Open Closed

How to save the settings item Abp.Zero.Ldap.Password as encrypted text #7697


0
j.chow created

Password is stored in clear text image.png


12 Answer(s)
  • 0
    maliming created

    You can use SimpleStringCipher.Instance.Encrypt, for example. https://github.com/aspnetzero/aspnet-zero-core/blob/03c2790a0e5d39a9fa49d151924c39b77ea9bf34/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Application/Configuration/Tenants/TenantSettingsAppService.cs#L349

  • 0
    j.chow created

    Hi maliming,

    when i change code to bellow, i will get a error msg in login. everythis is ok when revert to default.

    image.png image.png

  • 0
    maliming created

    i will get a error msg in login

    What is the error message?

  • 0
    j.chow created

    image.png image.png

    image.png

  • 0
    maliming created

    image.png

    Please check the log of the backend application.

  • 0
    j.chow created

    System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): user name or password not right。

    at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.PropertyValueCollection.PopulateList() at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName) at System.DirectoryServices.PropertyCollection.get_Item(String propertyName) at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer() at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize() at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable1 identityType, String identityValue, DateTime refDate) at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithType(PrincipalContext context, Type principalType, String identityValue) at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, String identityValue) at Abp.Zero.Ldap.Authentication.LdapAuthenticationSource2.UpdateUserAsync(TUser user, TTenant tenant) at Abp.Authorization.AbpLogInManager3.TryLoginFromExternalAuthenticationSources(String userNameOrEmailAddress, String plainPassword, TTenant tenant) at Abp.Authorization.AbpLogInManager3.LoginAsyncInternal(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout) at Abp.Authorization.AbpLogInManager3.LoginAsync(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout) at Abp.Threading.InternalAsyncHelper.AwaitTaskWithPostActionAndFinallyAndGetResult[T](Task1 actualReturnValue, Func1 postAction, Action1 finalAction) at XunyisoftSmartApp.Web.Controllers.AccountController.GetLoginResultAsync(String usernameOrEmailAddress, String password, String tenancyName) in C:\Users\Me\Documents\Projects\XunyisoftSmartApp722... System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): user name or password not right。

  • 0
    maliming created

    You may need to override the GetPassword method.

    https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp.Zero.Ldap/Ldap/Configuration/LdapSettings.cs#L57

  • 0
    j.chow created

    Hi maliming,

    i had try to override the getpassword method, but it is not working. what is something wrong or missing in coding. thanks image.png

  • 0
    maliming created

    Have you replaced the ILdapSettings service?

    image.png

  • 0
    j.chow created

    when i added 'Configuration.Modules.ZeroLdap().Enable(typeof(AppLdapSettings));' in PreInitialize method. i got new error message.

    could you please give me sample code?

    image.png

    System.InvalidCastException: Unable to cast object of type 'XunyisoftSmartApp.Authorization.Ldap.AppLdapSettings' to type 'Abp.Authorization.Users.IExternalAuthenticationSource2[XunyisoftSmartApp.MultiTenancy.Tenant,XunyisoftSmartApp.Authorization.Users.User]'. at Abp.Dependency.IocResolverExtensions.ResolveAsDisposable[T](IIocResolver iocResolver, Type type) in D:\Github\aspnetboilerplate\src\Abp\Dependency\IocResolverExtensions.cs:line 30 at Abp.Authorization.AbpLogInManager3.TryLoginFromExternalAuthenticationSources(String userNameOrEmailAddress, String plainPassword, TTenant tenant) in D:\Github\aspnetboilerplate\src\Abp.ZeroCore\Authorization\AbpLoginManager.cs:line 289 at Abp.Authorization.AbpLogInManager3.LoginAsyncInternal(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout) in D:\Github\aspnetboilerplate\src\Abp.ZeroCore\Authorization\AbpLoginManager.cs:line 170 at Abp.Authorization.AbpLogInManager3.LoginAsync(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout) at Abp.Threading.InternalAsyncHelper.AwaitTaskWithPostActionAndFinallyAndGetResult[T](Task1 actualReturnValue, Func1 postAction, Action1 finalAction) at XunyisoftSmartApp.Web.Controllers.AccountController.GetLoginResultAsync(String usernameOrEmailAddress, String password, String tenancyName) in C:\Users\Me\Documents\Projects\XunyisoftSmartApp722\src\XunyisoftSmartApp.Web.Mvc\Controllers\AccountController.cs:line 249 at XunyisoftSmartApp.Web.Controllers.AccountController.Login(LoginViewModel loginModel, String returnUrl, String returnUrlHash, String ss) in C:\Users\Me\Documents\Projects\XunyisoftSmartApp722\src\XunyisoftSmartApp.Web.Mvc\Controllers\AccountController.cs:line 174 at Abp.Threading.InternalAsyncHelper.AwaitTaskWithPostActionAndFinallyAndGetResult[T](Task1 actualReturnValue, Func1 postAction, Action1 finalAction) at lambda_method(Closure , Object ) at ...

  • 0
    maliming created

    Please review the above code carefully.

    image.png

    image.png

  • 0
    j.chow created

    Hi maliming,

    thank you for your support.

    latest codeing:

    file: AppLdapAuthenticationSource.cs public class AppLdapSettings : LdapSettings { protected new ISettingManager SettingManager { get; }

        public AppLdapSettings(ISettingManager settingManager) : base(settingManager)
        {
            SettingManager = settingManager;
        }
    
        public override async Task<string> GetPassword(int? tenantId)
        {
            if (tenantId.HasValue)
            {
                var ldapPassword = await SettingManager.GetSettingValueForTenantAsync(LdapSettingNames.Password, tenantId.Value);
                return SimpleStringCipher.Instance.Decrypt(ldapPassword);
    
            }
            else
            {
                var ldapPassword = await SettingManager.GetSettingValueForApplicationAsync(LdapSettingNames.Password);
    
                return SimpleStringCipher.Instance.Decrypt(ldapPassword);
            }
        }
    
    }
    

    file: XunyisoftSmartAppCoreModule.cs //Enable LDAP authentication (It can be enabled only if MultiTenancy is disabled!) IocManager.Register<ILdapSettings, AppLdapSettings>(); Configuration.Modules.ZeroLdap().Enable(typeof(AppLdapAuthenticationSource));