ASP page to authenticate username and password with active directory

Discussion in 'ASP General' started by Joeri KUMBRUCK, Aug 30, 2004.

  1. Hello,

    I'm trying to create an ASP page where users can type in a username
    and password, and these credential should be checked with active
    directory. If username and password are correct, the script will
    continue to run otherwise it will stop. Below you will find my code
    I've programmed until now, at this moment I've got one big problem:
    my script stops at the line:
    Set oRootDSE = GetObject("LDAP://RootDSE")
    Why is this GetObject thing giving so much problems and is there a
    way to let it work? Maybe there are already scripts available to do
    the same thing, anyway, all help is welcome. Here comes the code:

    <html>

    <head>
    <meta http-equiv="Content-Language" content="nl-be">
    <meta http-equiv="Content-Type" content="text/html;
    charset=windows-1252">
    <meta name="GENERATOR" content="Microsoft FrontPage 4.0">
    <meta name="ProgId" content="FrontPage.Editor.Document">
    <title>username</title>
    </head>

    <body>
    <SCRIPT LANGUAGE=VBScript>

    <!--

    Option Explicit

    Dim bValid
    Dim oRootDSE
    Dim oDSObj
    Dim oAuth
    Dim szNamingContext
    Const ADS_SECURE_AUTHENTICATION=1
    Dim szUserId, szPasswd
    Sub B1_OnClick

    bValid = True

    Call CheckField(document.form1.username.Value, "Please enter a
    value in the field.")
    Call CheckField(document.form1.password.Value, "Please enter a
    value in the field.")
    If bValid Then

    szUserId = document.form1.username.value
    szPasswd = document.form1.password.value


    ' Retrieve the current domain
    Set oRootDSE = GetObject("LDAP://RootDSE")

    szNamingContext = oRootDSE.Get("defaultNamingContext")
    ' Validate against the namespace
    Set oDSObj = GetObject("LDAP:")
    Set oAuth = oDSObj.OpenDSObject("LDAP://" & szNamingContext, _
    szUserId, szPasswd, ADS_SECURE_AUTHENTICATION)

    ' User authenticated if we get here
    bAuthenticateUser = True


    End If

    End Sub

    Sub CheckField(ByVal strFieldValue, ByVal strMessage)

    If strFieldValue = "" Then

    MsgBox strMessage, 0

    bValid = False

    End If

    End Sub

    -->

    </Script>

    <FORM NAME="form1">
    <p>&nbsp;</p>
    <p align="center">username: <input type="text" name="username"
    size="20"></p>
    <p align="center">password: <input type="password" name="password"
    size="20"></p>
    <p>&nbsp;</p>
    <p align="center">&nbsp;&nbsp;
    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input
    type="submit" value="Submit"
    name="B1">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

    <input type="reset" value="Reset" name="B2"></p>
    </form>



    </body>

    </html>
     
    Joeri KUMBRUCK, Aug 30, 2004
    #1
    1. Advertising

  2. "Joeri KUMBRUCK" <> wrote in message
    news:...
    > Hello,
    >
    > I'm trying to create an ASP page where users can type in a username
    > and password, and these credential should be checked with active
    > directory.


    Here's the one I use:

    authad.asp
    <html>
    <head>
    </head>
    <body>
    <form action=authad.asp method=post>
    Username: <input type=text name=strUserName><br>
    Password: <input type=password name=strPassword><br>
    <input type=submit name=btnSubmit>
    </form>
    <%
    If Request.Form("strUsername") <> "" Then
    Dim strADsPath
    strADsPath = "WinNT://yourdomain"

    strUserName = "yourdomain\" & Request.Form("strUserName")
    strPassword = Request.Form("strPassword")

    if (not strADsPath= "") then 'if and ADS Object path has been provided
    proceed with authentication

    ' bind to the ADSI object and authenticate Username and password
    Dim oADsObject
    Set oADsObject = GetObject(strADsPath)
    response.write "Authenticating...<br><br>"
    Dim strADsNamespace
    Dim oADsNamespace
    strADsNamespace = left(strADsPath, instr(strADsPath, ":"))
    set oADsNamespace = GetObject(strADsNamespace)
    Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, strUserName,
    strPassword, 0)
    ' we're only bound if err.number = 0
    if not (Err.number = 0) then
    Response.Write "<font color='red'><font size = 5><u><b>Authentication has
    failed...<b></u></font></font>"
    'Response.Write "Failed to bind to object <b>" & strADsPath & "</b><br>"
    'response.write err.description & "<p>"
    'Response.write "Error number is " & err.number & "<br>"
    Session("Auth") = "NO"
    else
    Response.Write "<font color='blue'>USER AUTHENTICATED!</font><br>"
    'Response.Write "Currently viewing object at <b>" & oADsObject.ADsPath &
    "</b><br>"
    'Response.Write "Class is " & oADsObject.Class & "<br>"
    Session("Auth") = "YES"
    end if
    'response.write "<p>"
    end if
    End If
    %>
    </body>
    </html>



    --
    Tom Kaminski IIS MVP
    http://www.microsoft.com/windowsserver2003/community/centers/iis/
    http://mvp.support.microsoft.com/
    http://www.iisfaq.com/
    http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
    http://www.tryiis.com
     
    Tom Kaminski [MVP], Aug 30, 2004
    #2
    1. Advertising

  3. Hello Tom,

    thanks for your help! I've copy/pasted your code, but it doesn't work. I
    can't see anything wrong in it, except some variables which are not
    defined. Do I need to do anything special to let it work? I can fill in
    the fields and press submit, but there is no result showing...

    thanks for your help,

    Joeri

    *** Sent via Developersdex http://www.developersdex.com ***
    Don't just participate in USENET...get rewarded for it!
     
    Joeri Kumbruck, Aug 31, 2004
    #3
  4. "Joeri Kumbruck" <> wrote in message
    news:%23q%...
    > Hello Tom,
    >
    > thanks for your help! I've copy/pasted your code, but it doesn't work. I
    > can't see anything wrong in it, except some variables which are not
    > defined. Do I need to do anything special to let it work? I can fill in
    > the fields and press submit, but there is no result showing...


    Nothing at all shows? Does any ASP work?

    --
    Tom Kaminski IIS MVP
    http://www.microsoft.com/windowsserver2003/community/centers/iis/
    http://mvp.support.microsoft.com/
    http://www.iisfaq.com/
    http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
    http://www.tryiis.com
     
    Tom Kaminski [MVP], Aug 31, 2004
    #4
  5. Tom,

    works like a charme, thank you for the script! I did something wrong when I
    wanted to launch the file, but all is working now,

    thanks again,

    brgds,

    Joeri

    "Tom Kaminski [MVP]" wrote:

    > "Joeri Kumbruck" <> wrote in message
    > news:%23q%...
    > > Hello Tom,
    > >
    > > thanks for your help! I've copy/pasted your code, but it doesn't work. I
    > > can't see anything wrong in it, except some variables which are not
    > > defined. Do I need to do anything special to let it work? I can fill in
    > > the fields and press submit, but there is no result showing...

    >
    > Nothing at all shows? Does any ASP work?
    >
    > --
    > Tom Kaminski IIS MVP
    > http://www.microsoft.com/windowsserver2003/community/centers/iis/
    > http://mvp.support.microsoft.com/
    > http://www.iisfaq.com/
    > http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
    > http://www.tryiis.com
     
    Joeri KUMBRUCK, Sep 1, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Joeri KUMBRUCK
    Replies:
    1
    Views:
    4,563
    Ben Lovell
    Aug 30, 2004
  2. dave
    Replies:
    5
    Views:
    501
    Donkey Hot
    Jan 12, 2008
  3. Filip De Backer

    Check the username and password with the active directory

    Filip De Backer, Aug 26, 2005, in forum: ASP .Net Security
    Replies:
    3
    Views:
    326
    Filip De Backer
    Aug 29, 2005
  4. Ruggiero, Vince
    Replies:
    0
    Views:
    769
    Ruggiero, Vince
    Dec 14, 2009
  5. Ruggiero, Vince
    Replies:
    0
    Views:
    918
    Ruggiero, Vince
    Dec 14, 2009
Loading...

Share This Page