about how to link this into the group based validation that CCS is wanting to impose on the forms.
public class ADSecurity
//
// ADSecurity Login Class
//
{
[DllImport("advapi32.dll", CharSet = CharSet.Auto)]
public static extern int LogonUser(string lpszUserName,
string lpszDomain,
string lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_PROVIDER_DEFAULT = 0;
public static bool LogonUser(string lpszUserName, string, lpszDomain, string lpszPassword)
{
IntPtr token = IntPtr.Zero;
return LogonUser(lpszUserName,
lpszDomain,
lpszPassword,
ADSecurity.LOGON32_LOGON_INTERACTIVE,
ADSecurity.LOGON32_PROVIDER_DEFAULT,
ref token) != 0;
}
}
|
affriedl
Posts: 24
|
Posted: 11/21/2006, 2:30 PM |
|
Quote :I still am up in the air about how to link this into the group based validation
Given the previously supplied code, you create a table that has UserID, UserLogin, UserPass, UserGroup according to the standard CCS requirements and then set all that information into the CCS project security settings.
Because you'll be validating against the AD Domain you can leave the UserPass field as null.
One current limitation with this methodology: If you successfully login to the AD Domain and do not have the security for the page you have requested (not in the database or not in the right group) - you get returned to the login form without any message indicating why.
|