Base solution for your next web application
Open Closed

How to save the settings item Abp.Zero.Ldap.Password as encrypted text #7697

User avatar
0
j.chow created

Password is stored in clear text

Go to accepted answer
13 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team

    You can use SimpleStringCipher.Instance.Encrypt, for example. https://github.com/aspnetzero/aspnet-zero-core/blob/03c2790a0e5d39a9fa49d151924c39b77ea9bf34/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Application/Configuration/Tenants/TenantSettingsAppService.cs#L349

  • User Avatar
    0
    j.chow created

    Hi maliming,

    when i change code to bellow, i will get a error msg in login. everythis is ok when revert to default.

  • User Avatar
    0
    maliming created
    Support Team

    i will get a error msg in login

    What is the error message?

  • User Avatar
    0
    j.chow created

  • User Avatar
    0
    maliming created
    Support Team

    Please check the log of the backend application.

  • User Avatar
    0
    j.chow created

    System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): user name or password not right。

    at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.PropertyValueCollection.PopulateList() at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName) at System.DirectoryServices.PropertyCollection.get_Item(String propertyName) at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer() at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize() at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable1 identityType, String identityValue, DateTime refDate) at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithType(PrincipalContext context, Type principalType, String identityValue) at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, String identityValue) at Abp.Zero.Ldap.Authentication.LdapAuthenticationSource2.UpdateUserAsync(TUser user, TTenant tenant) at Abp.Authorization.AbpLogInManager3.TryLoginFromExternalAuthenticationSources(String userNameOrEmailAddress, String plainPassword, TTenant tenant) at Abp.Authorization.AbpLogInManager3.LoginAsyncInternal(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout) at Abp.Authorization.AbpLogInManager3.LoginAsync(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout) at Abp.Threading.InternalAsyncHelper.AwaitTaskWithPostActionAndFinallyAndGetResult[T](Task1 actualReturnValue, Func1 postAction, Action1 finalAction) at XunyisoftSmartApp.Web.Controllers.AccountController.GetLoginResultAsync(String usernameOrEmailAddress, String password, String tenancyName) in C:\Users\Me\Documents\Projects\XunyisoftSmartApp722... System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): user name or password not right。

  • User Avatar
    0
    maliming created
    Support Team

    You may need to override the GetPassword method.

    https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp.Zero.Ldap/Ldap/Configuration/LdapSettings.cs#L57

  • User Avatar
    0
    j.chow created

    Hi maliming,

    i had try to override the getpassword method, but it is not working. what is something wrong or missing in coding. thanks

  • User Avatar
    0
    maliming created
    Support Team

    Have you replaced the ILdapSettings service?

  • User Avatar
    0
    j.chow created

    when i added 'Configuration.Modules.ZeroLdap().Enable(typeof(AppLdapSettings));' in PreInitialize method. i got new error message.

    could you please give me sample code?

    System.InvalidCastException: Unable to cast object of type 'XunyisoftSmartApp.Authorization.Ldap.AppLdapSettings' to type 'Abp.Authorization.Users.IExternalAuthenticationSource2[XunyisoftSmartApp.MultiTenancy.Tenant,XunyisoftSmartApp.Authorization.Users.User]'. at Abp.Dependency.IocResolverExtensions.ResolveAsDisposable[T](IIocResolver iocResolver, Type type) in D:\Github\aspnetboilerplate\src\Abp\Dependency\IocResolverExtensions.cs:line 30 at Abp.Authorization.AbpLogInManager3.TryLoginFromExternalAuthenticationSources(String userNameOrEmailAddress, String plainPassword, TTenant tenant) in D:\Github\aspnetboilerplate\src\Abp.ZeroCore\Authorization\AbpLoginManager.cs:line 289 at Abp.Authorization.AbpLogInManager3.LoginAsyncInternal(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout) in D:\Github\aspnetboilerplate\src\Abp.ZeroCore\Authorization\AbpLoginManager.cs:line 170 at Abp.Authorization.AbpLogInManager3.LoginAsync(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout) at Abp.Threading.InternalAsyncHelper.AwaitTaskWithPostActionAndFinallyAndGetResult[T](Task1 actualReturnValue, Func1 postAction, Action1 finalAction) at XunyisoftSmartApp.Web.Controllers.AccountController.GetLoginResultAsync(String usernameOrEmailAddress, String password, String tenancyName) in C:\Users\Me\Documents\Projects\XunyisoftSmartApp722\src\XunyisoftSmartApp.Web.Mvc\Controllers\AccountController.cs:line 249 at XunyisoftSmartApp.Web.Controllers.AccountController.Login(LoginViewModel loginModel, String returnUrl, String returnUrlHash, String ss) in C:\Users\Me\Documents\Projects\XunyisoftSmartApp722\src\XunyisoftSmartApp.Web.Mvc\Controllers\AccountController.cs:line 174 at Abp.Threading.InternalAsyncHelper.AwaitTaskWithPostActionAndFinallyAndGetResult[T](Task1 actualReturnValue, Func1 postAction, Action1 finalAction) at lambda_method(Closure , Object ) at ...

  • User Avatar
    0
    maliming created
    Support Team

    Please review the above code carefully.

  • User Avatar
    0
    j.chow created

    Hi maliming,

    thank you for your support.

    latest codeing:

    file: AppLdapAuthenticationSource.cs public class AppLdapSettings : LdapSettings { protected new ISettingManager SettingManager { get; }

        public AppLdapSettings(ISettingManager settingManager) : base(settingManager)
    {
        SettingManager = settingManager;
    }

    public override async Task<string> GetPassword(int? tenantId)
    {
        if (tenantId.HasValue)
        {
            var ldapPassword = await SettingManager.GetSettingValueForTenantAsync(LdapSettingNames.Password, tenantId.Value);
            return SimpleStringCipher.Instance.Decrypt(ldapPassword);

        }
        else
        {
            var ldapPassword = await SettingManager.GetSettingValueForApplicationAsync(LdapSettingNames.Password);

            return SimpleStringCipher.Instance.Decrypt(ldapPassword);
        }
    }

}

    file: XunyisoftSmartAppCoreModule.cs //Enable LDAP authentication (It can be enabled only if MultiTenancy is disabled!) IocManager.Register<ILdapSettings, AppLdapSettings>(); Configuration.Modules.ZeroLdap().Enable(typeof(AppLdapAuthenticationSource));

  • User Avatar
    0
    ferventcoder created

    https://github.com/aspnetzero/aspnet-zero-core/issues/3287

Assignee
No one
Labels
Non yet