Validating logins - Level Extreme

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

Validating logins

Message

29/03/2016 15:41:47

Hugo Ranea
Bc Rapid Transit
Colombie Britannique, Canada

29/03/2016 15:26:39

Tuvia Vinitsky
Vci
Chicago, Illinois, États-Unis

Information générale

Forum:

Visual FoxPro

Catégorie:

Fonctions Windows API

Titre:

Re: Validating logins

Divers

Thread ID:

01633943

Message ID:

01633946

Vues:

>I have a mandated scenario where there is one master login to the RDP server. The VFP app requests the user's windows/AD login name and password and validates that the two are correct.
>
>I have a problem with the way I usually would do this, and I do not know another way.
>
>(I can get other info from LDAP object as needed.) For login verification I input the user domain name and password, then use
>

>	loUser = GETOBJECT("WinNT://" + tDomain + "/" + ALLTRIM(tuser) + ",user")
>       try
>	      loUser.ChangePassword (tpassword,tpassword)   
>     catch
>           llPasswordVerified = .F.
>     endtry
>
>	RetURN llPasswordVerified
>

>
>Trying to change the password lets me know if I have the correct password, and since I am changing it to what it is now, I am doing no harm.
>
>BUT - this network enforces not using passwords used in the past, so the ChangePassword function as I am using it always fails.
>
>Any suggestions?

We use LogonUser, if the session is created successfully then the password was OK, otherwise it was an invalid password, something like this:

#define LOGON32_PROVIDER_DEFAULT	0
#define LOGON32_LOGON_NETWORK		3

lparameters tcDomain, tcUser, tcPassword
local lnToken, llResult, lcUser, lcDomain, lcPassword

lcDomain		= Iif(Vartype(tcDomain) # 'C' or Empty(tcDomain), Getenv('UserDomain'), Alltrim(tcDomain))
lcUser		= Iif(Vartype(tcUser) # 'C' or Empty(tcUser), Getenv('UserName'), Alltrim(tcUser))
lcPassword	= Iif(Vartype(tcPassword) # 'C', '', tcPassword)

declare LogonUser in AdvAPI32 ;
	String	Username, ;
	String	Domain, ;
	String	Password, ;
	Integer	LogonType, ;
	Integer	LogonProvider, ;
	Long		@ Token ;
	
declare CloseHandle in Kernel32 ;
	integer	hObject

declare SetLastError in win32api ;
	integer	ErrCode
	
declare integer GetLastError in WIN32API

SetLastError(0)

lnToken			= 0
llResult			= LogonUser(lcUser, lcDomain, lcPassword, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, @lnToken)

if llResult and lnToken # 0
	CloseHandle(lnToken)
	llResult		= .T.
else
	llResult		= .F.
	* Do something with GetLastError()
endif

return llResult

"The five senses obstruct or deform the apprehension of reality."
Jorge L. Borges?

"Premature optimization is the root of all evil in programming."
Donald Knuth, repeating C. A. R. Hoare

"To die for a religion is easier than to live it absolutely"
Jorge L. Borges

Répondre

Fil

Voir

Click here to load this message in the networking platform