Resources » .NET programming » ASP.NET/Web Applications

Active Directory Authentication with Form Based Authentication with VB.net


Posted Date: 26-Sep-2006  Last Updated:   Category: ASP.NET/Web Applications    
Author: Member Level: Gold    Points: 10


In this Article , I am trying to explain the concept of Form authentication with Active Directory.



Introduction



The Process is goes like this

Login ---> Authenticate with active directory users --> Authenticate with Form based authentication with database.-->

Application main page

Active Directory : Active Directory is an implementation of LDAP directory services by Microsoft for use in Windows

environments. Active Directory allows administrators to assign enterprise-wide policies, deploy programs to many computers,

and apply critical updates to an entire organization. An Active Directory stores information and settings relating to an

organization in a central, organized, accessible database. Active Directory networks can vary from a small installation with

a few hundred objects, to a large installation with millions of objects.

please ckeck this for more information about the

active directory.



Now i am giving you the step by step process of authentication.

sTEP 1:Configure IIS for anonymous authentication

1.

In the IIS Manager (in Administrative Tools) or the MMC snap-in for IIS, right-click the Web site for which you want to

configure authentication, and then click Properties.
2.

Click the Directory Security tab, and then under Authentication and access control, click Edit.
3.

Select the Anonymous Authentication check box (labeled Enable anonymous access in Windows Server 2003).
4.

Make the anonymous account for the application an account that has permission to Active Directory.
5.

Clear the Allow IIS To Control Password check box, if it is present. The default IUSR_ account does not

have permission to the Active Directory.


step 2 :


Add a reference of System.DirectoryServices.To Add reference right click project then select add reference than Visual Studio

opens a dialouge box then select the System.DirectoryServices after selecting check your web config it will shows you this

 < add assembly="System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/> 


under the .

it assures that the reference has been added to your application.

Come to your login page's code behind file then import System.DirectoryServices

 Imports System.DirectoryServices



Step 3 :Write code in Web Config file for Form authentication



< authentication mode="Forms">
< forms path="/" loginUrl="login.aspx" protection="All" timeout="30">
< /forms>
< /authentication>




To cope with active directory put this after above code
< identity impersonate="true"/>





Step 4: Write a Funtion to authenticate the active directory users. This funtion accepts the user name and password and

authenticate with Active Directory users.



Public Function IsAuthenticated(ByVal domain As String, ByVal username As String, ByVal pwd As String) As Boolean

Dim domainAndUsername As String = ""
domainAndUsername = domain & "\" & username
Dim entry As New DirectoryEntry("LDAP://DC=ABC,DC=local", domainAndUsername, pwd)
Dim obj As Object
Try
obj = entry.NativeObject
Dim search As New DirectorySearcher(entry)
Dim result As SearchResult
search.Filter = "(SAMAccountName=" + username + ")"
search.PropertiesToLoad.Add("cn")
result = search.FindOne()
If result Is Nothing Then
Return False
End If
Catch ex As Exception

Return False
End Try

Return True
End Function



for more information about LDAP click here


step 5 :

Write Function for form authentication with database user.

Function ValidateUsers(ByVal UserName As String, ByVal PassWord As String) As Boolean
---------------
----------------
--------------
'Write your database logic here and authenticate with database users
'In This User name and password will authenticate with your respective database table
End function




STEP 6 :

Call both functions



If ValidateUsers(DBusername, DBpassword) And IsAuthenticated("ABC.local", "activeDirectoryUser", "Userpassword") Then

FormsAuthentication.RedirectFromLoginPage(name, False)
lblError.Text = ""

Else
lblError.Text = "Invalid User Name , Password or Division"
End If







Summary



I hope this article will helps you to create more secure web applications
Thanks
Gaurav Sharma


Did you like this resource? Share it with your friends and show your love!

Responses to "Active Directory Authentication with Form Based Authentication with VB.net"
Feedbacks      

Post Comment:




  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name:   Sign In to fill automatically.
    Email: (Will not be published, but required to validate comment)



    Type the numbers and letters shown on the left.


    Submit Article     Return to Article Index

    Subscribe to Subscribers
    Awards & Gifts
    Talk to Webmaster Tony John

    Online Members

    Ameer Ali
    More...
    Copyright © SpiderWorks Technologies Pvt Ltd., Kochi, India