Click here to Skip to main content
11,639,178 members (68,822 online)
Click here to Skip to main content

Web-based Active Directory Login

, 9 Oct 2003 282.8K 7.8K 57
Rate this:
Please Sign up or sign in to vote.
Web-based Active Directory Login

Overview

Web-based Active Directory Login implements central sign-on system for web-based applications. It was developed to eliminate maintenance of user passwords in database, whether encrypted or not. A user running application from desktop enjoys liberty to access resources and/or services on the network which he has permission to do from Windows. On the other hand, web-based applications run in a security context entirely different from that of a desktop application. Same user while running application from browser will not have such liberty. This was the problem when I tried to login using my n/w user name and password maintained in Active Directory through web. Ultimately it was overcome by impersonating the web server anonymous user which in most cases is IUSR_machinename.

Using the code

Below is a brief description of how to use the code.

There are two class files

  1. LoginAdmin
  2. prjLogin

LoginAdmin is an ActiveX DLL type project and contains a standard module and a class module. The ImpersonateUser class has two methods which you will be using in your ASP code.

' create an object of ImpersonateUser class
 Set objLogon = Server.CreateObject("LoginAdmin.ImpersonateUser")
 
' any domain user who has rights to access active directory
 objLogon.Logon "user id", "password", "domain name"

 objLogon.Logoff
 Set objLogon = Nothing

These are the methods of the class ImpersonateUser and their description:

Method Description
Logon(strUser, strPassword, strDomain) This method should be called before sending request to active directory. The user should be a valid domain user with at least read permissions of active directory. You can keep this user in a database or hardcode it's userid and password in the ASP script.
LogOff() This method must be called after accessing info from Active Directory in order for IIS to revert security permissions of the particular file

prjLogin is also an ActiveX DLL type project and contains only a class module. It uses references to Active DS type library. The clsDomainLogin class has one method with three parameters user name, password and domain.

' create an object of clsDomainLogin class
 Set oUser = Server.CreateObject("prjLogin.clsDomainLogin")

' BindObject has three parameters userid, password and domain name
 iResult = oUser.BindObject(strUser, strPassword, strDomain)

Below is a method of the class clsDomainLogin and its description:

Method Description
BindObject(strUser, strPassword, strDomain) This method should be called while authenticating from Active Directory. It returns 1 when successful and 0 when unsuccessful

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Share

About the Author

Faisal Haroon
Web Developer The Shams Group
Pakistan Pakistan
Faisal is Senior Team Lead at The Shams Group, Karachi. He has 10+ years of experience in the field of software/ web development and infrastructure management.
He has worked on various tools and platform which includes VB, ASP, ASP.NET, Javascript, COM/COM+, SQL Server, Informix, Active Directory, UNIX/Solaris, WSH, Windows NT/ 2000 servers, RADIUS, SMTP, POP, IMAP etc.
He likes to watch movies, hangs out with friends and loves to make new friends.

You may also be interested in...

Comments and Discussions

 
QuestionNeed dll file Pin
Member 1037249531-Oct-13 21:48
memberMember 1037249531-Oct-13 21:48 
Questionquery regarding active diretory Pin
ketan italiya28-Jul-13 19:59
professionalketan italiya28-Jul-13 19:59 
AnswerRe: query regarding active diretory Pin
Faisal Haroon1-Aug-13 14:00
memberFaisal Haroon1-Aug-13 14:00 
GeneralRe: query regarding active diretory Pin
ketan italiya1-Aug-13 18:51
professionalketan italiya1-Aug-13 18:51 
GeneralMy vote of 5 Pin
ketan italiya28-Jul-13 19:28
professionalketan italiya28-Jul-13 19:28 
QuestionDoesn't actually check the username/password at all Pin
Kendo27-Feb-13 15:36
memberKendo27-Feb-13 15:36 
QuestionCan you help me!!! Pin
Sawan19-Oct-11 4:48
memberSawan19-Oct-11 4:48 
GeneralThank you VERY much !!! Pin
aurelian6514-Apr-11 0:56
memberaurelian6514-Apr-11 0:56 
GeneralOnly look in certain Active Directory OU Pin
mmora571810-Sep-10 10:14
membermmora571810-Sep-10 10:14 
QuestionWhy only 1 wrong password try locks out my Network ID? Pin
Red Valdez16-Jun-09 23:42
memberRed Valdez16-Jun-09 23:42 
GeneralASPX Web-based Active Directory Login problem Pin
ra2ak8-May-09 0:35
memberra2ak8-May-09 0:35 
GeneralRe: ASPX Web-based Active Directory Login problem Pin
Red Valdez16-Jun-09 23:40
memberRed Valdez16-Jun-09 23:40 
GeneralLogin success / bad password, when using no un / pw or a correct un / pw Pin
graeme thompson23-Apr-09 2:37
membergraeme thompson23-Apr-09 2:37 
GeneralRe: Login success / bad password, when using no un / pw or a correct un / pw Pin
aurelian6514-Apr-11 1:04
memberaurelian6514-Apr-11 1:04 
For the case of empty username, add this piece of code:

		strUser = Request("oUser")
		If Len(strUser)=0 Then
			' replace the empty string with a username that doesn't exist in the AD
			strUser = "no_name"
		End If
		strPassword = Request("oPassword")

or, you could do a better solution: if the strUser is empty, then do not check the AD for Login (do not call BindObject).
GeneralFANTASTIC. THANK YOU!!! Pin
dickpacific13-Feb-09 7:31
memberdickpacific13-Feb-09 7:31 
GeneralWorks perfect in WINXP Web Server but won't work with WINDOWS 2003 64-bit machine Pin
Member 318471415-Jul-08 3:19
memberMember 318471415-Jul-08 3:19 
GeneralRe: Works perfect in WINXP Web Server but won't work with WINDOWS 2003 64-bit machine Pin
Faisal Haroon29-Jul-08 6:32
memberFaisal Haroon29-Jul-08 6:32 
GeneralRe: Works perfect in WINXP Web Server but won't work with WINDOWS 2003 64-bit machine Pin
Red Valdez17-Feb-09 23:00
memberRed Valdez17-Feb-09 23:00 
QuestionHow to use functions in dynamic stored procedures Pin
sanjeev Kumar Gupta7-Aug-07 23:40
membersanjeev Kumar Gupta7-Aug-07 23:40 
Generallogon failed to active directory with ASP Pin
fernandoariel25-Apr-07 9:01
memberfernandoariel25-Apr-07 9:01 
GeneralRe: logon failed to active directory with ASP Pin
aurelian6514-Apr-11 1:06
memberaurelian6514-Apr-11 1:06 
GeneralImpersonateUser in IIS6.0 Pin
Augusto Ortiz15-Mar-07 13:33
memberAugusto Ortiz15-Mar-07 13:33 
GeneralNo changes and 529 errors Pin
Member #383349215-Feb-07 8:33
memberMember #383349215-Feb-07 8:33 
QuestionVS 2005 ASP.NET error Pin
Peter Grigg4-Sep-06 19:26
memberPeter Grigg4-Sep-06 19:26 
AnswerRe: VS 2005 ASP.NET error Pin
Faisal Haroon2-Nov-06 3:45
memberFaisal Haroon2-Nov-06 3:45 
GeneralPorts and Protocols Pin
Ricardo Gimenez4-Sep-06 7:33
memberRicardo Gimenez4-Sep-06 7:33 
QuestionThis is fantastic code but i need help!!! Pin
jasinthebasin2-Aug-06 23:59
memberjasinthebasin2-Aug-06 23:59 
AnswerRe: This is fantastic code but i need help!!! Pin
Faisal Haroon16-Aug-06 1:09
memberFaisal Haroon16-Aug-06 1:09 
Questionthis is an amazing code [modified] Pin
cnean27-Jun-06 6:18
membercnean27-Jun-06 6:18 
QuestionRe: this is an amazing code Pin
Faisal Haroon5-Jul-06 6:19
memberFaisal Haroon5-Jul-06 6:19 
GeneralReturn Variable if Disabled Pin
iceman221019-Jun-06 8:53
membericeman221019-Jun-06 8:53 
Generalvery important problem,please help: [modified] Pin
mozi485-Jun-06 22:57
membermozi485-Jun-06 22:57 
AnswerRe: very important problem,please help: Pin
Faisal Haroon19-Jun-06 11:12
memberFaisal Haroon19-Jun-06 11:12 
GeneralAlways bad password Pin
jjasper072916-May-06 5:27
memberjjasper072916-May-06 5:27 
AnswerRe: Always bad password Pin
Faisal Haroon19-Jun-06 11:20
memberFaisal Haroon19-Jun-06 11:20 
Questionproblem Pin
melissa7826-Apr-06 1:24
membermelissa7826-Apr-06 1:24 
AnswerRe: problem Pin
Faisal Haroon30-Apr-06 10:55
memberFaisal Haroon30-Apr-06 10:55 
GeneralI got an error, please help me Pin
t20amarin19-Apr-06 20:53
membert20amarin19-Apr-06 20:53 
GeneralRe: I got an error, please help me Pin
Faisal Haroon30-Apr-06 11:35
memberFaisal Haroon30-Apr-06 11:35 
GeneralLogin Pin
c1ph37-Mar-06 9:42
memberc1ph37-Mar-06 9:42 
GeneralRe: Login Pin
Faisal Haroon2-May-06 6:07
memberFaisal Haroon2-May-06 6:07 
GeneralLogin Fix and Side Question Pin
mmarx8227-Feb-06 7:24
membermmarx8227-Feb-06 7:24 
GeneralRe: Login Fix and Side Question Pin
mmora57188-Sep-10 10:31
membermmora57188-Sep-10 10:31 
GeneralRe: Login Fix and Side Question Pin
mmarx8210-Sep-10 3:22
membermmarx8210-Sep-10 3:22 
GeneralRe: Login Fix and Side Question Pin
mmora571810-Sep-10 10:13
membermmora571810-Sep-10 10:13 
GeneralQuetion about : Web-based Active Directory Login Pin
Sidhi_OK3-Feb-06 22:03
memberSidhi_OK3-Feb-06 22:03 
GeneralQuestion Pin
kickone16-Oct-05 15:18
memberkickone16-Oct-05 15:18 
GeneralLogin problem Pin
bamboo615-Sep-05 17:28
memberbamboo615-Sep-05 17:28 
GeneralLogoff Pin
chrishealey29-Jun-05 5:05
susschrishealey29-Jun-05 5:05 
GeneralRe: Logoff Pin
Faisal Haroon7-Jul-05 0:14
memberFaisal Haroon7-Jul-05 0:14 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web03 | 2.8.150728.1 | Last Updated 10 Oct 2003
Article Copyright 2003 by Faisal Haroon
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid