Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/csharp/286.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C# 2层应用程序中的.NET Active Directory授权_C#_.net_Active Directory_Windows Security - Fatal编程技术网
Fatal编程技术网
  • csharp/
  • C# 2层应用程序中的.NET Active Directory授权

C# 2层应用程序中的.NET Active Directory授权

c# .net active-directory

C# 2层应用程序中的.NET Active Directory授权,c#,.net,active-directory,windows-security,C#,.net,Active Directory,Windows Security,假设我们有一个PC站(windows 10)加入到Active Directory,并且有一个用户已登录 我有一个应用程序(客户端层直接连接到数据库)。目前,应用程序在启动时会提示输入登录名/密码,但是我想更改这一点,如果当前用户已连接到域(登录系统),则在不提示输入凭据的情况下立即为其提供访问权限 我可以想象,一旦用户登录到系统,帐户可以同时被禁用,或者密码需要更改或密码过期。由于我没有该帐户的密码,问题是 如何验证Active Directory中当前登录的用户,以确定我是否可以授予他访问应

假设我们有一个PC站(windows 10)加入到Active Directory,并且有一个用户已登录

我有一个应用程序(客户端层直接连接到数据库)。目前,应用程序在启动时会提示输入登录名/密码,但是我想更改这一点,如果当前用户已连接到域(登录系统),则在不提示输入凭据的情况下立即为其提供访问权限

我可以想象,一旦用户登录到系统,帐户可以同时被禁用,或者密码需要更改或密码过期。由于我没有该帐户的密码,问题是

如何验证Active Directory中当前登录的用户,以确定我是否可以授予他访问应用程序的权限?

您可以检查:

这是我的解决方案。它到达AD目录并检查帐户是否确实存在,并验证其已启用身份验证属性。也许有人会帮上忙

public class ADAuthentication 
{
    private string userPrincipalName = UserPrincipal.Current.UserPrincipalName;
    private string userName = Environment.UserName;

    public string UserPrincipalName
    {
        get { return userPrincipalName; }
        set { userPrincipalName = value; }
    }

    public string Username
    {
        get { return userName; }
        set { userName = value; }
    }

    private string domainName;
    private string container;

    public enum AuthenticationMode { Credentials, ActiveDirectory };

    public AuthenticationMode GetAuthenticationType()
    {            
        if (String.Equals(domainName, Environment.UserDomainName, StringComparison.OrdinalIgnoreCase))
        {
            try
            {
                using (var domainContext = new PrincipalContext(ContextType.Domain, domainName, container))
                {
                    using (var foundUser = UserPrincipal.FindByIdentity(domainContext, IdentityType.UserPrincipalName, userPrincipalName))
                    {                            
                        if (foundUser != null && foundUser.Enabled == true)
                            return AuthenticationMode.ActiveDirectory;
                    }
                }
            }
            catch (AuthenticationException)
            {
                return AuthenticationMode.Credentials;
            }
            catch (PrincipalServerDownException)
            {
                return AuthenticationMode.Credentials;
            }
        }
        return AuthenticationMode.Credentials;
    }

    public ADAuthentication (string domainName)
    {            
        if (string.IsNullOrWhiteSpace(domainName))
            throw new InvalidOperationException("The domainName parameter is required.");

        string[] parts = domainName.Split('.');
        this.domainName = parts[0];
        this.container = string.Empty;
        for (int i = 0; i < parts.Length; i++)
        {
            string separator = string.IsNullOrEmpty(container) ? "" : ",";
            this.container += string.Format("{0}DC={1}", separator, parts[i]);
        }
    }                
}

公共类身份验证
{
私有字符串userPrincipalName=userPrincipalName.Current.userPrincipalName;
私有字符串userName=Environment.userName;
公共字符串UserPrincipalName
{
获取{return userPrincipalName;}
设置{userPrincipalName=value;}
}
公共字符串用户名
{
获取{返回用户名;}
设置{userName=value;}
}
私有字符串域名;
私有字符串容器;
公共枚举身份验证模式{凭据,ActiveDirectory};
公共身份验证模式GetAuthenticationType()
{            
if(String.Equals(domainName、Environment.UserDomainName、StringComparison.OrdinalIgnoreCase))
{
尝试
{
使用(var domainContext=newprincipalcontext(ContextType.Domain、domainName、container))
{
使用(var foundUser=UserPrincipal.FindByIdentity(domainContext,IdentityType.UserPrincipalName,UserPrincipalName))
{                            
if(foundUser!=null&&foundUser.Enabled==true)
返回AuthenticationMode.ActiveDirectory;
}
}
}
捕获(AuthenticationException)
{
返回AuthenticationMode.Credentials;
}
捕获(PrincipalServerDownException)
{
返回AuthenticationMode.Credentials;
}
}
返回AuthenticationMode.Credentials;
}
公共ADAuthentication(字符串域名)
{            
if(string.IsNullOrWhiteSpace(域名))
抛出新的InvalidOperationException(“需要域名参数”);
string[]parts=domainName.Split('.');
this.domainName=parts[0];
this.container=string.Empty;
对于(int i=0;i
你解决问题了吗?@FalcoAlexander看看我的答案。希望它能帮助你。 
public class ADAuthentication 
{
    private string userPrincipalName = UserPrincipal.Current.UserPrincipalName;
    private string userName = Environment.UserName;

    public string UserPrincipalName
    {
        get { return userPrincipalName; }
        set { userPrincipalName = value; }
    }

    public string Username
    {
        get { return userName; }
        set { userName = value; }
    }

    private string domainName;
    private string container;

    public enum AuthenticationMode { Credentials, ActiveDirectory };

    public AuthenticationMode GetAuthenticationType()
    {            
        if (String.Equals(domainName, Environment.UserDomainName, StringComparison.OrdinalIgnoreCase))
        {
            try
            {
                using (var domainContext = new PrincipalContext(ContextType.Domain, domainName, container))
                {
                    using (var foundUser = UserPrincipal.FindByIdentity(domainContext, IdentityType.UserPrincipalName, userPrincipalName))
                    {                            
                        if (foundUser != null && foundUser.Enabled == true)
                            return AuthenticationMode.ActiveDirectory;
                    }
                }
            }
            catch (AuthenticationException)
            {
                return AuthenticationMode.Credentials;
            }
            catch (PrincipalServerDownException)
            {
                return AuthenticationMode.Credentials;
            }
        }
        return AuthenticationMode.Credentials;
    }

    public ADAuthentication (string domainName)
    {            
        if (string.IsNullOrWhiteSpace(domainName))
            throw new InvalidOperationException("The domainName parameter is required.");

        string[] parts = domainName.Split('.');
        this.domainName = parts[0];
        this.container = string.Empty;
        for (int i = 0; i < parts.Length; i++)
        {
            string separator = string.IsNullOrEmpty(container) ? "" : ",";
            this.container += string.Format("{0}DC={1}", separator, parts[i]);
        }
    }                
}