cretae ASP page to validate username with AD

Discussion in 'ASP General' started by Joeri KUMBRUCK, Aug 31, 2004.

  1. Hello,

    I'm trying to create an ASP page where users can type in a username
    and password, and these credential should be checked with active
    directory. If username and password are correct, the script will
    continue to run otherwise it will stop. Below you will find my code
    I've programmed until now, at this moment I've got one big problem:
    the vbs part of the script works fine if you run it as a vbs file. If
    I copy/paste it into an ASP page, it doesn't work anymore. Anyone
    ideas how I can solve this?
    Here is the code:

    <html>

    <head>
    <meta http-equiv="Content-Language" content="nl-be">
    <meta http-equiv="Content-Type" content="text/html;
    charset=windows-1252">
    <meta name="GENERATOR" content="Microsoft FrontPage 4.0">
    <meta name="ProgId" content="FrontPage.Editor.Document">
    <title>username</title>
    </head>

    <body>
    <SCRIPT LANGUAGE=VBScript>

    <!--

    Option Explicit

    Dim bValid
    Dim oRootDSE
    Dim oDSObj
    Dim oAuth
    Dim szNamingContext
    Const ADS_SECURE_AUTHENTICATION=1
    Dim szUserId, szPasswd
    Sub B1_OnClick

    bValid = True

    Call CheckField(document.form1.username.Value, "Please enter a
    value in the field.")
    Call CheckField(document.form1.password.Value, "Please enter a
    value in the field.")
    If bValid Then

    szUserId = document.form1.username.value
    szPasswd = document.form1.password.value


    ' Retrieve the current domain
    Set oRootDSE = GetObject("LDAP://RootDSE")

    szNamingContext = oRootDSE.Get("defaultNamingContext")
    ' Validate against the namespace
    Set oDSObj = GetObject("LDAP:")
    Set oAuth = oDSObj.OpenDSObject("LDAP://" & szNamingContext, _
    szUserId, szPasswd, ADS_SECURE_AUTHENTICATION)

    ' User authenticated if we get here
    bAuthenticateUser = True


    End If

    End Sub

    Sub CheckField(ByVal strFieldValue, ByVal strMessage)

    If strFieldValue = "" Then

    MsgBox strMessage, 0

    bValid = False

    End If

    End Sub

    -->

    </Script>

    <FORM NAME="form1">
    <p>&nbsp;</p>
    <p align="center">username: <input type="text" name="username"
    size="20"></p>
    <p align="center">password: <input type="password" name="password"
    size="20"></p>
    <p>&nbsp;</p>
    <p align="center">&nbsp;&nbsp;
    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input
    type="submit" value="Submit"

    name="B1">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

    <input type="reset" value="Reset" name="B2"></p>
    </form>



    </body>

    </html>
    Joeri KUMBRUCK, Aug 31, 2004
    #1
    1. Advertising

  2. Joeri KUMBRUCK

    Patrice Guest

    And the error is ?

    In most cases, failure running something in an ASP page when it works in a
    script launched directly is relative to security.

    Patrice

    --

    "Joeri KUMBRUCK" <> a écrit dans le message de
    news:...
    > Hello,
    >
    > I'm trying to create an ASP page where users can type in a username
    > and password, and these credential should be checked with active
    > directory. If username and password are correct, the script will
    > continue to run otherwise it will stop. Below you will find my code
    > I've programmed until now, at this moment I've got one big problem:
    > the vbs part of the script works fine if you run it as a vbs file. If
    > I copy/paste it into an ASP page, it doesn't work anymore. Anyone
    > ideas how I can solve this?
    > Here is the code:
    >
    > <html>
    >
    > <head>
    > <meta http-equiv="Content-Language" content="nl-be">
    > <meta http-equiv="Content-Type" content="text/html;
    > charset=windows-1252">
    > <meta name="GENERATOR" content="Microsoft FrontPage 4.0">
    > <meta name="ProgId" content="FrontPage.Editor.Document">
    > <title>username</title>
    > </head>
    >
    > <body>
    > <SCRIPT LANGUAGE=VBScript>
    >
    > <!--
    >
    > Option Explicit
    >
    > Dim bValid
    > Dim oRootDSE
    > Dim oDSObj
    > Dim oAuth
    > Dim szNamingContext
    > Const ADS_SECURE_AUTHENTICATION=1
    > Dim szUserId, szPasswd
    > Sub B1_OnClick
    >
    > bValid = True
    >
    > Call CheckField(document.form1.username.Value, "Please enter a
    > value in the field.")
    > Call CheckField(document.form1.password.Value, "Please enter a
    > value in the field.")
    > If bValid Then
    >
    > szUserId = document.form1.username.value
    > szPasswd = document.form1.password.value
    >
    >
    > ' Retrieve the current domain
    > Set oRootDSE = GetObject("LDAP://RootDSE")
    >
    > szNamingContext = oRootDSE.Get("defaultNamingContext")
    > ' Validate against the namespace
    > Set oDSObj = GetObject("LDAP:")
    > Set oAuth = oDSObj.OpenDSObject("LDAP://" & szNamingContext, _
    > szUserId, szPasswd, ADS_SECURE_AUTHENTICATION)
    >
    > ' User authenticated if we get here
    > bAuthenticateUser = True
    >
    >
    > End If
    >
    > End Sub
    >
    > Sub CheckField(ByVal strFieldValue, ByVal strMessage)
    >
    > If strFieldValue = "" Then
    >
    > MsgBox strMessage, 0
    >
    > bValid = False
    >
    > End If
    >
    > End Sub
    >
    > -->
    >
    > </Script>
    >
    > <FORM NAME="form1">
    > <p>&nbsp;</p>
    > <p align="center">username: <input type="text" name="username"
    > size="20"></p>
    > <p align="center">password: <input type="password" name="password"
    > size="20"></p>
    > <p>&nbsp;</p>
    > <p align="center">&nbsp;&nbsp;
    > &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input
    > type="submit" value="Submit"
    >
    >

    name="B1">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    >
    > <input type="reset" value="Reset" name="B2"></p>
    > </form>
    >
    >
    >
    > </body>
    >
    > </html>
    >
    Patrice, Aug 31, 2004
    #2
    1. Advertising

  3. Hi Patrice,

    thanks for your reply. The only error message I get, is a small warning
    sign in the status bar of my IE when I launch the ASP page. The warning
    sign is there for 2 seconds and I guess it's related to the first
    Getobject line in my code. As I put a MasgBox before the Getobject line
    and behind the Getobject line, I get only the first messagebox and not
    the second, I guess it stops executing the code as soon as an error is
    detected? Again, all works fine in a vbs file, but I really want to get
    this working in an ASP page as I want to publish it in IIS.



    *** Sent via Developersdex http://www.developersdex.com ***
    Don't just participate in USENET...get rewarded for it!
    Joeri Kumbruck, Aug 31, 2004
    #3
  4. 1. You are having a vbscript problem: there was absolutely no need to show
    us all that html stuff. It's up to you to make our task easier by extracting
    the part of your code that causes the problem and only showing us that.
    2. Please do not start a new thread for the same problem. I am sure that Tom
    will respond to you in your original thread. Starting a new thread makes it
    very difficult to carry on a conversation, making it harder to get a
    resolution for your problem.

    Bob Barrows

    --
    Microsoft MVP - ASP/ASP.NET
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"
    Bob Barrows [MVP], Aug 31, 2004
    #4
  5. Joeri KUMBRUCK

    Patrice Guest

    I just noticed that this script is executed client side. It's very likely
    disabled for securirty reasons. You should be able to enable scritping error
    report so that you have more detailed information about the error (likely
    the object is nothing it creation being discarded as a result of the
    security settings).

    Or don't you want rather to perform this check server side ????

    Patrice

    --

    "Patrice" <> a écrit dans le message de
    news:...
    > And the error is ?
    >
    > In most cases, failure running something in an ASP page when it works in a
    > script launched directly is relative to security.
    >
    > Patrice
    >
    > --
    >
    > "Joeri KUMBRUCK" <> a écrit dans le message de
    > news:...
    > > Hello,
    > >
    > > I'm trying to create an ASP page where users can type in a username
    > > and password, and these credential should be checked with active
    > > directory. If username and password are correct, the script will
    > > continue to run otherwise it will stop. Below you will find my code
    > > I've programmed until now, at this moment I've got one big problem:
    > > the vbs part of the script works fine if you run it as a vbs file. If
    > > I copy/paste it into an ASP page, it doesn't work anymore. Anyone
    > > ideas how I can solve this?
    > > Here is the code:
    > >
    > > <html>
    > >
    > > <head>
    > > <meta http-equiv="Content-Language" content="nl-be">
    > > <meta http-equiv="Content-Type" content="text/html;
    > > charset=windows-1252">
    > > <meta name="GENERATOR" content="Microsoft FrontPage 4.0">
    > > <meta name="ProgId" content="FrontPage.Editor.Document">
    > > <title>username</title>
    > > </head>
    > >
    > > <body>
    > > <SCRIPT LANGUAGE=VBScript>
    > >
    > > <!--
    > >
    > > Option Explicit
    > >
    > > Dim bValid
    > > Dim oRootDSE
    > > Dim oDSObj
    > > Dim oAuth
    > > Dim szNamingContext
    > > Const ADS_SECURE_AUTHENTICATION=1
    > > Dim szUserId, szPasswd
    > > Sub B1_OnClick
    > >
    > > bValid = True
    > >
    > > Call CheckField(document.form1.username.Value, "Please enter a
    > > value in the field.")
    > > Call CheckField(document.form1.password.Value, "Please enter a
    > > value in the field.")
    > > If bValid Then
    > >
    > > szUserId = document.form1.username.value
    > > szPasswd = document.form1.password.value
    > >
    > >
    > > ' Retrieve the current domain
    > > Set oRootDSE = GetObject("LDAP://RootDSE")
    > >
    > > szNamingContext = oRootDSE.Get("defaultNamingContext")
    > > ' Validate against the namespace
    > > Set oDSObj = GetObject("LDAP:")
    > > Set oAuth = oDSObj.OpenDSObject("LDAP://" & szNamingContext, _
    > > szUserId, szPasswd, ADS_SECURE_AUTHENTICATION)
    > >
    > > ' User authenticated if we get here
    > > bAuthenticateUser = True
    > >
    > >
    > > End If
    > >
    > > End Sub
    > >
    > > Sub CheckField(ByVal strFieldValue, ByVal strMessage)
    > >
    > > If strFieldValue = "" Then
    > >
    > > MsgBox strMessage, 0
    > >
    > > bValid = False
    > >
    > > End If
    > >
    > > End Sub
    > >
    > > -->
    > >
    > > </Script>
    > >
    > > <FORM NAME="form1">
    > > <p>&nbsp;</p>
    > > <p align="center">username: <input type="text" name="username"
    > > size="20"></p>
    > > <p align="center">password: <input type="password" name="password"
    > > size="20"></p>
    > > <p>&nbsp;</p>
    > > <p align="center">&nbsp;&nbsp;
    > > &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input
    > > type="submit" value="Submit"
    > >
    > >

    >

    name="B1">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    > >
    > > <input type="reset" value="Reset" name="B2"></p>
    > > </form>
    > >
    > >
    > >
    > > </body>
    > >
    > > </html>
    > >

    >
    >
    Patrice, Aug 31, 2004
    #5
  6. Patrice,
    it doesn't help if I run this script from server-side. I enabled
    debugging in my IE and get following error: ActiveXcomponent can't
    create object: "GetObject"
    It seems that I can't use getobject in a vbscript embedded in an ASP
    page???
    Any suggestions?


    *** Sent via Developersdex http://www.developersdex.com ***
    Don't just participate in USENET...get rewarded for it!
    Joeri Kumbruck, Aug 31, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Joeri KUMBRUCK
    Replies:
    1
    Views:
    4,521
    Ben Lovell
    Aug 30, 2004
  2. Joeri KUMBRUCK

    ASP page to validate username with AD

    Joeri KUMBRUCK, Aug 31, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    1,443
    Joeri KUMBRUCK
    Aug 31, 2004
  3. VM
    Replies:
    1
    Views:
    640
    =?Utf-8?B?WTJLUFJBQlU=?=
    Sep 27, 2006
  4. Shailesh Patel
    Replies:
    0
    Views:
    448
    Shailesh Patel
    Nov 8, 2006
  5. Rahul Mehta
    Replies:
    1
    Views:
    96
    Denis McMahon
    Jul 31, 2010
Loading...

Share This Page