Base solution for your next web application
Open Closed

Windows Authentication - LDAP #1339


User avatar
0
shishani created

Hi,

I am using ABP Zero project template to start a solution. The new web application should offer windows authentication so I implemented the LdapAuthenticationSource exactly as mentioned here: <a class="postlink" href="http://www.aspnetboilerplate.com/Pages/Documents/Zero/User-Management">http://www.aspnetboilerplate.com/Pages/ ... Management</a>

When I try to login using a domain user, I get this exception "Validation failed for one or more entities. See 'EntityValidationErrors' property for more details."

I followed these exact steps:

1 - Created MyLdapAuthenticationSource class

public MyLdapAuthenticationSource(ILdapSettings settings, IAbpZeroLdapModuleConfig ldapModuleConfig)
            : base(settings, ldapModuleConfig)
        {

        }

2 - Registered MyLdapAuthenticationSource in the WindowsAuthCoreModule like below:

[DependsOn(typeof(AbpZeroCoreModule))]
    public class WindowsAuthCoreModule : AbpModule
    {
        public override void PreInitialize()
        {
            Configuration.Auditing.IsEnabledForAnonymousUsers = true;

            //Declare entity types
            Configuration.Modules.Zero().EntityTypes.Tenant = typeof(Tenant);
            Configuration.Modules.Zero().EntityTypes.Role = typeof(Role);
            Configuration.Modules.Zero().EntityTypes.User = typeof(User);

            ////Remove the following line to disable multi-tenancy.
            //Configuration.MultiTenancy.IsEnabled = true;

            //Add/remove localization sources here
            Configuration.Localization.Sources.Add(
                new DictionaryBasedLocalizationSource(
                    WindowsAuthConsts.LocalizationSourceName,
                    new XmlEmbeddedFileLocalizationDictionaryProvider(
                        Assembly.GetExecutingAssembly(),
                        "WindowsAuth.Localization.Source"
                        )
                    )
                );

            AppRoleConfig.Configure(Configuration.Modules.Zero().RoleManagement);

            Configuration.Authorization.Providers.Add<WindowsAuthAuthorizationProvider>();

            Configuration.Settings.Providers.Add<MySettingProvider>();

            // setup Ldap for domain auth
            Configuration.Modules.ZeroLdap().Enable(typeof(MyLdapAuthenticationSource));

        }

        public override void Initialize()
        {
            IocManager.RegisterAssemblyByConvention(Assembly.GetExecutingAssembly());
        }
    }

I also disabled the MultiTenancy option, so I am not using my own ILdapSettings. The machine exists in the domain, therefore the default settings will work fine.

When I try to login with correct password I get the following exception: Validation failed for one or more entities. See 'EntityValidationErrors' property for more details.

When I try to login with wrong password I get "Login Failed!". This means my user get authenticated in the domain. There is something wrong after the authentication is done.

To get to the 'EntityValidationErrors' propery, I implemented AbpHandledExceptionData in the solution as following:

public class MyExceptionHandler : IEventHandler<AbpHandledExceptionData>, ITransientDependency
    {
        public void HandleEvent(AbpHandledExceptionData eventData)
        {
            //TODO: Check eventData.Exception!
        }
    }

And I found the issue in the "Required" email address. The validation said: The EmailAddress field is required.

My problem is: The user I am trying to login with is a domain user and has no record in the AbpUsers table. My question is: Did I miss anything?


No answer yet!