您的位置: 首页  >  技术问答  >  使用vbscript在经典asp中进行Ldap身份验证

使用vbscript在经典asp中进行Ldap身份验证

分类: 技术问答 2022-05-04 15:54:06
问题描述:





我是传统经典ASP的新手,并尝试使用vbScript为经典的asp应用程序设置中间身份验证页面。我需要检查LDAP身份验证及其成功,以验证本地数据库中用户的可用性,以验证该工具的注册。以下代码(从互联网上的各个网站引用)不适用于我并且抛出Http 500内部服务器错误。由于我不确定如何调试以及它究竟是什么错误,我没有任何想法。我什么都错过了?该应用程序在IIS 7.5中托管,在集成模式下使用默认应用程序池。



如果有人给我一些洞察力这将是好的



我尝试过:



< html>

< head>< / head>

< body>

<%

如果错误,请继续下一步

dim strUser,strQuery,oConn,cmd,oRS,AuthenticateUser,strPwd



strUser = Replace(Trim(Request(userid)),' ,`)

strPwd =请求(upassword)

strservername =mydomain.com:389

AuthenticateUser = false

strQuery =SELECT cn FROM'LDAP://& strservername& 'WHERE objectClass ='user'

set oConn = server.CreateObject(ADODB.Connection)

oConn.Provider =ADsDSOOBJECT

oConn.Properties(用户ID)= strUser

oConn.Properties(密码)= strPwd

oConn.Properties(加密密码)= true

oConn.openADs Provider,strUser,strPwd

set cmd = server.CreateObject(ADODB.Command)

set cmd.ActiveConnection = oConn

cmd.CommandText = strQuery



set oRS = cmd.Execute

If Err .nu​​mber<> 0然后

Response.Redirectindex.asp?errvar =& Err.number& Err.description

'Response.Write Err.description&


'Response.End

End If

如果oRS.bof或oRS.eof那么

AuthenticateUser = false

else

AuthenticateUser = true

结束如果

设置oRS =没有

设置oConn =没有



'CHK THE DATABASE FOR用户可用性

如果AuthenticateUser = true

出现错误,请继续下载

dim sql,Rs1

sql =查询以检查工具DB中可用的用户

设置Rs1 = ObjConn.Execute(sql)

如果Err.number<> 0然后

Response.WriteERROR OCCURED&


Response.Write Err.description&


Response.End

结束如果



如果不是Rs1.EOF那么

UserID = Trim( Rs1(UserID))

结束如果



Rs1.Close

设置Rs1 = Nothing



如果UCase(UserID)= UCase(请求(UserID))那么



Session(UserId )= UserId

%>

< form action =method =POSTname =form1>

< input type =hiddenname =useridvalue =<%= UserID%>>

< / form>

<脚本>

document.form1.action =Home.asp;

document.form1.submit()

< / script>

<%End if%>

<%Else%>

< form action =method =POST name =form1>

< input type =hiddenname =Flagvalue =1>

< / form>

< script>

document.form1.action =index.asp;

document.form1.submit()

&lt ; / script>

<%End if%>

< / body>

< / html>

Hi,

I am very new to the legacy Classic ASP and trying to set up an intermediate authentication page for a classic asp application using vbScript.I need to check for LDAP authentication and on its success to verify the availability of the user in a local DB to verify the signup for the tool. Here is the code below (referred from various websites around the internet) not working for me and throwing Http 500 Internal Server error. Since I am not sure how to debug and what error it really is,I am stuck with no ideas.Am I missing anything?? The application is hosted in IIS 7.5 with default app pool on Integrated mode.

It would be good, if some one give me some insight on this

What I have tried:

<html>
<head></head>
<body>
<%
on error resume next
dim strUser,strQuery,oConn,cmd,oRS,AuthenticateUser,strPwd

strUser= Replace(Trim(Request("userid")),"'","`")
strPwd= Request("upassword")
strservername = "mydomain.com:389"
AuthenticateUser = false
strQuery = "SELECT cn FROM 'LDAP://" & strservername & "' WHERE objectClass='user'"
set oConn = server.CreateObject("ADODB.Connection")
oConn.Provider = "ADsDSOOBJECT"
oConn.Properties("User ID") = strUser
oConn.Properties("Password")= strPwd
oConn.Properties("Encrypt Password") = true
oConn.open "ADs Provider", strUser,strPwd
set cmd = server.CreateObject("ADODB.Command")
set cmd.ActiveConnection = oConn
cmd.CommandText = strQuery

set oRS = cmd.Execute
If Err.number <> 0 then
Response.Redirect "index.asp?errvar=" &Err.number & Err.description
'Response.Write Err.description &"
"
'Response.End
End If
if oRS.bof or oRS.eof then
AuthenticateUser = false
else
AuthenticateUser = true
end if
set oRS = nothing
set oConn = nothing

'CHK THE DATABASE FOR THE USER Availability
If AuthenticateUser = true
on error resume next
dim sql, Rs1
sql="Query to check the user available in the tool DB"
Set Rs1 = ObjConn.Execute(sql)
If Err.number <> 0 then
Response.Write "ERROR OCCURED" &"
"
Response.Write Err.description &"
"
Response.End
End If

If Not Rs1.EOF Then
UserID=Trim(Rs1("UserID"))
End If

Rs1.Close
Set Rs1 = Nothing

If UCase(UserID) = UCase(Request("UserID")) Then

Session("UserId") = UserId
%>
<form action="" method="POST" name="form1">
<input type="hidden" name="userid" value="<%=UserID%>">
</form>
<script>
document.form1.action="Home.asp";
document.form1.submit()
</script>
<%End If%>
<%Else%>
<form action="" method="POST" name="form1">
<input type="hidden" name="Flag" value="1">
</form>
<script>
document.form1.action="index.asp";
document.form1.submit()
</script>
<%End If%>
</body>
</html>


最后下面的脚本对我有用:





< html>

< head>< / head>

< body>

0然后

Response.WriteERROR OCCURED&


Response.Write Err.description&


回应。结束

结束如果



如果不是Rs1.EOF那么

UserID = Trim(Rs1(UserID) ))



结束如果

结束如果

Rs1.Close

Set Rs1 = Nothing



如果UCase(UserID)= UCase(请求(UserID))那么



%>]]>

< form action =method =POSTname =form1>

& lt; input type =hiddenname =useridvalue =<%= UserID%>>

< / form>

<脚本>

document.form1.action =Home.asp;

document.form1.submit()

< / script>

]]>

< form action =method =POSTname =form1>

< input type =hiddenname =Flagvalue =1>

< / form>

< script>

document.form1.action =index.asp;

document.form1.submit()

< / script>

]] >

< / body>

< / html>
Finally the below script worked for me:


<html>
<head></head>
<body>
0 then
Response.Write "ERROR OCCURED" &"
"
Response.Write Err.description &"
"
Response.End
End If

If Not Rs1.EOF Then
UserID=Trim(Rs1("UserID"))

End If
End If
Rs1.Close
Set Rs1 = Nothing

If UCase(UserID) = UCase(Request("UserID")) Then

%>]]>
<form action="" method="POST" name="form1">
<input type="hidden" name="userid" value="<%=UserID%>">
</form>
<script>
document.form1.action="Home.asp";
document.form1.submit()
</script>
]]>
<form action="" method="POST" name="form1">
<input type="hidden" name="Flag" value="1">
</form>
<script>
document.form1.action="index.asp";
document.form1.submit()
</script>
]]>
</body>
</html>


相关推荐