OK. here's the next version.
I have it validating a domian user's password.
This code does not impersonate a windows user, I removed that code to make it a little more simple.
All it does is validates the domain users password...I believe. I am still trying to look up more info on the API function:
Private Declare Function LogonUserA Lib "advapi32.dll" (ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Integer
I have moved all the user validation code to a class called Authorisation, just to keep the code neat and in one place. I have also added an enum:
Which is used when calling the ValidateUser method in the Authentication class, the ValidateUser function is:
Public Enum LoginMode
Database = 0
HardCoded = 1
Windows = 2
I have prely done this enum for this demo. In the real world you would just pick one of those methods and ignore the rest.
Public Function ValidateLogin(ByVal Username As String, ByVal Password As String, ByVal AuthenticationMethod As LoginMode) As Boolean
Select Case AuthenticationMethod
Return ValidateDBLogin(Username, Password)
Return ValidateHardCodedLogin(Username, Password)
If Username.IndexOf("\") > 0 Then
Dim LoginDetails() As String = Username.Split("\"c)
Return ValidateWindowsLogin(LoginDetails(0), LoginDetails(1), Password)
When logging into a domain your username must be in the format DOMAIN\Username.
This then gets split up into it's individual bits when sent to the ValidateWindowsLogin function.
RobDog, I know you wanted this as a way to login, but do you want to impersonate a user, so that you can get access to resources on say the network etc...? I personally can't see the need for this and would find it pointless for what I want to do with my intranet...not sure about you.
To change the method of authentication go into the Login.aspx page and change the Login function to pass a different enum to the authentication class.