【问题标题】:wpf - LDAP always returns false when validatingwpf - LDAP 在验证时总是返回 false
【发布时间】:2017-03-06 20:48:22
【问题描述】:

我的登录窗口使用 LDAP 来验证用户。但是,在验证时,它总是返回 false。

这是我从 CodeProject 获得的验证代码:

public bool fnValidateUser()
    {
        bool validation;
        try
        {
            LdapConnection lcon = new LdapConnection
                    (new LdapDirectoryIdentifier((string)null, false, false));
            NetworkCredential nc = new NetworkCredential(Environment.UserName,
                                   txtPassword.SecurePassword, Environment.UserDomainName);
            lcon.Credential = nc;
            lcon.AuthType = AuthType.Negotiate;
            // user has authenticated at this point,
            // as the credentials were used to login to the dc.
            lcon.Bind(nc);
            validation = true;
        }
        catch (LdapException)
        {
            validation = false;
        }
        return validation;
    }

txtPassword.SecurePassword 是密码框。当我输入密码/pin 并点击登录时,只要验证为假,它就会显示 MessageBox。

我做错了什么?

更新:异常表示“LDAP 服务器不可用”,在这一行lcon.Bind(nc);

【问题讨论】:

  • 添加一个日志来捕获异常,你得到了什么异常?
  • @Dinesh 我刚刚添加了它
  • 根据这个例外,您的 LDAP 服务器已关闭或根本没有连接。

标签: c# wpf validation ldap


【解决方案1】:

你可以试试这个示例代码。

// the username and password to authenticate
const string domain = "OU=Organization,DC=mydomain,DC=com";
string password = "mypass";
string userName = "myuser";

// define your connection
LdapConnection ldapConnection = new LdapConnection("ldap.mydomain.com:389");

try
{
   // authenticate the username and password
   using (ldapConnection)
   {
       // pass in the network creds, and the domain.
       var networkCredential = new NetworkCredential(username, password, domain);

       // if we're using unsecured port 389, set to false. If using port 636, set this to true.
       ldapConnection.SessionOptions.SecureSocketLayer = false;

       // since this is an internal application, just accept the certificate either way
       ldapConnection.SessionOptions.VerifyServerCertificate += delegate { return true; };

       // to force NTLM\Kerberos use AuthType.Negotiate, for non-TLS and unsecured, just use AuthType.Basic
       ldapConnection.AuthType = AuthType.Basic;

       // authenticate the user
       ldapConnection.Bind(networkCredential);
   }
   catch (LdapException ldapException)
   {
       //Authentication failed, exception will dictate why
   }
}

【讨论】:

  • 域和 LdapConnection 在安装到用户 PC 上时需要是动态的。我应该用 Environment.UserDomainName 替换字符串吗?
  • 尝试对值进行硬编码并确保工作正常,然后您可以将其替换为动态值。
【解决方案2】:

我继续并找到了另一种方法,但不使用 LDAP。

PrincipalContext adContext = new PrincipalContext(ContextType.Machine);
private async void btnLogin_Click(object sender, RoutedEventArgs e)
    {
        try
        {
            using (adContext)
            {
                if (adContext.ValidateCredentials(txtUsername.Text, txtPassword.Password))
                {
                    MainWindow main = new MainWindow();

                    main.Show();
                    main.txtLoggedInUser.Text = UserPrincipal.Current.DisplayName;

                    this.Close();
                }
                else
                {
                    MessageBox.Show("Incorrect Username or Password!");
                }
            }
        }
        catch(Exception ex)
        {
            var exceptionDialog = new MessageDialog
            {
                Message = { Text = ex.ToString() }
            };

            await DialogHost.Show(exceptionDialog, "RootDialog");
        }
    }

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2022-11-09
    • 2014-05-30
    • 2022-01-16
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多