ldapldapconnection

nJupiter change ADService Connectionstring @ runtime

We are developing a website that will need to point to different LDAP Providers (ADService ConnectionString) when a user attempts to login.

Our approach will be to look at their login name example@domain.com and use a mapping file (perhaps a sqlServer Database) to map their login name to their adservice provider and grab the connection string then. Then continue as normal.

In the example code below, I would need the IsAuthenticated to authenticate against the correct AdService connection string I am just not sure where and when to tell the nJupiter DataAccess Ldap provider when to set the connectionstring. (Normally with nJupiter it is done in the Web.Config file - but I will need to change the connection string dynamically)

So our login.aspx.cs page has the following code:

protected void Page_Load(object sender, EventArgs e)
{
    if (User.Identity.IsAuthenticated)
    {
        if (!string.IsNullOrEmpty(Request.QueryString["ReturnUrl"]))
        {
            Response.Redirect("~/AccessDenied.aspx");
        }
    }
}
Solution

  • nJupiter.DataAccess.Ldap has support to config several servers at the same time in the config file. I suggest you configure all servers you are going to use in nJupiter.DataAccess.Ldap.config like this:

    <configuration>
    <ldapServers>
        <ldapServer value="MyServer1"><!-- config goes here --></ldapServer>
        <ldapServer value="MyServer2"><!-- config goes here --></ldapServer>
    </ldapServers>
</configuration>

    And then you can configure one MembershipProvider/RoleProvider for every server in Web.Config; like this:

    <system.web>
   <membership defaultProvider="MyProvider1">
      <providers>
         <clear/>
         <add name="MyProvider1" ldapServer="MyServer1" type="nJupiter.DataAccess.Ldap.LdapMembershipProvider,nJupiter.DataAccess.Ldap" />
         <add name="MyProvider2" ldapServer="MyServer2" type="nJupiter.DataAccess.Ldap.LdapMembershipProvider,nJupiter.DataAccess.Ldap" />
      </providers>
   </membership>
</system.web>

    You can then change between the providers in runtime by using System.Web.Security.Membership.Providers["MyProvider1"] and System.Web.Security.Membership.Providers["MyProvider2"].

    ASP.NET only supports one single default provider though so if you want to redirect different users to different providers but still want to use plain ASP.NET architecture I suggest you do a wrapping MembershipProvider/RoleProvider that dynamically redirect to the correct provider. Here is some pseudo code:

    public class RedirctingMembershipProvider : System.Web.Security.MembershipProvider {
    public override MembershipUser GetUser(string username, bool userIsOnline) {
        if(username.Contains("@MyDomain1"){
            return Membership.Providers["MyProvider1"].GetUser(username, userIsOnline);
        }
        if(username.Contains("@MyDomain2"){
            return Membership.Providers["MyProvider2"].GetUser(username, userIsOnline);
        ...

    and then register this provider as the default provider in web.config like this:

    <system.web>
   <membership defaultProvider="RedirctingMembershipProvider">
      <providers>
         <clear/>
         <add name="RedirctingMembershipProvider" type="MyNameSpace.RedirctingMembershipProvider,MyAssembly" />
         <add name="MyProvider1" ldapServer="MyServer1" type="nJupiter.DataAccess.Ldap.LdapMembershipProvider,nJupiter.DataAccess.Ldap" />
         <add name="MyProvider2" ldapServer="MyServer2" type="nJupiter.DataAccess.Ldap.LdapMembershipProvider,nJupiter.DataAccess.Ldap" />
      </providers>
   </membership>
</system.web>