current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Sign up ×
Code Review Stack Exchange is a question and answer site for peer programmer code reviews. It's 100% free, no registration required.
up vote 3 down vote favorite

I am trying to learn how to use ASP.NET Identity. My scenario is that I have to authenticate against Active Directory. For that purpose I am trying to use ActiveDirecotoryMembershipProvider.

What I have to do is:

  1. Authenticate user/password against Active Directory
  2. Check whether user is present in my own database

The way I did it is I configured in my web.config to use ActiveDirectoryMembershipProvider as default membership provider. Then I override PasswordSignInAsync method in my ApplicationSignInManager class (which inherits SignInManager) as follows:

public override Task<SignInStatus> PasswordSignInAsync(string userName, string password, bool isPersistent, bool shouldLockout)
{
    var adok = Membership.Provider.ValidateUser(userName, password);
    if (adok)
    {
        var user = UserManager.FindByName(userName);
        if (user == null)
            return Task.FromResult<SignInStatus>(SignInStatus.Failure);
        else
        {
            base.SignInAsync(user, isPersistent, shouldLockout);
            return Task.FromResult<SignInStatus>(SignInStatus.Success);
        }
    }
    else
        return Task.FromResult<SignInStatus>(SignInStatus.Failure);
}

This seems to work, but I think it's not the right way to do it. Can anyone suggest any better way of achieving this?

share|improve this question

2 Answers 2

up vote 3 down vote

SignInAsync is an async method, and you most likely want to wait for it to complete before returning the SignInStatus. In order to await it, we must declare the method with the async keyword. This also means we can simplify the return statements:

public override async Task<SignInStatus> PasswordSignInAsync(string userName, string password, bool isPersistent, bool shouldLockout)
{
    if (Membership.Provider.ValidateUser(userName, password))
    {
        var user = UserManager.FindByName(userName);
        if (user == null)
        {
            return SignInStatus.Failure;
        }

        await base.SignInAsync(user, isPersistent, shouldLockout);
        return SignInStatus.Success;
    }

    return SignInStatus.Failure;
}
share|improve this answer
    
you are right about async. but is the implementation okay? i mean i used signinasync method inside passwordsigninasync and also called membershipprovider inside passwordsigninasync. Is this the correct way to go? – th1rdey3 May 10 at 13:53
    
@th1rdey3 sorry, I don't have experience with ASP.NET Identity so can't answer those questions. I hope someone else can help you out there. – mjolka May 10 at 14:05
up vote 2 down vote

Try using ContinueWith.

I cannot test the Membership Provider part at this time, but the ContinueWith I use in a similar fashion in this exact same method. In your situation PasswordSignInAsync will fail and will give control to ContinueWith and there you can ignore the passed in signInStatus and put your own custom code. Your situation is different in that you don't need to run the base.PasswordSignInAsync(). If so, maybe it is useful to others needing it like I did. In the ContinueWith block I had to put some custom code to run things against our own security framework.

    public override Task<SignInStatus> PasswordSignInAsync(string userName, string password, bool isPersistent, bool shouldLockout)
    {
        return base.PasswordSignInAsync(userName, password, isPersistent, shouldLockout).ContinueWith(signInStatus =>
        {
            if (signInStatus.Result == SignInStatus.Failure)
            {
                if (Membership.Provider.ValidateUser(userName, password))
                {
                    var user = UserManager.FindByName(userName);
                    if (user == null)
                    {
                        return SignInStatus.Failure;
                    }

                    base.SignInAsync(user, isPersistent, shouldLockout);
                    return SignInStatus.Success;
                }
            }

            return signInStatus.Result;
        });
    }
share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.