How to authenticate users from active directory in ASP.NET MVC(.NET framework)

Question

0.00/5 (No votes)

See more:

, +

Hi Team

I need some help, current issue my web form username is null. I think what i want to achieve, we are using our own domain server. My approach want this web app to be able to authenticate me as a user and be redirected to dashboard. For now i am acting as an Administrator. The application is not doing this and im trying to get an idea, as to why my username is null but redirected back to Login

What I have tried:

<system.web>
  <compilation debug="true" targetFramework="4.7.2"/>
  <httpRuntime targetFramework="4.7.2"/>
    <sessionState mode="InProc" />
</system.web>
<runtime>

C#

<pre><appSettings>
    <add key="webpages:Version" value="3.0.0.0"/>
    <add key="webpages:Enabled" value="false"/>
    <add key="ClientValidationEnabled" value="true"/>
    <add key="UnobtrusiveJavaScriptEnabled" value="true"/>
    <!---Adding some active directory here for configuration- -->
    <add key="DomainName" value="ROCKLANDS"/>
    <add key="DomainController" value="LDAP://ROCKLANDS"/>
	  
  </appSettings>

//controller

C#

<pre> [HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult Login(LoginModel login)
        {
            if (ModelState.IsValid)
            {
                // validate credentials via AD Account
                bool isAuthenticated = ValidateCredentials(login.UserName, login.Password);

                if (isAuthenticated)
                {
                    // Set the "Username" session variable
                    Session["Username"] = login.UserName;

                    // return successful, redirect to the dashboard.
                    TempData["SuccessMessage"] = "Login successful!";
                    return RedirectToAction("Dashboard", "Account");
                }
                else
                {
                    ModelState.AddModelError("", "Invalid username or password");
                }
            }
            return View(login);
        }


        // validate user account from AD(Active Directory) .
        private bool ValidateCredentials(string password, string username)
        {
            // validate credentials against AD Account.
            using(PrincipalContext pc = new PrincipalContext(ContextType.Domain))
            {
                return pc.ValidateCredentials(username, password);
            }
        }

        //GET: GetLoggedInUser.
       
        public JsonResult GetLoggedInUser()
        {
            // fetch the logged in user's username.
            string username = User.Identity.Name;
            return Json(new { Username = username }, JsonRequestBehavior.AllowGet);
        }

        // dashboard for the account: Performed by HR Manager and Administrators


        public ActionResult Dashboard()
        {
            // retrieve user information from the session.
            var username = Session["Username"] as string;
            if (string.IsNullOrEmpty(username))
            {
                // Redirect to login if username is null or empty
                return RedirectToAction("Login", "Account");
            }

            // Proceed with dashboard logic
            var imageUrl = GetImageUrl(username);
            var userModel = new UserModel { UserName = username, ImageUrl = imageUrl };
            return View(userModel);
        }



        private string GetImageUrl(string username)
        {
            // connect to Active Directory and fetch user's image.
            using (var principalContext = new PrincipalContext(ContextType.Domain))
            {
                using (var user = UserPrincipal.FindByIdentity(principalContext, username))
                {
                    if (user != null)
                    {
                        // check if the user has a thumbnail photo.
                        if (user.GetUnderlyingObject() is DirectoryEntry directoryEntry && directoryEntry.Properties.Contains("thumbnailPhoto"))
                        {
                            byte[] thumnailBytes = directoryEntry.Properties["thumbnailPhoto"].Value as byte[];
                            if (thumnailBytes != null && thumnailBytes.Length > 0)
                            {
                                // convert the byte array to base64 string
                                string base64String = Convert.ToBase64String(thumnailBytes);
                                return "data:image/jpeg;base64," + base64String;
                            }
                        }
                    }
                }
            }
            return "http://intranet.rocklands.co.za/default-user-image.png";
        }

       
    }

Posted 8-Mar-24 0:06am

Gcobani Mkontwana

Updated 8-Mar-24 0:08am

v2

Add a Solution

Comments

Richard Deeming 8-Mar-24 7:05am

Is there a reason you're not just using Windows authentication? That will be more secure than having your users re-type their AD credentials into your view.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Andre Oosthuizen · Accepted Answer · 2024-03-08T23:18:00

Your first issue is happening with this code -

C#

return pc.ValidateCredentials(username, password);

No credentials were found, returning a 'NULL' value.
The second part then, based on the NULL value is -

C#

// Redirect to login if username is null or empty
                return RedirectToAction("Login", "Account");

This will return you back to your Login form. So, start looking at why no Credentials were returned and your issue will be resolved.

Richard is also spot on, use Windows Authentication - C# using Windows authentication to login in to app [^]