【Vegas原创】实践AD验证!



1.Login.aspx

<table>
                
<tr>
                    
<td colspan="2" align="center">
                        
<asp:Label id="Label3" runat="server">AD验证技术~</asp:Label>
                    
</td>
                
</tr>
                
<TR>
                    
<td>
                        
<asp:Label id="Label1" runat="server">用户名</asp:Label></td>
                    
<td>
                        
<asp:TextBox id="tbxUsrName" runat="server"></asp:TextBox></td>
                
</TR>
                
<tr>
                    
<td>
                        
<asp:Label id="Label2" runat="server">密 码</asp:Label></td>
                    
<td>
                        
<asp:TextBox id="tbxUsrPwd" TextMode="Password" runat="server"></asp:TextBox>
                    
</td>
                
</tr>
                
<tr>
                    
<td>
                        
<asp:Label id="Label5" runat="server">Domain</asp:Label></td>
                    
<td>
                        
<asp:DropDownList id="DomainList" runat="server" Width="160px">
                            
<asp:ListItem Value="DT">DT</asp:ListItem>
                            
<asp:ListItem Value="DTS" Selected="True">DTS</asp:ListItem>
                        
</asp:DropDownList></td>
                    
</TD></tr>
                
<tr>
                
<tr>
                    
<td align="center" colspan="2">
                        
<asp:Button id="BtnLogin" runat="server" Text="登录"></asp:Button>
                    
</td>
                
</tr>
                
<TR>
                    
<td colspan="2"><asp:CheckBox id="CheckBox1" runat="server" Text="测试使用"></asp:CheckBox></td>
                
</TR>
                
<tr>
                    
<td colspan="2">
                        
<asp:CheckBox id="chkrember" runat="server" Text="记住密码" Enabled="true"></asp:CheckBox></td>
                
</tr>
            
</table>



2.Login.aspx.vb

Imports System.Web.Security
Imports System.Text

 

Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        
Dim username As String
        username 
= User.Identity.Name.ToString()
        
If User.Identity.IsAuthenticated() Then
            
REM 如果用户已经验证
            Me.Response.Write("<script>window.location.href('vvv.aspx');</script>>")
        
End If

        
If Not Page.IsPostBack Then
            
If Not Request.Cookies("AD_logonid"Is Nothing Then
                
'如果已经有logonid信息的cookies存在
                tbxUsrName.Text = Request.Cookies("AD_logonid").Value
            
End If

            
If Not Request.Cookies("AD_domain"Is Nothing Then
                
'如果已经有domain信息的cookies存在
                DomainList.SelectedIndex = DomainList.Items.IndexOf(DomainList.Items.FindByValue(Request.Cookies("AD_domain").Value.Trim))
            
End If
        
End If

        
REM 设置输入焦点
        Dim strBuilder As StringBuilder = New StringBuilder
        
'从头到尾判断栏位,如果为空,则使焦点在该栏位上
        strBuilder.Append("<script type=text/javascript>")
        strBuilder.Append(vbCrLf 
& "function setFocus() {")
        strBuilder.Append(vbCrLf 
& "if (document.getElementById('tbxUsrName').value == '') {")
        strBuilder.Append(vbCrLf 
& "document.getElementById('tbxUsrName').focus();")
        strBuilder.Append(vbCrLf 
& "} else {")
        strBuilder.Append(vbCrLf 
& "document.getElementById('tbxUsrPwd').focus();")
        strBuilder.Append(vbCrLf 
& "}")
        strBuilder.Append(vbCrLf 
& "}")
        strBuilder.Append(vbCrLf 
& "window.onload=setFocus;")
        strBuilder.Append(vbCrLf 
& "</script>")
        RegisterClientScriptBlock(
"Focus", strBuilder.ToString)

    
End Sub

 

    Private Sub BtnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles BtnLogin.Click
        
Dim objData As New clsData

        
If CheckBox1.Checked = True Then
            
'如果为测试使用

            Response.Cookies(
"AD_logonid").Value = tbxUsrName.Text.ToLower
            Response.Cookies(
"AD_logonid").Expires = Now.AddDays(7)

            Response.Cookies(
"AD_domain").Value = DomainList.SelectedValue
            Response.Cookies(
"AD_domain").Expires = Now.AddDays(7)
            getUser()
            FormsAuthentication.SetAuthCookie(tbxUsrName.Text, 
False)

            Response.Redirect(
"vvv.aspx")
        
End If

        
If objData.CheckNTAccount(tbxUsrName.Text, tbxUsrPwd.Text, DomainList.SelectedValue) Then
            
'如果可以成功登陆,写入cookie并将页面导向到vvv.aspx
            getUser()
            Response.Cookies(
"AD_logonid").Value = tbxUsrName.Text.ToLower
            Response.Cookies(
"AD_logonid").Expires = Now.AddDays(7)
            Response.Cookies(
"AD_domain").Value = DomainList.SelectedValue
            Response.Cookies(
"AD_domain").Expires = Now.AddDays(7)
            FormsAuthentication.SetAuthCookie(tbxUsrName.Text.ToLower, chkrember.Checked)
            Response.Redirect(
"vvv.aspx")

        
Else '如果不能成功登陆,显示出错信息
            Response.Write("<script type=text/javascript>alert('登入失败,请确认你的帐号密码是否正确!');</script>")
        
End If
    
End Sub

 

    Sub getUser()    '获取用户权限
        Dim strSQL As String
        strSQL 
= "select * from $$$ where login_name='" & tbxUsrName.Text.Trim & "' and active='Y'"
        
Dim objClsData As New clsData
        Session(
"emp_no"= objClsData.GetSingleData(strSQL, Nothing)
    
End Sub


3.vvv.aspx.vb

   Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
        
' Response.Redirect("logout.aspx")
        FormsAuthentication.SignOut()
        Response.Redirect(
"login.aspx")
    
End Sub


*4.conponent\clsData.vb

Imports System.Data
Imports System.Data.SqlClient
Imports System.DirectoryServices

Public Class clsData

    
'检查NT帐号
    Public Function CheckNTAccount(ByVal UserName As StringByVal Password As String _
                    , 
ByVal Domain As StringAs Boolean

        
Dim Ad As DirectoryEntry
        
Dim ds As DirectorySearcher
        
Dim strLDAP As String = ConfigurationSettings.AppSettings("LDAP")

        Ad 
= New DirectoryEntry(strLDAP, Domain & "\" & UserName, Password, AuthenticationTypes.ServerBind)

        
Try
            
Dim obj As Object = Ad.NativeObject '检查是否可正常登入
            Return True
        
Catch ex As Exception
            
Return False
        
Finally
            Ad.Dispose()
        
End Try

    
End Function

    
Public Function GetSingleData(ByVal strSql As StringByVal params() As SqlParameter) As String
        
Dim Conn As New SqlConnection(ConfigurationSettings.AppSettings("ConnectionString"))
        
Dim Comm As SqlCommand
        Comm 
= New SqlCommand(strSql, Conn)

        
If Not params Is Nothing Then
            
Dim param As SqlParameter
            
For Each param In params
                Comm.Parameters.Add(param)
            
Next
        
End If
        Conn.Open()

        
Dim strValue As String
        
Try
            strValue 
= Comm.ExecuteScalar().ToString()
        
Catch ex As Exception
            strValue 
= ""
        
End Try

        Conn.Close()
        Conn.Dispose()
        Comm.Dispose()

        
Return strValue

    
End Function
End Class


****web.config

    <authentication mode="Forms" /> 


    
<!--  授权 
           此节设置应用程序的授权策略。可以允许或拒绝不同的用户或角色访问
          应用程序资源。通配符: "*" 表示任何人,"?" 表示匿名
          (未经身份验证的)用户。
    
-->
    
<authorization>
           
<deny users="?"/><!-- 允许所有用户 -->

            
<!--  <allow     users="[逗号分隔的用户列表]"
                             roles="[逗号分隔的角色列表]"/>
                  <deny      users="[逗号分隔的用户列表]"
                             roles="[逗号分隔的角色列表]"/>
            
-->
    
</authorization>



  </system.web>
<appSettings>
<add key="ConnectionString" value="Server=;Database=;UID=;PWD="/>

<add key="LDAP" value="LDAP://域服务器:389/DC=a,DC=b,DC=com"/>
</appSettings>




posted @ 2006-11-22 20:44  李济宏(Amadeus)  阅读(226)  评论(0编辑  收藏  举报