一个LDAP验证的简单例子

公司做项目，要求做一个LDAP验证：简单实现如下：

default.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="LdapLogin._Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <link href="css/layout.css" rel="stylesheet" type="text/css" />
    <title></title>
</head>
<script type="text/javascript">
    var name, password, domain;
    function CheckValue() {
        AjaxPro.timeoutPeriod = 121000;
        name = document.getElementById("txtUserName").value;
        password = document.getElementById("txtPassword").value;
        domain = document.getElementById("txtDomain").value;
        if (name.indexOf("\\") != -1) {
            domain = name.split("\\")[0];
            name = name.split("\\")[1];
        }
        if (name.indexOf("@") != -1) {
            domain = name.split("@")[1];
            name = name.split("@")[0];
        }
        if (name == "") {
            alert("Please input LDAP User");
            document.getElementById("txtUserName").focus();
            return false;
        }
        if (password == "") {
            alert("Please input LDAP Password");
            document.getElementById("txtPassword").focus();
            return false;
        }
        if (document.getElementById("txtDomain").readOnly == false && domain == "") {
            alert("Please input LDAP Domain");
            document.getElementById("txtDomain").focus();
            return false;
        }
        return true;
    }

    function login() {
        if (CheckValue()) {
            LdapLogin._Default.CheckLADPAccount(domain, name, password, loginCallBack);
        }
    }

    function login2() {
        if (CheckValue()) {
            LdapLogin._Default.CheckLADPAccount2(domain, name, password, loginCallBack);
        }
    }

    function loginCallBack(res) {
        if (res.value) {
            alert("login successfully!");
        }
        else{
            alert("login failed");
        }
    }

    function txtUserChange() {       
        var name = document.getElementById("txtUserName").value;
        if (name.indexOf("\\") != -1 || name.indexOf("@") != -1) {
            document.getElementById("txtDomain").readOnly = true;
            document.getElementById("txtDomain").setAttribute("style", "background-color:#E4E4E4;150px");
        }
        else {
            document.getElementById("txtDomain").readOnly = false;
            document.getElementById("txtDomain").setAttribute("style", "background-color:#FFF;150px");
        }
    }
</script>
<body>
    <form id="form1" runat="server">
    <br /><br /><br />
    <table align="center">
    <tr>
        <td>LDAP User:</td>
        <td><input type="text" id="txtUserName" style="150px" onkeyup="txtUserChange()" value="rocky.gao"/></td>
    </tr>
     <tr>
        <td>LDAP Password:</td>
        <td> <input type="password" id="txtPassword" style="150px" value="Oraclesz5"/></td>
    </tr>
         <tr>
        <td>Domain:</td>
        <td> <input type="text" id="txtDomain" style="150px" value="suzsoft.com"/></td>
    </tr>
     <tr>
        <td colspan="2" align="center"> </td>        
    </tr>
     <tr>
        <td><input type="button" id="btnLogin1" value="Login 1" onclick="login()" style="100px;height:30px"></td> 
        <td align="right"><input type="button" id="btnLogin2" value="Login 2" onclick="login2()" style="100px;height:30px"></td>        
    </tr>
    </table>    
    </form>
    
    <div id="maskDiv">
        <div class="loadingDiv">
            <img alt="loading..." src="Images/loading.gif" /><br />
            <br />
            <span>Loading...</span>
        </div>
    </div>
</body>
</html>

<script type="text/javascript">
    AjaxPro.onLoading = function(b) {
        var divMask = document.getElementById("maskDiv");
        if (b) {
            divMask.style.display = "block";
        }
        else {
            divMask.style.display = "none";
        }
    };
</script>

Default.aspx

using System;
using System.Configuration;
using System.DirectoryServices;

namespace LdapLogin
{
    public partial class _Default : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            AjaxPro.Utility.RegisterTypeForAjax(typeof(_Default));
        }
        
        [AjaxPro.AjaxMethod]
        public bool CheckLADPAccount(string domain, string username, string password)
        {
            DirectoryEntry de = new DirectoryEntry("LDAP://" + domain, username, password, AuthenticationTypes.Secure);
            DirectorySearcher deSearch = new DirectorySearcher();
            deSearch.SearchRoot = de;
            deSearch.Filter = "(sAMAccountName=" + username + ")";
            SearchResult results = null;
            try
            {
                results = deSearch.FindOne();
            }
            catch (Exception ex)
            {
                return false;
            } 
            finally
            {
                de.Dispose();
            }
            return results != null;
        }

        [AjaxPro.AjaxMethod]
        public bool CheckLADPAccount2(string domain, string username, string password)
        {

            DirectoryEntry de = new DirectoryEntry("LDAP://" + domain, username, password, AuthenticationTypes.Secure);
            DirectorySearcher deSearch = new DirectorySearcher();
            deSearch.SearchRoot = de;
            deSearch.Filter = "(&(objectCategory=person)(objectClass=USER))";
            SearchResult results = null;
            try
            {
                results = deSearch.FindOne();
            }
            catch (Exception ex)
            {
                return false;
            }
            finally
            {
                de.Dispose();
            }
            return results != null;

        }
    }
}

 CheckLADPAccount和CheckLADPAccount2都可以登录，"(&(objectCategory=person)(objectClass=USER))还不是很明白有什么作用，因为这两种方法效果一样