Asp.net 2.0 Login Controls that Authenticate NetworkUserName & NetworkPassword

[wardemon]

Hi,
I was wondering if there are any samples that uses the new ASP2.0
Login Controls which authenticates NetworkUserName / DomainName /
NetworkPassword ?
Both on workstation and actual network domain environment.

Thanks,
Henry

 

[wardemon]

Hello all,
I tried using Windows ThickClient style to authenticate, but it
doesn't work.
Any clues on how to do this?

Regards,
Henry

Code Behind
==========
public void btnAuthenticate_OnClick(object sender, EventArgs e)
{
WikiTech.clsSecurity clsSecurityInst = new
WikiTech.clsSecurity();
if (clsSecurityInst.AuthenticateNetworkUserID(tbxUserID.Text,
tbxPassword.Text, tbxDomain.Text) == true)
{
lblResult.Text = "Good";
}
else
{
lblResult.Text = "Failed";
}
}

Class
=======================
namespace WikiTech
{
public class clsSecurity
{
private bool bolAuthenticated = false;

[DllImport("advapi32.dll")]
static extern IntPtr LogonUser(string lpszUsername, string
lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider,
IntPtr phToken);

[DllImport("advapi32.dll")]
static extern Int32 ImpersonateLoggedOnUser(IntPtr hToken);

[DllImport("advapi32.dll")]
static extern Int32 RevertToSelf();

private bool ImpersonateValidUser(string Username, string
Domain, string Password)
{
int LogonType = 2; // Interactive
int LogonProvider = 0; // Default Provider
IntPtr Token = (IntPtr)0;
IntPtr Ret = (IntPtr)0;
bool bolReturnValue = false;

Ret = LogonUser(Username, Domain, Password, LogonType,
LogonProvider, Token);
if ((Convert.ToInt32(Ret) != 0))
{
bolReturnValue = (ImpersonateLoggedOnUser(Token) != 0);
return bolReturnValue;
}
else
{
return bolReturnValue;
}
}

private void UndoImpersonation()
{
RevertToSelf();
}

public bool AuthenticateNetworkUserID(string strUserID, string
strPassword, string strDomain)
{
if ((ImpersonateValidUser(strUserID, strDomain,
strPassword) == true))
{
UndoImpersonation();
return true;
}
else
{
return false;
}
}
}

Error Message:
Error at Line: Ret = LogonUser(Username, Domain, Password, LogonType,
LogonProvider, Token);
=======================
Attempted to read or write protected memory. This is often an
indication that other memory is corrupt.

Exception Detail:
=======================
System.AccessViolationException was unhandled by user code
Message="Attempted to read or write protected memory. This is often
an indication that other memory is corrupt."
Source="App_Code.lc4fcmd1"
StackTrace:
at WikiTech.clsSecurity.LogonUser(String lpszUsername, String
lpszDomain, String lpszPassword, Int32 dwLogonType, Int32
dwLogonProvider, IntPtr phToken)
at WikiTech.clsSecurity.ImpersonateValidUser(String Username,
String Domain, String Password) in c:\Documents and Settings\FELIX\My
Documents\Visual Studio
2005\WebSites\WikiTech\App_Code\clsWikiTech.cs:line 1035
at WikiTech.clsSecurity.AuthenticateNetworkUserID(String
strUserID, String strPassword, String strDomain) in c:\Documents and
Settings\FELIX\My Documents\Visual Studio
2005\WebSites\WikiTech\App_Code\clsWikiTech.cs:line 1054
at Aspx_Data_WikiTech_Cms_login.btnAuthenticate_OnClick(Object
sender, EventArgs e) in c:\Documents and Settings\FELIX\My
Documents\Visual Studio
2005\WebSites\WikiTech\Aspx_Data\WikiTech_Cms\login.aspx.cs:line 22
at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
at System.Web.UI.WebControls.Button.RaisePostBackEvent(String
eventArgument)
at
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String
eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection
postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)


WebConfig
=======================
<authentication mode="Windows"/>

 

[Dominick Baier]

What are you trying to do?
-----
Dominick Baier (http://www.leastprivilege.com)

Hello all,
I tried using Windows ThickClient style to authenticate, but it
doesn't work.
Any clues on how to do this?

Regards,
Henry
Code Behind
==========
public void btnAuthenticate_OnClick(object sender, EventArgs e)
{
WikiTech.clsSecurity clsSecurityInst = new
WikiTech.clsSecurity();
if (clsSecurityInst.AuthenticateNetworkUserID(tbxUserID.Text,
tbxPassword.Text, tbxDomain.Text) == true)
{
lblResult.Text = "Good";
}
else
{
lblResult.Text = "Failed";
}
}
Class
=======================
namespace WikiTech
{
public class clsSecurity
{
private bool bolAuthenticated = false;
[DllImport("advapi32.dll")]
static extern IntPtr LogonUser(string lpszUsername, string
lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider,
IntPtr phToken);

[DllImport("advapi32.dll")]
static extern Int32 ImpersonateLoggedOnUser(IntPtr hToken);
[DllImport("advapi32.dll")]
static extern Int32 RevertToSelf();
private bool ImpersonateValidUser(string Username, string
Domain, string Password)
{
int LogonType = 2; // Interactive
int LogonProvider = 0; // Default Provider
IntPtr Token = (IntPtr)0;
IntPtr Ret = (IntPtr)0;
bool bolReturnValue = false;
Ret = LogonUser(Username, Domain, Password, LogonType,
LogonProvider, Token);
if ((Convert.ToInt32(Ret) != 0))
{
bolReturnValue = (ImpersonateLoggedOnUser(Token) !=
0);
return bolReturnValue;
}
else
{
return bolReturnValue;
}
}
private void UndoImpersonation()
{
RevertToSelf();
}
public bool AuthenticateNetworkUserID(string strUserID, string
strPassword, string strDomain)
{
if ((ImpersonateValidUser(strUserID, strDomain,
strPassword) == true))
{
UndoImpersonation();
return true;
}
else
{
return false;
}
}
}
Error Message:
Error at Line: Ret = LogonUser(Username, Domain, Password, LogonType,
LogonProvider, Token);
=======================
Attempted to read or write protected memory. This is often an
indication that other memory is corrupt.
Exception Detail:
=======================
System.AccessViolationException was unhandled by user code
Message="Attempted to read or write protected memory. This is often
an indication that other memory is corrupt."
Source="App_Code.lc4fcmd1"
StackTrace:
at WikiTech.clsSecurity.LogonUser(String lpszUsername, String
lpszDomain, String lpszPassword, Int32 dwLogonType, Int32
dwLogonProvider, IntPtr phToken)
at WikiTech.clsSecurity.ImpersonateValidUser(String Username,
String Domain, String Password) in c:\Documents and Settings\FELIX\My
Documents\Visual Studio
2005\WebSites\WikiTech\App_Code\clsWikiTech.cs:line 1035
at WikiTech.clsSecurity.AuthenticateNetworkUserID(String
strUserID, String strPassword, String strDomain) in c:\Documents and
Settings\FELIX\My Documents\Visual Studio
2005\WebSites\WikiTech\App_Code\clsWikiTech.cs:line 1054
at Aspx_Data_WikiTech_Cms_login.btnAuthenticate_OnClick(Object
sender, EventArgs e) in c:\Documents and Settings\FELIX\My
Documents\Visual Studio
2005\WebSites\WikiTech\Aspx_Data\WikiTech_Cms\login.aspx.cs:line 22
at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
at System.Web.UI.WebControls.Button.RaisePostBackEvent(String
eventArgument)
at
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.R
aisePostBackEvent(String
eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection
postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
WebConfig
=======================
<authentication mode="Windows"/>