1

Here is my login script. I have two users 20002143, and 60000027 the first will authenticate and redirect as scripted the second will authenticate and stay on the same page. I cannot figure out why. I have inserted breakpoints all over this code and it tells me it authenticates but then why is the login page just reloading: 

public bool AuthenticateActiveDirectory(string Domain, string EmployeeID, string Password)
{
    try
    {
        DirectoryEntry entry = new DirectoryEntry("LDAP://" + Domain, EmployeeID, Password);
        object nativeObject = entry.NativeObject;
        return true;
    }
    catch
    {

        return false;
    }
}

protected void btnLogin_Click(object sender, EventArgs e)
{
    string Domain = "domain.local";
    string EmployeeID = txtUserID.Text;
    string Password = txtPassword.Text;
    string ADStatus = null;

    if (AuthenticateActiveDirectory(Domain, EmployeeID, Password) == true)
    {
        ADStatus = "Success";
        Session["SessionLoginStatus"] = ADStatus;
        Response.Redirect("Intro.aspx?redir=Success&userid=" + EmployeeID);
    }
    else
    {
        ADStatus = "Failure";
        Session["SessionLoginStatus"] = ADStatus;
        lblADError.Visible = true;
        lblADError.Text = "Please Check Your Password<br />";
    }           
}

Here is the other part of this. If I use the URL to login falsely with the second empID 

https://www.site.com/folder/intro.aspx?redir=Success&userid=60000027

it will redirect me back to the login but this makes no sense also since Intro.aspx login check is scripted like this. 

//checking to see if user logged in
if ((ADStatus == "Success") && (UserID.Length >= 8))
{

}
if ((ADStatus == null) || (UserID.Length < 8))
{
    ADStatus = "Failure";
    Session["SessionLoginStatus"] = ADStatus;
    Response.Redirect("https://www.site.com/folder/userlogin.aspx");
}
else if (ADStatus == "Failure")
{
    ADStatus = "Failure";
    Session["SessionLoginStatus"] = ADStatus;
    Response.Redirect("https://www.site.com/folder/userlogin.aspx");
}

What am I leaving out or doing wrong here?

Edited

The issue was caused by logic on the second page which tossed the user back to the login if the user's ID did not match a list of users defined in a SQL table.

Skullomania
  • 2,225
  • 2
  • 29
  • 65
  • Try comparing the requests and their responses in Fiddler and see if that gives any clues; or if you can at least share the data with us if you don't know how to debug it yourself using Fiddler. – Brian Deragon Oct 16 '14 at 21:07
  • I have opened fiddler but it only says Tunnel to www.site.com when hitting and leaving the login page – Skullomania Oct 16 '14 at 21:26
  • can you copy/paste the raw responses from both requests? – Brian Deragon Oct 16 '14 at 21:26
  • guys, if I loose reputation for this question I totally understand. The issue was caused by the argument on the second page which threw the user back to the login if the ID did not match a user list in a SQL table. – Skullomania Oct 16 '14 at 21:42
  • as long as that's adequately explained/mentioned (you might even want to edit the post) there's no reason you should lose reputation for asking for help on an honest problem. – Brian Deragon Oct 17 '14 at 17:08

1 Answers1

2

In no way, shape or forum are you authenticating users on LDAP server. In fact, your authentication method will never return false because entry will never be null and the constructor for DirectoryEntry will never throw an exception.

With that being said, check that you're typing in the credentials correctly (because I know you're not). Look at your in statement for the redirect. Since your authenticate method always returns true, it will try to redirect every and anyone however fail because you're using invalid credentials.

So, how about you actually authenticate users using PrincipalContext. Here is a little explaining between the two with this DirectoryEntry question.

By the way, you're going to want to use the bool returned by PrincipalContext.ValidateUser call.

Community
  • 1
  • 1
Kcvin
  • 5,073
  • 2
  • 32
  • 54