Привет! Мне нужно было иметь возможность аутентифицировать пользователя с мобильного устройства в SharePoint 2007, и я хотел создать какую-то настраиваемую учетную запись.это, но я сначала сделал что-то подобное с сайтом SharePoint, а затем мне пришлось проверять активный каталог.
(Объект пользователя представлял собой некие зашифрованные данные в WCF, но в основном давал имя пользователя и пароль)
/// <summary>
/// Authenticate whether the user is a user of SharePoint by their username and password
/// </summary>
/// <param name="LoggedIn">The user that is to be authenticated</param>
/// <param name="SharePointSiteAddress">The address of the SharePoint site</param>
/// <returns>The name of the user if they are authenticated or null if not</returns>
public string AuthenticateSharePointUser_UsePassword(User LoggedIn, string SharePointSiteAddress)
{
string nameResult = null;
try
{
Authentication authentication = new Authentication();
//Check against active directory first
bool isAuthenticated = authentication.AuthenticateUserActiveDirectory(LoggedIn.GetUserName(), LoggedIn.GetPassword());
if (isAuthenticated)
{
nameResult = authentication.AuthenticateSharePointUserName(LoggedIn.GetUserName(), SharePointSiteAddress);
}
}
catch (Exception ex)
{
throw new Exception("Authentication Error", ex);
}
return nameResult;
}
/// <summary>
/// Authenticate that a user exists on SharePoint
/// </summary>
/// <param name="UserName">The username of the user to check</param>
/// <param name="SiteAddress">The address of the site to check user on</param>
/// <returns>The name of the user or null if not</returns>
public string AuthenticateSharePointUserName(string UserName, string SiteAddress)
{
string user = null;
//Open up the site and get the list
using (SPSite site = new SPSite(SiteAddress))
{
using (SPWeb web = site.OpenWeb())
{
try
{
user = web.AllUsers[GetFullDomainUserName(UserName)].Name;
}
catch (Exception)
{
//Swallow exception from the user not existing
user = null;
}
}
}
return user;
}
/// <summary>
/// Authenticate the user against active directory
/// </summary>
/// <param name="UserName">The username that can include the domain name domain\username or just username</param>
/// <param name="Password">The password</param>
/// <returns>Whether the user has been authenticated</returns>
public bool AuthenticateUserActiveDirectory(string UserName, string Password)
{
//Split on the domain name e.g. domain\...
string[] splitUserName = GetFullDomainUserName(UserName).Split('\\');
PrincipalContext context = null;
bool authenticated = false;
//Provide user domain if there is one to validate against or use current domain thread is running on
context = new PrincipalContext(ContextType.Domain, splitUserName[0]);
//Now validate against active directory
using (context)
{
authenticated = context.ValidateCredentials(splitUserName[1], Password);
}
return authenticated;
}
/// <summary>
/// Get a full domain name inclusive username from username given
/// if there is not already a domain name in it then attach current domain on this machine
/// </summary>
/// <param name="UserName">The username provided by user</param>
/// <returns>User name in style e.g. domain\----</returns>
public static string GetFullDomainUserName(string UserName)
{
//Split on the domain name e.g. net\356789
string[] splitUserName = UserName.Split('\\');
//If the user gave a domain name then use that domain else use the current domain
if (splitUserName.Length <= 1)
{
splitUserName = new string[] { Environment.UserDomainName, UserName };
}
return string.Join("\\", splitUserName);
}