Programatic User Authentication against windows AD
Hi,
Does calling the BIND method of %SYS.LDAP, with the username, domain and password of the user that needs to be authenticated- the right way to authenticate him/her ?
Also - am I correct in assuming that something like this is independant to (and I don't need to specify setting for), System Security -> LDAP Options
Thanks
Steve
Writing your own authentication code using the %SYS.LDAP class is independent of the LDAP authentication settings in the portal, yes.
%SYS.LDAP.Binds is the correct authentication method only if you're coming from a Windows machine (and going to a Windows AD server, which you said you are.) If you're running Cache on Linux or any other non-Windows OS, you should use SimpleBinds instead.
The arguments to Binds aren't quite as you've listed them - I'd recommend looking at the class documentation on them. I'd also recommend using the StartTLSs method first, to protect the user's credentials.
Steve,
Here is some sample code that should help get you going in the right direction. NOTE - the byRef LD argument is a handle for the connection to the LDAP server and it needs to be cleaned up when you're done if you're going to fetch any attributes.
(sorry for the messed up indentation)
Great -
Thanks Ben for the code snippet !
Steve