User authentication using ASP.NET and Active Directory Services

delinda

New member
Joined
Jul 1, 2008
Messages
4
Programming Experience
Beginner
Hi,

I'm using Windows XP Professional with IIS. I developed Login page that authenticated user in Active Directory Services.

Here's some code,
VB.NET:
Public Function IsAuthenticated(ByVal domain As String, ByVal username As String, ByVal pwd As String) As Boolean
    Dim domainAndUsername As String = domain + "\" + username
    Dim entry As New DirectoryEntry(_path, domainAndUsername, pwd)
    Try
        ' Bind to the native AdsObject to force authentication.
        Dim obj As Object = entry.NativeObject
        Dim search As New DirectorySearcher(entry)
        search.Filter = "(SAMAccountName=" + username + ")"
        search.PropertiesToLoad.Add("cn")
        Dim result As SearchResult = search.FindOne()
        If result Is Nothing Then
            Return False
        End If
        ' Update the new path to the user in the directory
        _path = result.Path
        _filterAttribute = DirectCast(result.Properties("cn")(0), String)
    Catch ex As Exception

        '----------error log
        ' Get current date and time
        Dim dt As DateTime = DateTime.Now
        Dim logFile As String = "C:\jai_logfiles\ADServicesClass.txt"
        Dim logWriter As StreamWriter
        'logFile = ConfigurationSettings.AppSettings["LogFilePath"];
        If File.Exists(logFile) Then
            logWriter = File.AppendText(logFile)
        Else
            logWriter = File.CreateText(logFile)
        End If
        logWriter.Write(dt.ToString("dd MMM yyyy HH:mm:ss").ToString() + " - Error at IsAuthenticated-->" + ex.Message)
        logWriter.Close()

        Return False
    End Try
    Return True
End Function

My domain is: GW_ASIAPACIFIC
LDAP Path is: LDAP://kopvsedpool.jai.com/dc=jai,dc=com

Below is my web.config files
---------------------------------
HTML:
<?xml version="1.0"?>
<!-- 
    Note: As an alternative to hand editing this file you can use the 
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in 
    machine.config.comments usually located in 
    \Windows\Microsoft.Net\Framework\v2.x\Config 
-->
<configuration>
	<appSettings>
		<add key="ConnectionString" value="Data Source=KUAWLFLOAT002;Initial Catalog=Crp_JAI;Integrated Security=SSPI;"/>
	</appSettings>
	<connectionStrings/>
	<system.web>
		<!-- 
            Set compilation debug="true" to insert debugging 
            symbols into the compiled page. Because this 
            affects performance, set this value to true only 
            during development.

            Visual Basic options:
            Set strict="true" to disallow all data type conversions 
            where data loss can occur. 
            Set explicit="true" to force declaration of all variables.
        -->
		<compilation debug="true" strict="false" explicit="true">
			<assemblies>
				<add assembly="System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/></assemblies></compilation>
		<pages>
			<namespaces>
				<clear/>
				<add namespace="System"/>
				<add namespace="System.Collections"/>
				<add namespace="System.Collections.Generic"/>
				<add namespace="System.Collections.Specialized"/>
				<add namespace="System.Configuration"/>
				<add namespace="System.Text"/>
				<add namespace="System.Text.RegularExpressions"/>
				<add namespace="System.Web"/>
				<add namespace="System.Web.Caching"/>
				<add namespace="System.Web.SessionState"/>
				<add namespace="System.Web.Security"/>
				<add namespace="System.Web.Profile"/>
				<add namespace="System.Web.UI"/>
				<add namespace="System.Web.UI.WebControls"/>
				<add namespace="System.Web.UI.WebControls.WebParts"/>
				<add namespace="System.Web.UI.HtmlControls"/>
			</namespaces>
		</pages>
		<!--
            The <authentication> section enables configuration 
            of the security authentication mode used by 
            ASP.NET to identify an incoming user. 
        -->
		<authentication mode="Forms">
			<!--forms loginUrl="login.aspx" protection="All" timeout="30" name=".ASPXAUTH" path="/" slidingExpiration="true"/-->
      <forms loginUrl="login.aspx" name=".ASPXAUTH" timeout="60" path="/"> </forms>
    </authentication>
    <authorization>
      <deny users="?" />
      <allow users="*" />
    </authorization>
    <identity impersonate="true"/>
    <!--
            The <customErrors> section enables configuration 
            of what to do if/when an unhandled error occurs 
            during the execution of a request. Specifically, 
            it enables developers to configure html error pages 
            to be displayed in place of a error stack trace.

        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
            <error statusCode="403" redirect="NoAccess.htm" />
            <error statusCode="404" redirect="FileNotFound.htm" />
        </customErrors>
        -->
	</system.web>
	<!-- Set up Authorization using location tag. -->
	<location path="graphic">
		<system.web>
			<authorization>
				<allow users="*"/>
			</authorization>
		</system.web>
	</location>
	<location path="js">
		<system.web>
			<authorization>
				<allow users="*"/>
			</authorization>
		</system.web>
	</location>
	<!--location path="secured">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location-->
</configuration>

---------------------------------

I'm setup my IIS with
1. Under Anonymous access and authentication control - i clicked Edit...
2. Authentication Methods Dialog will diplayed.
3. I checked Anonymous access, then I set as follow,
Account used for anonymous access:
User: jai
Password: jai123
I'm unchecked Allow IIS to control password
Then, i clicked OK and OK again to close the property dialog.
---------------------------------------------------------------

When run the web application, i got error in my logfiles it shown
The requested authentication method is not supported by the server.

My question is,
1. What did i miss my asp.net code, web.config and IIS setting etc?
2. Did i need do something with configuration and setting at directory server to make sure requested authentication method is supported?

I'm really-really stuck.
 
Last edited by a moderator:
Top Bottom