【Vegas原创】实践AD验证!
1.Login.aspx
<table>
<tr>
<td colspan="2" align="center">
<asp:Label id="Label3" runat="server">AD验证技术~</asp:Label>
</td>
</tr>
<TR>
<td>
<asp:Label id="Label1" runat="server">用户名</asp:Label></td>
<td>
<asp:TextBox id="tbxUsrName" runat="server"></asp:TextBox></td>
</TR>
<tr>
<td>
<asp:Label id="Label2" runat="server">密 码</asp:Label></td>
<td>
<asp:TextBox id="tbxUsrPwd" TextMode="Password" runat="server"></asp:TextBox>
</td>
</tr>
<tr>
<td>
<asp:Label id="Label5" runat="server">Domain</asp:Label></td>
<td>
<asp:DropDownList id="DomainList" runat="server" Width="160px">
<asp:ListItem Value="DT">DT</asp:ListItem>
<asp:ListItem Value="DTS" Selected="True">DTS</asp:ListItem>
</asp:DropDownList></td>
</TD></tr>
<tr>
<tr>
<td align="center" colspan="2">
<asp:Button id="BtnLogin" runat="server" Text="登录"></asp:Button>
</td>
</tr>
<TR>
<td colspan="2"><asp:CheckBox id="CheckBox1" runat="server" Text="测试使用"></asp:CheckBox></td>
</TR>
<tr>
<td colspan="2">
<asp:CheckBox id="chkrember" runat="server" Text="记住密码" Enabled="true"></asp:CheckBox></td>
</tr>
</table>
<tr>
<td colspan="2" align="center">
<asp:Label id="Label3" runat="server">AD验证技术~</asp:Label>
</td>
</tr>
<TR>
<td>
<asp:Label id="Label1" runat="server">用户名</asp:Label></td>
<td>
<asp:TextBox id="tbxUsrName" runat="server"></asp:TextBox></td>
</TR>
<tr>
<td>
<asp:Label id="Label2" runat="server">密 码</asp:Label></td>
<td>
<asp:TextBox id="tbxUsrPwd" TextMode="Password" runat="server"></asp:TextBox>
</td>
</tr>
<tr>
<td>
<asp:Label id="Label5" runat="server">Domain</asp:Label></td>
<td>
<asp:DropDownList id="DomainList" runat="server" Width="160px">
<asp:ListItem Value="DT">DT</asp:ListItem>
<asp:ListItem Value="DTS" Selected="True">DTS</asp:ListItem>
</asp:DropDownList></td>
</TD></tr>
<tr>
<tr>
<td align="center" colspan="2">
<asp:Button id="BtnLogin" runat="server" Text="登录"></asp:Button>
</td>
</tr>
<TR>
<td colspan="2"><asp:CheckBox id="CheckBox1" runat="server" Text="测试使用"></asp:CheckBox></td>
</TR>
<tr>
<td colspan="2">
<asp:CheckBox id="chkrember" runat="server" Text="记住密码" Enabled="true"></asp:CheckBox></td>
</tr>
</table>
2.Login.aspx.vb
Imports System.Web.Security
Imports System.Text
Imports System.Text
Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Dim username As String
username = User.Identity.Name.ToString()
If User.Identity.IsAuthenticated() Then
REM 如果用户已经验证
Me.Response.Write("<script>window.location.href('vvv.aspx');</script>>")
End If
If Not Page.IsPostBack Then
If Not Request.Cookies("AD_logonid") Is Nothing Then
'如果已经有logonid信息的cookies存在
tbxUsrName.Text = Request.Cookies("AD_logonid").Value
End If
If Not Request.Cookies("AD_domain") Is Nothing Then
'如果已经有domain信息的cookies存在
DomainList.SelectedIndex = DomainList.Items.IndexOf(DomainList.Items.FindByValue(Request.Cookies("AD_domain").Value.Trim))
End If
End If
REM 设置输入焦点
Dim strBuilder As StringBuilder = New StringBuilder
'从头到尾判断栏位,如果为空,则使焦点在该栏位上
strBuilder.Append("<script type=text/javascript>")
strBuilder.Append(vbCrLf & "function setFocus() {")
strBuilder.Append(vbCrLf & "if (document.getElementById('tbxUsrName').value == '') {")
strBuilder.Append(vbCrLf & "document.getElementById('tbxUsrName').focus();")
strBuilder.Append(vbCrLf & "} else {")
strBuilder.Append(vbCrLf & "document.getElementById('tbxUsrPwd').focus();")
strBuilder.Append(vbCrLf & "}")
strBuilder.Append(vbCrLf & "}")
strBuilder.Append(vbCrLf & "window.onload=setFocus;")
strBuilder.Append(vbCrLf & "</script>")
RegisterClientScriptBlock("Focus", strBuilder.ToString)
End Sub
Dim username As String
username = User.Identity.Name.ToString()
If User.Identity.IsAuthenticated() Then
REM 如果用户已经验证
Me.Response.Write("<script>window.location.href('vvv.aspx');</script>>")
End If
If Not Page.IsPostBack Then
If Not Request.Cookies("AD_logonid") Is Nothing Then
'如果已经有logonid信息的cookies存在
tbxUsrName.Text = Request.Cookies("AD_logonid").Value
End If
If Not Request.Cookies("AD_domain") Is Nothing Then
'如果已经有domain信息的cookies存在
DomainList.SelectedIndex = DomainList.Items.IndexOf(DomainList.Items.FindByValue(Request.Cookies("AD_domain").Value.Trim))
End If
End If
REM 设置输入焦点
Dim strBuilder As StringBuilder = New StringBuilder
'从头到尾判断栏位,如果为空,则使焦点在该栏位上
strBuilder.Append("<script type=text/javascript>")
strBuilder.Append(vbCrLf & "function setFocus() {")
strBuilder.Append(vbCrLf & "if (document.getElementById('tbxUsrName').value == '') {")
strBuilder.Append(vbCrLf & "document.getElementById('tbxUsrName').focus();")
strBuilder.Append(vbCrLf & "} else {")
strBuilder.Append(vbCrLf & "document.getElementById('tbxUsrPwd').focus();")
strBuilder.Append(vbCrLf & "}")
strBuilder.Append(vbCrLf & "}")
strBuilder.Append(vbCrLf & "window.onload=setFocus;")
strBuilder.Append(vbCrLf & "</script>")
RegisterClientScriptBlock("Focus", strBuilder.ToString)
End Sub
Private Sub BtnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles BtnLogin.Click
Dim objData As New clsData
If CheckBox1.Checked = True Then
'如果为测试使用
Response.Cookies("AD_logonid").Value = tbxUsrName.Text.ToLower
Response.Cookies("AD_logonid").Expires = Now.AddDays(7)
Response.Cookies("AD_domain").Value = DomainList.SelectedValue
Response.Cookies("AD_domain").Expires = Now.AddDays(7)
getUser()
FormsAuthentication.SetAuthCookie(tbxUsrName.Text, False)
Response.Redirect("vvv.aspx")
End If
If objData.CheckNTAccount(tbxUsrName.Text, tbxUsrPwd.Text, DomainList.SelectedValue) Then
'如果可以成功登陆,写入cookie并将页面导向到vvv.aspx
getUser()
Response.Cookies("AD_logonid").Value = tbxUsrName.Text.ToLower
Response.Cookies("AD_logonid").Expires = Now.AddDays(7)
Response.Cookies("AD_domain").Value = DomainList.SelectedValue
Response.Cookies("AD_domain").Expires = Now.AddDays(7)
FormsAuthentication.SetAuthCookie(tbxUsrName.Text.ToLower, chkrember.Checked)
Response.Redirect("vvv.aspx")
Else '如果不能成功登陆,显示出错信息
Response.Write("<script type=text/javascript>alert('登入失败,请确认你的帐号密码是否正确!');</script>")
End If
End Sub
Dim objData As New clsData
If CheckBox1.Checked = True Then
'如果为测试使用
Response.Cookies("AD_logonid").Value = tbxUsrName.Text.ToLower
Response.Cookies("AD_logonid").Expires = Now.AddDays(7)
Response.Cookies("AD_domain").Value = DomainList.SelectedValue
Response.Cookies("AD_domain").Expires = Now.AddDays(7)
getUser()
FormsAuthentication.SetAuthCookie(tbxUsrName.Text, False)
Response.Redirect("vvv.aspx")
End If
If objData.CheckNTAccount(tbxUsrName.Text, tbxUsrPwd.Text, DomainList.SelectedValue) Then
'如果可以成功登陆,写入cookie并将页面导向到vvv.aspx
getUser()
Response.Cookies("AD_logonid").Value = tbxUsrName.Text.ToLower
Response.Cookies("AD_logonid").Expires = Now.AddDays(7)
Response.Cookies("AD_domain").Value = DomainList.SelectedValue
Response.Cookies("AD_domain").Expires = Now.AddDays(7)
FormsAuthentication.SetAuthCookie(tbxUsrName.Text.ToLower, chkrember.Checked)
Response.Redirect("vvv.aspx")
Else '如果不能成功登陆,显示出错信息
Response.Write("<script type=text/javascript>alert('登入失败,请确认你的帐号密码是否正确!');</script>")
End If
End Sub
Sub getUser() '获取用户权限
Dim strSQL As String
strSQL = "select * from $$$ where login_name='" & tbxUsrName.Text.Trim & "' and active='Y'"
Dim objClsData As New clsData
Session("emp_no") = objClsData.GetSingleData(strSQL, Nothing)
End Sub
Dim strSQL As String
strSQL = "select * from $$$ where login_name='" & tbxUsrName.Text.Trim & "' and active='Y'"
Dim objClsData As New clsData
Session("emp_no") = objClsData.GetSingleData(strSQL, Nothing)
End Sub
3.vvv.aspx.vb
Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
' Response.Redirect("logout.aspx")
FormsAuthentication.SignOut()
Response.Redirect("login.aspx")
End Sub
' Response.Redirect("logout.aspx")
FormsAuthentication.SignOut()
Response.Redirect("login.aspx")
End Sub
*4.conponent\clsData.vb
Imports System.Data
Imports System.Data.SqlClient
Imports System.DirectoryServices
Public Class clsData
'检查NT帐号
Public Function CheckNTAccount(ByVal UserName As String, ByVal Password As String _
, ByVal Domain As String) As Boolean
Dim Ad As DirectoryEntry
Dim ds As DirectorySearcher
Dim strLDAP As String = ConfigurationSettings.AppSettings("LDAP")
Ad = New DirectoryEntry(strLDAP, Domain & "\" & UserName, Password, AuthenticationTypes.ServerBind)
Try
Dim obj As Object = Ad.NativeObject '检查是否可正常登入
Return True
Catch ex As Exception
Return False
Finally
Ad.Dispose()
End Try
End Function
Public Function GetSingleData(ByVal strSql As String, ByVal params() As SqlParameter) As String
Dim Conn As New SqlConnection(ConfigurationSettings.AppSettings("ConnectionString"))
Dim Comm As SqlCommand
Comm = New SqlCommand(strSql, Conn)
If Not params Is Nothing Then
Dim param As SqlParameter
For Each param In params
Comm.Parameters.Add(param)
Next
End If
Conn.Open()
Dim strValue As String
Try
strValue = Comm.ExecuteScalar().ToString()
Catch ex As Exception
strValue = ""
End Try
Conn.Close()
Conn.Dispose()
Comm.Dispose()
Return strValue
End Function
End Class
Imports System.Data.SqlClient
Imports System.DirectoryServices
Public Class clsData
'检查NT帐号
Public Function CheckNTAccount(ByVal UserName As String, ByVal Password As String _
, ByVal Domain As String) As Boolean
Dim Ad As DirectoryEntry
Dim ds As DirectorySearcher
Dim strLDAP As String = ConfigurationSettings.AppSettings("LDAP")
Ad = New DirectoryEntry(strLDAP, Domain & "\" & UserName, Password, AuthenticationTypes.ServerBind)
Try
Dim obj As Object = Ad.NativeObject '检查是否可正常登入
Return True
Catch ex As Exception
Return False
Finally
Ad.Dispose()
End Try
End Function
Public Function GetSingleData(ByVal strSql As String, ByVal params() As SqlParameter) As String
Dim Conn As New SqlConnection(ConfigurationSettings.AppSettings("ConnectionString"))
Dim Comm As SqlCommand
Comm = New SqlCommand(strSql, Conn)
If Not params Is Nothing Then
Dim param As SqlParameter
For Each param In params
Comm.Parameters.Add(param)
Next
End If
Conn.Open()
Dim strValue As String
Try
strValue = Comm.ExecuteScalar().ToString()
Catch ex As Exception
strValue = ""
End Try
Conn.Close()
Conn.Dispose()
Comm.Dispose()
Return strValue
End Function
End Class
****web.config
<authentication mode="Forms" />
<!-- 授权
此节设置应用程序的授权策略。可以允许或拒绝不同的用户或角色访问
应用程序资源。通配符: "*" 表示任何人,"?" 表示匿名
(未经身份验证的)用户。
-->
<authorization>
<deny users="?"/><!-- 允许所有用户 -->
<!-- <allow users="[逗号分隔的用户列表]"
roles="[逗号分隔的角色列表]"/>
<deny users="[逗号分隔的用户列表]"
roles="[逗号分隔的角色列表]"/>
-->
</authorization>
<!-- 授权
此节设置应用程序的授权策略。可以允许或拒绝不同的用户或角色访问
应用程序资源。通配符: "*" 表示任何人,"?" 表示匿名
(未经身份验证的)用户。
-->
<authorization>
<deny users="?"/><!-- 允许所有用户 -->
<!-- <allow users="[逗号分隔的用户列表]"
roles="[逗号分隔的角色列表]"/>
<deny users="[逗号分隔的用户列表]"
roles="[逗号分隔的角色列表]"/>
-->
</authorization>
</system.web>
<appSettings>
<add key="ConnectionString" value="Server=;Database=;UID=;PWD="/>
<add key="LDAP" value="LDAP://域服务器:389/DC=a,DC=b,DC=com"/>
</appSettings>
<appSettings>
<add key="ConnectionString" value="Server=;Database=;UID=;PWD="/>
<add key="LDAP" value="LDAP://域服务器:389/DC=a,DC=b,DC=com"/>
</appSettings>
喜欢请赞赏一下啦^_^