Beruflich Dokumente
Kultur Dokumente
05-Sept-2011
Md. Fazlur Rahman
Sambe Software 2
www.sambesoftware.com
TABLE OF CONTENTS
Introduction......................................................................................................................................................3
Implementation...............................................................................................................................................3
Active Directory Configuration...................................................................................................................3
Active Directory Implementation Logic....................................................................................................4
Conclusion........................................................................................................................................................4
Introduction
There are three types of user authentication in asp.net. These are
1. Form Authentication
2. Windows Authentication
3. Passport Authentication
Elixtra supports Form Authentication. User authentication detail is stored in asp.net membership tables in database.
ASP.NET login controls has been used for user login. Now authentication from Active Directory can be done in 2 ways
1. Change Form Authentication To Windows Authentication
2. By Pass User Authentication To Use Active Directory
The first one requires database change in deep level and thats why is not feasible. The second one has been
implemented to achieve the goal.
Implementation
<configSections>
<section name="ldapConfiguration"
type="HRMS.BusinessFacade.Configuration.ActiveDirectoryConfiguration, HRMS.BusinessFacade, Version=1.0.0.0,
Culture=neutral" allowLocation="true" allowDefinition="Everywhere"/>
</configSections>
enabled: The possible values are true and false. It is used to enable or disable active directory integration.
logEnabled: The possible values are true and false. It is used to write log entry to hrms.log file in every step of
active directory integration to trace if its properly integrated or no.
isaIntegrated: Its not used anymore.
pageLevelSecurityCheck : The possible values are true and false. This allows to check if the loggedin user is an
active directory user on every page life cycle.
server : The possible values are the ip address or the machine name of the active directory server.
domain : It contains the domain name of the active directory.
userName : It contains the user name if any specific user authentication has been used to contact with active
directory.
password : It contains the password if any specific user authentication has been used to contact with active directory.
directoryPath : It contains the root directory path in active directory where all the users reside.
groupName : It contains the group name of the users who are eligible to access elixtra. groupName="elixtrauser"
means the user of the group elixtrauser will be able to login to elixtra.
filter : This is used to search the user in the directory.
filterReplace : This is the keyword to replace in code to search an user.
Conclusion
This process will not work if any of the following is true
enabled="false" in active directory configuration
Server name provided in configuration is not valid.
Directory path is not valid
Group name is not valid
Filter option is not valid
User name and password provided while login are not valid, or the user is not active or the user is not a
member of the provided user group.