验证密码是否正确

发布于 2024-09-27 19:34:14 字数 957 浏览 10 评论 0原文

我需要验证用户的密码是否正确。

我有这段代码:

 private bool checkOldPasswordValid(string password, string username)
    {
        using (DirectoryEntry entry = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"))
        {
            entry.Username = username;
            entry.Password = password;

            DirectorySearcher searcher = new DirectorySearcher(entry);

            searcher.Filter = "(objectclass=user)";
            try
            {
                searcher.FindOne();
            }
            catch (Exception ex)
            {
                return false;
            }
            return true;
        }
    }

但是 WinNt 不支持目录搜索器,所以我找到了另一种方法来循环所有记录。

 foreach (DirectoryEntry dc in entry.Children)
            {
                // prints the name
                System.Diagnostics.Debug.WriteLine(dc.Name);
            }

但这只是获取名称而不验证密码。

请帮忙。谢谢

i need to verify if the password is correct for a user.

i have this code:

 private bool checkOldPasswordValid(string password, string username)
    {
        using (DirectoryEntry entry = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"))
        {
            entry.Username = username;
            entry.Password = password;

            DirectorySearcher searcher = new DirectorySearcher(entry);

            searcher.Filter = "(objectclass=user)";
            try
            {
                searcher.FindOne();
            }
            catch (Exception ex)
            {
                return false;
            }
            return true;
        }
    }

but then directory searcher is not supported with WinNt, so i found another way to loop through all records.

 foreach (DirectoryEntry dc in entry.Children)
            {
                // prints the name
                System.Diagnostics.Debug.WriteLine(dc.Name);
            }

but this just gets the name and doesnt verify the password.

please help . thanks

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

空名 2024-10-04 19:34:14

要针对 LDAP 或 WinNT 进行身份验证,您不需要 DirectorySearcher。您只需从 DirectoryEntry 实例获取 NativeObject 即可。这是一个代码示例,可以指导您完成整个过程。

public bool Authenticate(string username, string password, string domain) {
    bool authenticated = false;

    using (DirectoryEntry entry = new DirectoryEntry(@"WinNT://" + domain, username, password) {
        try {
            object nativeObject = entry.NativeObject;
            authenticated = true;
        } catch (DirectoryServicesCOMException ex) {
        }
    }

    return authenticated;
}

此代码将返回用户是否真实。一旦您可以使用此 DirectoryEntry 类实例获取 NativeObject 属性,这意味着 AD(或本地计算机)使用模拟来获取此对象。如果您获取对象时没有抛出异常,则意味着 AD(或本地计算机)能够对模拟用户进行身份验证。

虽然您可以通过不指定用户名和密码而仅指定域(或本地计算机)来使用当前经过身份验证的用户,但通过指定用户名和密码,您说您想要使用模拟,因此安全基础结构将使用给定的用户名和尝试从此 DirectoryEntry 类实例检索 NativeObject 属性的密码。

要针对 AD 进行身份验证,只需将 "WinNT://" 替换为 "LDAP://"

To autenticate against LDAP or WinNT, you need no DirectorySearcher. You only need to get the NativeObject from your DirectoryEntry instance. Here's a code sample that might guide you through the way.

public bool Authenticate(string username, string password, string domain) {
    bool authenticated = false;

    using (DirectoryEntry entry = new DirectoryEntry(@"WinNT://" + domain, username, password) {
        try {
            object nativeObject = entry.NativeObject;
            authenticated = true;
        } catch (DirectoryServicesCOMException ex) {
        }
    }

    return authenticated;
}

This code will return either a user is authentic or not. Once you can get the NativeObject property using this DirectoryEntry class instance, this means that the AD (or local computer) used impersonation to get this object. If you get the object without having a thrown exception, this means that the AD (or local computer) was able to authenticate the impersonnated user.

While you can use the currently authenticated user by specifying no username and password, but only the domain (or local computer), by specifying a username and password, you say you want to use impersonnation, so the security infrastructure will use the given username and password to try to retrieve the NativeObject property from this DirectoryEntry class instance.

To authenticate against the AD, just replace the "WinNT://" for "LDAP://".

狼性发作 2024-10-04 19:34:14

您可以使用 DirectoryEntry 本身。

请参阅此处的示例:http://support.microsoft.com/kb/316748

你为什么仍然使用 WinNT:// 吗?

You can use DirectoryEntry itself.

See the example here: http://support.microsoft.com/kb/316748

Why are you using WinNT:// anyways?

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文