I have a webform application in C# using SSO (Single Sign On). The Admin have to register the email account from a user and once a user has been registered to the database they can sign in into the app with their SSO Password.
My problem here is once they can enter to the site i want to get their role and their organization location code.
I have store their username in session.
Their username (their username is their email) stored in database sec_user.
Their location and role stored in database sec_role table.
<pre lang="c#">
string path = "LDAP://kemenkeu.go.id";
public string HakAkses
{
get { return (string)Session["HakAkses"]; }
set { Session["HakAkses"] = value; }
}
public bool AuthenticateUser(string path, string user, string pass)
{
DirectoryEntry de = new DirectoryEntry(path, user, pass, AuthenticationTypes.Secure);
try
{
DirectorySearcher ds = new DirectorySearcher(de);
ds.FindOne();
return true;
}
catch
{
return false;
}
}
protected void btn_entrance_Click(object sender, EventArgs e)
{
if (AuthenticateUser(path, txt_username.Text, txt_password.Text) == true)
{
string CS = ConfigurationManager.ConnectionStrings["nikita_app"].ConnectionString;
using (SqlConnection sfe = new SqlConnection(CS))
{
using (SqlCommand cbn = new SqlCommand("xp_otorisasi_user", sfe))
{
cbn.CommandType = CommandType.StoredProcedure;
SqlParameter paramUsername = new SqlParameter("@user_email", txt_username.Text);
cbn.Parameters.Add(paramUsername);
sfe.Open();
int returnCode = (int)cbn.ExecuteScalar();
if (returnCode == 1)
{
Response.Redirect("accueil.aspx");
Session["userid"] = txt_username.Text;
}
else
{
lbl_info.Text = "Daftarkan Terlebih Dahulu Username Anda ke Admin PK";
}
}
}
}
else
{
lbl_info.Text = "Username/Password anda salah";
}
}
This is my c# code and here is my stored procedure
CREATE PROCEDURE [dbo].[xp_otorisasi_user]
@user_email varchar(60)
AS
BEGIN
DECLARE @Count AS INT
SELECT @Count = COUNT (user_email) from sec_user
WHERE [user_email]=@user_email
IF(@Count=1)
BEGIN
SELECT 1 AS ReturnCode
END
ELSE
BEGIN
SELECT -1 AS ReturnCode
END
END
I want to querying userrole and userlocation from database
and retrieve them in session (in asp.net page)
What I have tried:
I have try make select inside
IF(@Count=1)
BEGIN
SELECT user_role, user_location FROM sec_role WHERE user_email=@user_email
SELECT 1 AS ReturnCode
END
But i dont know whow to retrieve the user_role and user_location that have been selected to my asp.net web page