Answered by:
Credential validation on AD

Question
-
User-1912981283 posted
Hi,
i have a slight problem with checking if a given username/password is correct.
My current Code is as follows:
IntPtr pPwd = System.Runtime.InteropServices.Marshal.SecureStringToBSTR(pwd); try { using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, domain)) { auth = pc.ValidateCredentials(Username, System.Runtime.InteropServices.Marshal.PtrToStringBSTR(pPwd)); } } catch (Exception ex) { auth = false; }
Everything works as expected with one exception.
Let's assume i have the following domainuser:
Username: hans@domain.com
Password: 123
------
If i provide the following Credentials to ValidateCredentials:
Username: häns@domain.com
Password: 345
ValidateCredentials returns false as expected due to the wrong password.
------
But if i provide the following:
Username: häns@domain.com
Password: 123
ValidateCredentials returns true.
--------
Have i made a mistake in the usage of ValidateCredentials?
Thanks in advance.
~Matthias
Thursday, May 8, 2014 6:21 AM
Answers
-
User1508394307 posted
Hi Matthias,
If your user name in the Active Directory directory service contains one or more characters that have accents or other diacritical marks, you may find that you do not have to use the diacritical mark as you type your user name to log on to Windows. You can log on by using the simple form of the character or characters.- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Thursday, May 8, 2014 6:40 AM
All replies
-
User1508394307 posted
Hi Matthias,
If your user name in the Active Directory directory service contains one or more characters that have accents or other diacritical marks, you may find that you do not have to use the diacritical mark as you type your user name to log on to Windows. You can log on by using the simple form of the character or characters.- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Thursday, May 8, 2014 6:40 AM -
User-1912981283 posted
Danke für die Info, das habe ich in der Tat nicht gefunden
.
Kann ich dieses Verhalten innerhalb meiner Anwendung irgendwie verhindern ?
-------
Thanks for the Information, haven't read this so far
.
Can i prevent this behaviour from my application?
Thursday, May 8, 2014 6:50 AM -
User1508394307 posted
I don't know if it makes sense as it's a standard behavior. You can try to replace string.replace("ä","a") or use regular expressions to avoid entering umlauts but it probably depends on your requirements.
To remove "diacritics" (ä -> a, etc) try
public static String RemoveDiacritics(String s) { String normalizedString = s.Normalize(NormalizationForm.FormD); StringBuilder stringBuilder = new StringBuilder(); for (int i = 0; i < normalizedString.Length; i++) { Char c = normalizedString[i]; if (CharUnicodeInfo.GetUnicodeCategory(c) != UnicodeCategory.NonSpacingMark) stringBuilder.Append(c); } return stringBuilder.ToString(); }
http://weblogs.asp.net/fmarguerie/archive/2006/10/30/removing-diacritics-accents-from-strings.aspx
To replace ä -> ae, etc use
var map = new Dictionary<char, string>() { { 'ä', "ae" }, { 'ö', "oe" }, { 'ü', "ue" }, { 'Ä', "Ae" }, { 'Ö', "Oe" }, { 'Ü', "Ue" }, { 'ß', "ss" } }; var res = germanText.Aggregate( new StringBuilder(), (sb,c) => { string r; if(map.TryGetValue(c, out r)) return sb.Append(r); else return sb.Append(c); }).ToString();
http://stackoverflow.com/questions/1271567/how-do-i-replace-accents-german-in-net
Gruß
Thursday, May 8, 2014 7:42 AM