How to Implement Active Directory Authentication in ASP.NET Web API Through Forms?

Question

0.00/5 (No votes)

See more:

I've been reading a lot of guides/articles but haven't found one yet that does exactly what I want... that is to implement Active Directory Authentication in an ASP.NET Web API through forms.

Something like on this guide:

Cool MVC 5 guide to implement authentication with Active Directory

Which is very good but it's for MVC, i.e., it uses a Controller not an ApiController

Can someone please give me hints/tips/articles on how to start? Especially about the part that connects to the active directory. I've been stuck on this for a while.

UPDATE:

C#

public bool IsAuthenticatedUser(string srvr, string usr, string password)
       {
           bool authenticated = false;

           try {
               DirectoryEntry entry = new DirectoryEntry(srvr, usr, password);
               object nativeObject = entry.NativeObject;
               Object obj = entry.NativeObject;
               authenticated = true;
           }
           catch {
               throw new HttpResponseException(HttpStatusCode.Unauthorized);
           }
           return authenticated;
       }

       // POST: api/Login
       public void Post([FromBody]string username, [FromBody]string password)
       {
           if (IsAuthenticatedUser("LDAP string", username, password))
           {
               Redirect("Index");
           }
           else
           {
               throw new HttpResponseException(HttpStatusCode.Unauthorized);
           }
       }

I was thinking of trying something like this for the authentication, your thoughts?

Posted 27-Mar-15 1:53am

varmartins

Updated 30-Mar-15 23:56pm

v3

Add a Solution

Comments

F-ES Sitecore 27-Mar-15 8:03am

A web API doesn't have forms, you might need to expand a bit on what you're looking to do. Also the article you posted explains how to connect to AD also, so what exactly are you having problems with as it seems you already have access to the solution?

varmartins 27-Mar-15 8:10am

The problem is I want to call the api from the frontend which is being done with Ember.js so I would want for it to receive the data (username and password) check it against the active directory and return if the user exists and his group of permissions

F-ES Sitecore 27-Mar-15 8:59am

Just do a normal form submission the way you would with any form, then on the click event of the login button use the "if (Membership.ValidateUser(model.UserName, model.Password))" code - except your username and password comes from txtUsername.Text and txtPassword.Text rather than model.UserName etc.

varmartins 27-Mar-15 11:03am

And where would i save the response (authorization group) so that I could access from the frontend?

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sherif Barakat · Answer 1 · 2015-03-30T00:32:00

// Add 3 references to your project
System.DirectoryService
System.DirectoryService.Protocols
System.DirectoryService.AccountManagement

// create a bool method

public bool IsAuthenticatedUser(string srvr, string usr, string password)
{
bool authenticated = false;
try
{
DirectoryEntry entry = new DirectoryEntry(srvr, usr, password);
object nativeObject = entry.NativeObject;
Object obj = entry.NativeObject;
authenticated = true;
}
catch
{
// LableError.Text = "Invalid UserName";
}
return authenticated;
}

// Then put this code inside the login button

protected void login_Click(object sender, EventArgs e)
{
if (IsAuthenticatedUser("", "YourADName\\" + UserNameText.Text,PasswordText.Text))
{
// Do something such as redirect somewhere
}
else
{

errorMessage.Text = "Invalid User";
}

}