Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [WebMethod]
- public static string ChkLDAP(string Username, string Password)
- {
- InizializzaLdap();
- string rst = "";
- string sesso = "";
- string adm = "";
- string searchString = psearchString;
- string param = pparam;
- bool trovato = false;
- //string tmpUser, tmpPass;
- SearchRequest searchRequest = null;
- SearchResponse searchResponse = null;
- LdapConnection connection = null;
- //LDAP disattivo
- if ((!auth.Equals("si")) && (!auth.Equals("true")))
- {
- string rsout = ChkAdmin(Username, Password);
- return rsout;
- }
- //LDAP attivo
- for (int i = 0; i < ldap.Count; i++)
- {
- if (ldap[i].InnerText.Length > 0)
- {
- NetworkCredential credential = new NetworkCredential(Username, Password);
- LdapDirectoryIdentifier serverId = new LdapDirectoryIdentifier(ldap[i].InnerText);
- connection = new LdapConnection(serverId, credential);
- //connection.AuthType = AuthType.;
- //Uso LDAP semplice
- if ((!pauthOpen.Equals("si")) && (!pauthOpen.Equals("true")))
- {
- try {
- connection.Bind();
- trovato = true;
- }
- catch (Exception exc)
- {
- if (i == ldap.Count - 1)
- {
- string rsout = ChkAdmin(Username, Password);
- return rsout;
- }
- else continue;
- }
- adm = "\"admin\":" + ChkAdmin(Username, Password);
- break;
- }
- //Uso LDAP open
- else
- {
- searchRequest = new SearchRequest(
- searchString, (string)null, System.DirectoryServices.Protocols.SearchScope.Subtree, (string[])null);
- try
- {
- searchResponse = (SearchResponse)connection.SendRequest(searchRequest);
- foreach (SearchResultEntry entry in searchResponse.Entries)
- {
- String[] substrings = entry.DistinguishedName.Split(',');
- if (substrings[0].Equals(param + "=" + Username) || substrings[0].Equals("CN=" + Username))
- {
- trovato = true;
- break;
- }
- }
- }
- catch (Exception exc)
- {
- if (i == ldap.Count - 1)
- {
- //return (exc.Message);
- string rsout = ChkAdmin(Username, Password);
- return rsout;
- }
- else continue;
- }
- adm = "\"admin\":" + ChkAdmin(Username, Password);
- break;
- }
- }
- else continue;
- }
- if (trovato == false)
- {
- string rsout = "{\"users\":\"\"";
- rsout += "," + adm + "}";
- //con.Close();
- return rsout;
- }
- SqlConnection con = new SqlConnection(conndb);
- con.Open();
- string sql = "SELECT A.ENTE,A.NOME,A.COGNOME,A.CODFISC,A.WEBUSER,A.WEBPASSWORD,A.POSIZIONE,A.WEBACCESS,A.SESSO,E.DENOMINAZIONE FROM ANAGDIP A INNER JOIN ENTI E ON A.ENTE = E.CODICE WHERE A.UTENTELDAP = @Username";
- SqlCommand cmd = new SqlCommand(sql, con);
- cmd.Parameters.AddWithValue("Username", Username);
- SqlDataReader dr = cmd.ExecuteReader();
- DataTable dt = new DataTable();
- dt.Load(dr);
- if (dt.Rows.Count > 0)
- {
- for (int j = 0; j < dt.Rows.Count; j++)
- {
- for (int k = 0; k < dt.Rows.Count; k++)
- {
- if (!(dt.Rows[k]["CODFISC"].Equals(dt.Rows[j]["CODFISC"])))
- {
- rst = "3";
- string rsout = "{\"result\":\"" + rst + "\"}";
- con.Close();
- return rsout;
- }
- }
- }
- string rs = "{\"users\":[";
- rst = "0";
- foreach (DataRow row in dt.Rows)
- {
- if (row["WEBACCESS"].ToString() == "0")
- {
- continue;
- }
- if (getCodContr(row["ENTE"].ToString()) == false)
- {
- continue;
- }
- if (row["POSIZIONE"].ToString() == "99")
- {
- continue;
- }
- if (!rs.Equals("{\"users\":["))
- {
- rs += ",";
- }
- if (row["SESSO"].ToString() == "1") { sesso = "a"; }
- else if (row["SESSO"].ToString() == "0") { sesso = "o"; }
- rs += "{\"result\":\"" + rst + "\", \"NOME\":\"" + row["NOME"].ToString().Replace("\"", "\\\"") + "\", \"COGNOME\":\"" + row["COGNOME"].ToString().Replace("\"", "\\\"") + "\", \"CODFISC\":\"" + row["CODFISC"].ToString().Replace("\"", "\\\"") + "\", \"WEBUSER\":\"" + row["WEBUSER"].ToString().Replace("\"", "\\\"") + "\", \"WEBPASSWORD\":\"" + KDeCripta(row["WEBPASSWORD"].ToString().Replace("\"", "\\\"")) + "\", \"SESSO\":\"" + sesso + "\", \"DENOMINAZIONE\":\"" + row["DENOMINAZIONE"].ToString().Replace("\"", "\\\"") + "\", \"ENTE\":\"" + row["ENTE"].ToString().Replace("\"", "\\\"") + "\"}";
- }
- rs += "],";
- rs += adm + "}";
- rst = "0";
- con.Close();
- return rs;
- }
- /* else
- {
- string ldapUser = dt.Rows[0]["WEBUSER"].ToString();
- string ldapPass = KDeCripta(dt.Rows[0]["WEBPASSWORD"].ToString());
- string rsout = "{\"users\":" + ChkUser(ldapUser, ldapPass, false);
- rsout += "," + adm + "}";
- con.Close();
- return rsout;
- //if (!String.IsNullOrEmpty(rsout))
- //{
- // rst = "0";
- // con.Close();
- // return rsout;
- //}
- //else
- //{
- // rst = "1";
- // string rs3 = "{\"result\":\"" + rst + "\"}";
- // con.Close();
- // return (rs3);
- //}
- }
- */
- else
- {
- //rst = "1";
- //string rs3 = "{\"result\":\"" + rst + "\"}";
- //con.Close();
- //return (rs3);
- string rsout = "{\"users\":\"\"";
- rsout += "," + adm + "}";
- con.Close();
- return rsout;
- }
- //object connected = null;
- //DirectoryEntry root = new DirectoryEntry("aLDAP://pgmserver", Username, Password);
- //try
- //{
- // connected = root.NativeObject;
- //}
- //catch (Exception ex)
- //{
- // string rsout = ChkAdmin(Username, Password);
- // return rsout;
- //}
- //SqlConnection con = new SqlConnection(conndb);
- //con.Open();
- //string sql = "SELECT WEBUSER,WEBPASSWORD FROM ANAGDIP WHERE UTENTELDAP = " + Username;
- //SqlCommand cmd = new SqlCommand(sql, con);
- //cmd.Parameters.AddWithValue("Username", Username);
- //SqlDataReader dr = cmd.ExecuteReader();
- //// Admin presente
- //if (dr.HasRows == true)
- //{
- // dr.Read();
- // string ldapUser = dr["WEBUSER"].ToString();
- // string ldapPass = dr["WEBPASSWORD"].ToString();
- // string rsout = ChkUser(ldapUser, ldapPass);
- // if (!String.IsNullOrEmpty(rsout))
- // {
- // rst = "0";
- // return rsout;
- // }
- // else
- // {
- // rst = "1";
- // string rs3 = "{\"result\":\"" + rst + "\"}";
- // con.Close();
- // return (rs3);
- // }
- //}
- //else
- //{
- // rst = "1";
- // string rs3 = "{\"result\":\"" + rst + "\"}";
- // con.Close();
- // return (rs3);
- //}
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement