我下面的代码有效,但它没有使用从客户端传递的密码。在AD中找到正确的用户后,是否有办法将客户端传递的密码与AD中的密码进行匹配?
谢谢!
Public Class FordLoginController
Inherits ApiController
Public Class StoreCredentials
Public Property UsernameAX As String
Public Property PasswordAX As String
End Class
Public Function PostValue(<FromBody()> ByVal creds As StoreCredentials) As HttpResponseMessage
Dim username As String = creds.UsernameAX
Dim password As String = creds.PasswordAX
Dim ctx As New PrincipalContext(ContextType.Domain, "ford", "dc=biz,dc=ford,dc=com")
Dim user As UserPrincipal = UserPrincipal.FindByIdentity(ctx, username)
Dim response As HttpResponseMessage
If user IsNot Nothing Then
response = Request.CreateResponse(HttpStatusCode.Found)
response.Headers.Location = New Uri("/loginAndContinue/login.aspx")
Return response
End If
response = Request.CreateResponse(HttpStatusCode.Forbidden)
Return response
End Function
End Class
答案 0 :(得分:1)
来自VBForums
http://www.vbforums.com/showthread.php?352349-Validate-Login-against-Active-Directory
Private Function ValidateActiveDirectoryLogin(ByVal Domain As String, ByVal Username As String, ByVal Password As String) As Boolean
Dim Success As Boolean = False
Dim Entry As New System.DirectoryServices.DirectoryEntry("LDAP://" & Domain, Username, Password)
Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
Searcher.SearchScope = DirectoryServices.SearchScope.OneLevel
Try
Dim Results As System.DirectoryServices.SearchResult = Searcher.FindOne
Success = Not (Results Is Nothing)
Catch
Success = False
End Try
Return Success
End Function
使用
If ValidateActiveDirectoryLogin("VBForums", "Woof", "Mouse") Then
'do something
End If