C# LDAP认证登录类参考

public class LDAPHelper
    {
        private DirectoryEntry _objDirectoryEntry;
 
 
        /// <summary>
        /// 构造函数
        /// </summary>
        /// <param name="LADPath">ldap的地址，例如"LDAP://***.***.48.110:389/dc=***,dc=com"</param>
        /// <param name="authUserName">连接用户名，例如"cn=root,dc=***,dc=com"</param>
        /// <param name="authPWD">连接密码</param>
        public bool OpenConnection(string LADPath, string authUserName, string authPWD)
        {    //创建一个连接 
             _objDirectoryEntry = new DirectoryEntry(LADPath, authUserName, authPWD, AuthenticationTypes.None);
 
 
             if (null == _objDirectoryEntry)
             {
                 return false;
             }
             else if (_objDirectoryEntry.Properties!=null&&_objDirectoryEntry.Properties.Count > 0)
             {
                 return true;
             }
             return false;
        }
 
 
        /// <summary>
        /// 检测一个用户和密码是否正确
        /// </summary>
        /// <param name="strLDAPFilter">(|(uid= {0})(cn={0}))</param>
        /// <param name="TestUserID">testuserid</param>
        /// <param name="TestUserPwd">testuserpassword</param>
        /// <param name="ErrorMessage"></param>
        /// <returns></returns>
        public bool CheckUidAndPwd(string strLDAPFilter, string TestUserID, string TestUserPwd, ref string ErrorMessage)
        {
            bool blRet = false;
            try
            {
                //创建一个检索
                DirectorySearcher deSearch = new DirectorySearcher(_objDirectoryEntry);
                //过滤名称是否存在
                deSearch.Filter =strLDAPFilter;
                deSearch.SearchScope = SearchScope.Subtree;
 
 
                //find the first instance 
                SearchResult objSearResult = deSearch.FindOne();
 
 
                //如果用户密码为空
                if (string.IsNullOrEmpty(TestUserPwd))
                {
                    if (null != objSearResult && null != objSearResult.Properties && objSearResult.Properties.Count > 0)
                    {
                        blRet = true;
                    }
                }
                else if (null != objSearResult && !string.IsNullOrEmpty(objSearResult.Path))
                {
                    //获取用户名路径对应的用户uid
                    int pos = objSearResult.Path.LastIndexOf('/');
                    string uid = objSearResult.Path.Remove(0, pos + 1);
                    DirectoryEntry objUserEntry = new DirectoryEntry(objSearResult.Path, uid, TestUserPwd, AuthenticationTypes.None);
                    if (null != objUserEntry && objUserEntry.Properties.Count > 0)
                    {
                        blRet = true;
                    }
                }
            }
            catch (Exception ex)
            {
                if (null != _objDirectoryEntry)
                {
                    _objDirectoryEntry.Close();
                }
                ErrorMessage = "检测异常："+ex.StackTrace;
            }
            return blRet;
        }
 
 
 
 
        /// <summary>
        /// 关闭连接
        /// </summary>
        public void closeConnection()
        {
            if (null != _objDirectoryEntry)
            {
                _objDirectoryEntry.Close();
            }
        }
    }

写了一个通用的认证类，请看代码

private void btnCheck_Click(object sender, EventArgs e) 
{ 


string strLDAPFilter = string.Format(txtFilter.Text, txtUserName.Text.Trim()); 
//deSearch.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))"; 


string TestUserID = txtUserName.Text; 
string TestUserPwd = txtPwd.Text; 
LDAPHelper objldap = new LDAPHelper(); 
string strLDAPPath = txtLDAP.Text; 
string strLDAPAdminName = txtLUserName.Text; 
string strLDAPAdminPwd = txtLPwd.Text; 
string strMsg = ""; 
bool blRet = objldap.OpenConnection(strLDAPPath, strLDAPAdminName, strLDAPAdminPwd); 


if (blRet) 
{ 
blRet = objldap.CheckUidAndPwd(strLDAPFilter, TestUserID, TestUserPwd, ref strMsg); 
if (blRet) 
{ 
strMsg = "检测用户名" + TestUserID + "和密码" + TestUserPwd + "成功"; 
} 
else if (!blRet && string.IsNullOrEmpty(strMsg)) 
{ 
strMsg = "检测用户名" + TestUserID + "和密码" + TestUserPwd + "失败"; 
} 
} 
this.txtLog.Text = System.DateTime.Now.ToString() + ":" + strMsg + "
" + "
" + this.txtLog.Text; 
MessageBox.Show(strMsg); 
} 
}

 

public class LDAPHelper 
{ 
private DirectoryEntry _objDirectoryEntry; 


/// <summary> 
/// 构造函数 
/// </summary> 
/// <param name="LADPath">ldap的地址，例如"LDAP://***.***.48.110:389/dc=***,dc=com"</param> 
/// <param name="authUserName">连接用户名，例如"cn=root,dc=***,dc=com"</param> 
/// <param name="authPWD">连接密码</param> 
public bool OpenConnection(string LADPath, string authUserName, string authPWD) 
{ //创建一个连接 
_objDirectoryEntry = new DirectoryEntry(LADPath, authUserName, authPWD, AuthenticationTypes.None); 


if (null == _objDirectoryEntry) 
{ 
return false; 
} 
else if (_objDirectoryEntry.Properties!=null&&_objDirectoryEntry.Properties.Count > 0) 
{ 
return true; 
} 
return false; 
} 


/// <summary> 
/// 检测一个用户和密码是否正确 
/// </summary> 
/// <param name="strLDAPFilter">(|(uid= {0})(cn={0}))</param> 
/// <param name="TestUserID">testuserid</param> 
/// <param name="TestUserPwd">testuserpassword</param> 
/// <param name="ErrorMessage"></param> 
/// <returns></returns> 
public bool CheckUidAndPwd(string strLDAPFilter, string TestUserID, string TestUserPwd, ref string ErrorMessage) 
{ 
bool blRet = false; 
try 
{ 
//创建一个检索 
DirectorySearcher deSearch = new DirectorySearcher(_objDirectoryEntry); 
//过滤名称是否存在 
deSearch.Filter =strLDAPFilter; 
deSearch.SearchScope = SearchScope.Subtree; 


//find the first instance 
SearchResult objSearResult = deSearch.FindOne(); 


//如果用户密码为空 
if (string.IsNullOrEmpty(TestUserPwd)) 
{ 
if (null != objSearResult && null != objSearResult.Properties && objSearResult.Properties.Count > 0) 
{ 
blRet = true; 
} 
} 
else if (null != objSearResult && !string.IsNullOrEmpty(objSearResult.Path)) 
{ 
//获取用户名路径对应的用户uid 
int pos = objSearResult.Path.LastIndexOf('/'); 
string uid = objSearResult.Path.Remove(0, pos + 1); 
DirectoryEntry objUserEntry = new DirectoryEntry(objSearResult.Path, uid, TestUserPwd, AuthenticationTypes.None); 
if (null != objUserEntry && objUserEntry.Properties.Count > 0) 
{ 
blRet = true; 
} 
} 
} 
catch (Exception ex) 
{ 
if (null != _objDirectoryEntry) 
{ 
_objDirectoryEntry.Close(); 
} 
ErrorMessage = "检测异常："+ex.StackTrace; 
} 
return blRet; 
} 




/// <summary> 
/// 关闭连接 
/// </summary> 
public void closeConnection() 
{ 
if (null != _objDirectoryEntry) 
{ 
_objDirectoryEntry.Close(); 
} 
} 
}

调用

private void btnCheck_Click(object sender, EventArgs e) 
{ 


string strLDAPFilter = string.Format(txtFilter.Text, txtUserName.Text.Trim()); 
//deSearch.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))"; 


string TestUserID = txtUserName.Text; 
string TestUserPwd = txtPwd.Text; 
LDAPHelper objldap = new LDAPHelper(); 
string strLDAPPath = txtLDAP.Text; 
string strLDAPAdminName = txtLUserName.Text; 
string strLDAPAdminPwd = txtLPwd.Text; 
string strMsg = ""; 
bool blRet = objldap.OpenConnection(strLDAPPath, strLDAPAdminName, strLDAPAdminPwd); 


if (blRet) 
{ 
blRet = objldap.CheckUidAndPwd(strLDAPFilter, TestUserID, TestUserPwd, ref strMsg); 
if (blRet) 
{ 
strMsg = "检测用户名" + TestUserID + "和密码" + TestUserPwd + "成功"; 
} 
else if (!blRet && string.IsNullOrEmpty(strMsg)) 
{ 
strMsg = "检测用户名" + TestUserID + "和密码" + TestUserPwd + "失败"; 
} 
} 
this.txtLog.Text = System.DateTime.Now.ToString() + ":" + strMsg + "
" + "
" + this.txtLog.Text; 
MessageBox.Show(strMsg); 
} 
} 

实例下载：http://download.csdn.net/detail/paolei/6740833

LDAP是轻量目录访问协议，英文全称是Lightweight Directory Access Protocol，一般都简称为LDAP。它是基于X.500标准的，但是简单多了并且可以根据需要定制。与X.500不同，LDAP支持TCP/IP，这对访问Internet是必须的。LDAP的核心规范在RFC中都有定义，所有与LDAP相关的RFC都可以在LDAPman RFC网页中找到。

bool checkResult = false; 
try 
{ 
string username = Request.Params.Get("username"); 
string userpwd = Request.Params.Get("userpwd"); 
string strLADPath = "LDAP://OU=事业部,DC=HOLD,DC=Company,DC=COM"; 

DirectoryEntry objEntry = new DirectoryEntry(strLADPath); 
objEntry.AuthenticationType = AuthenticationTypes.None; 

DirectorySearcher deSearch = new DirectorySearcher(objEntry); 
//过滤名称是否存在 
deSearch.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))"; 
deSearch.SearchScope = SearchScope.Subtree; 
//find the first instance 
SearchResult results = deSearch.FindOne(); 
//check username & userpwd 
if (null != results) 
{ 
DirectoryEntry objUserEntry = new DirectoryEntry(results.Path, username, userpwd); 
if (null != objUserEntry && null != objUserEntry.Properties 
&& objUserEntry.Properties.Contains("cn")) 
{ 
checkResult = true; 
} 
} 

Response.Write("认证结果：" + checkResult.ToString()); 
} 
catch (System.Exception ex) 
{ 
Response.Write("认证异常"+ex.StackTrace); 
Response.Write("认证结果：" + checkResult.ToString()); 
}



private void btnCheck_Click(object sender, EventArgs e) 
{ 


string strLDAPFilter = string.Format(txtFilter.Text, txtUserName.Text.Trim()); 
//deSearch.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))"; 


string TestUserID = txtUserName.Text; 
string TestUserPwd = txtPwd.Text; 
LDAPHelper objldap = new LDAPHelper(); 
string strLDAPPath = txtLDAP.Text; 
string strLDAPAdminName = txtLUserName.Text; 
string strLDAPAdminPwd = txtLPwd.Text; 
string strMsg = ""; 
bool blRet = objldap.OpenConnection(strLDAPPath, strLDAPAdminName, strLDAPAdminPwd); 


if (blRet) 
{ 
blRet = objldap.CheckUidAndPwd(strLDAPFilter, TestUserID, TestUserPwd, ref strMsg); 
if (blRet) 
{ 
strMsg = "检测用户名" + TestUserID + "和密码" + TestUserPwd + "成功"; 
} 
else if (!blRet && string.IsNullOrEmpty(strMsg)) 
{ 
strMsg = "检测用户名" + TestUserID + "和密码" + TestUserPwd + "失败"; 
} 
} 
this.txtLog.Text = System.DateTime.Now.ToString() + ":" + strMsg + "
" + "
" + this.txtLog.Text; 
MessageBox.Show(strMsg); 
} 
} 

public class LDAPHelper 
{ 
private DirectoryEntry _objDirectoryEntry; 


/// <summary> 
/// 构造函数 
/// </summary> 
/// <param name="LADPath">ldap的地址，例如"LDAP://***.***.48.110:389/dc=***,dc=com"</param> 
/// <param name="authUserName">连接用户名，例如"cn=root,dc=***,dc=com"</param> 
/// <param name="authPWD">连接密码</param> 
public bool OpenConnection(string LADPath, string authUserName, string authPWD) 
{ //创建一个连接 
_objDirectoryEntry = new DirectoryEntry(LADPath, authUserName, authPWD, AuthenticationTypes.None); 


if (null == _objDirectoryEntry) 
{ 
return false; 
} 
else if (_objDirectoryEntry.Properties!=null&&_objDirectoryEntry.Properties.Count > 0) 
{ 
return true; 
} 
return false; 
} 


/// <summary> 
/// 检测一个用户和密码是否正确 
/// </summary> 
/// <param name="strLDAPFilter">(|(uid= {0})(cn={0}))</param> 
/// <param name="TestUserID">testuserid</param> 
/// <param name="TestUserPwd">testuserpassword</param> 
/// <param name="ErrorMessage"></param> 
/// <returns></returns> 
public bool CheckUidAndPwd(string strLDAPFilter, string TestUserID, string TestUserPwd, ref string ErrorMessage) 
{ 
bool blRet = false; 
try 
{ 
//创建一个检索 
DirectorySearcher deSearch = new DirectorySearcher(_objDirectoryEntry); 
//过滤名称是否存在 
deSearch.Filter =strLDAPFilter; 
deSearch.SearchScope = SearchScope.Subtree; 


//find the first instance 
SearchResult objSearResult = deSearch.FindOne(); 


//如果用户密码为空 
if (string.IsNullOrEmpty(TestUserPwd)) 
{ 
if (null != objSearResult && null != objSearResult.Properties && objSearResult.Properties.Count > 0) 
{ 
blRet = true; 
} 
} 
else if (null != objSearResult && !string.IsNullOrEmpty(objSearResult.Path)) 
{ 
//获取用户名路径对应的用户uid 
int pos = objSearResult.Path.LastIndexOf('/'); 
string uid = objSearResult.Path.Remove(0, pos + 1); 
DirectoryEntry objUserEntry = new DirectoryEntry(objSearResult.Path, uid, TestUserPwd, AuthenticationTypes.None); 
if (null != objUserEntry && objUserEntry.Properties.Count > 0) 
{ 
blRet = true; 
} 
} 
} 
catch (Exception ex) 
{ 
if (null != _objDirectoryEntry) 
{ 
_objDirectoryEntry.Close(); 
} 
ErrorMessage = "检测异常："+ex.StackTrace; 
} 
return blRet; 
} 




/// <summary> 
/// 关闭连接 
/// </summary> 
public void closeConnection() 
{ 
if (null != _objDirectoryEntry) 
{ 
_objDirectoryEntry.Close(); 
} 
} 
}