This shows you the differences between two versions of the page.
|
middleware:ed:edid:usage [2009/10/14 11:35] dhawes |
middleware:ed:edid:usage [2009/11/10 13:47] (current) serac Added .NET usage example. |
||
|---|---|---|---|
| Line 672: | Line 672: | ||
| 142 return 0; | 142 return 0; | ||
| 143 } | 143 } | ||
| + | </code> | ||
| + | |||
| + | |||
| + | ===== .NET Applications ===== | ||
| + | **Prerequisites** | ||
| + | - .NET Framework 2.0 or higher. (System.DirectoryServices was introduced in that version.) | ||
| + | - A PKCS#12 file containing your ED-ID certificate/key pair must be installed into the Personal certificate store of the Local Machine. See [[http://technet.microsoft.com/en-us/library/bb727068.aspx]] for more information on certificate management in Windows. | ||
| + | |||
| + | <code c#> | ||
| + | using System.Security.Cryptography.X509Certificates; | ||
| + | using System.DirectoryServices.Protocols; | ||
| + | |||
| + | ... | ||
| + | |||
| + | string ldapHost = "id.directory.vt.edu"; | ||
| + | int ldapPort = 636; | ||
| + | // The following should be the uusid of your ED-ID service | ||
| + | string certCN = "YOUR_UUSID" | ||
| + | string ldapBase = "ou=people,dc=vt,dc=edu" | ||
| + | string ldapQuery = "uupid=SOME_UUPID"; | ||
| + | |||
| + | // Create connection and attempt to bind and search | ||
| + | LdapConnection conn = null; | ||
| + | try | ||
| + | { | ||
| + | conn = new LdapConnection( | ||
| + | new LdapDirectoryIdentifier(ldapHost, ldapPort), | ||
| + | null, | ||
| + | AuthType.External); | ||
| + | // VT Enterprise Directory requires LDAPv3 | ||
| + | conn.SessionOptions.ProtocolVersion = 3; | ||
| + | conn.SessionOptions.SecureSocketLayer = true; | ||
| + | |||
| + | // Look up client cert in Local Machine store by subject CN | ||
| + | conn.SessionOptions.QueryClientCertificate = | ||
| + | delegate(LdapConnection c, byte[][] trustedCAs) | ||
| + | { | ||
| + | X509Store lmStore = new X509Store(StoreName.My, StoreLocation.LocalMachine); | ||
| + | lmStore.Open(OpenFlags.ReadOnly); | ||
| + | // Uncomment the following lines to help diagnose cert problems | ||
| + | //Console.WriteLine(); | ||
| + | //Console.WriteLine("Available certificates in Local Machine store:"); | ||
| + | //foreach (X509Certificate cert in lmStore.Certificates) | ||
| + | //{ | ||
| + | // Console.WriteLine(" " + cert.Subject); | ||
| + | //} | ||
| + | X509Certificate2Collection clientCerts = lmStore.Certificates.Find( | ||
| + | X509FindType.FindBySubjectName, certCN, true); | ||
| + | if (clientCerts.Count == 0) | ||
| + | { | ||
| + | throw new ArgumentException("Cannot find certificate " + certCN); | ||
| + | } | ||
| + | return clientCerts[0]; | ||
| + | }; | ||
| + | conn.Bind(); | ||
| + | |||
| + | // The 4th parameter, attributeList, is omitted to indicate all available attributes | ||
| + | SearchResponse response = (SearchResponse)conn.SendRequest( | ||
| + | new SearchRequest(ldapBase, ldapQuery, SearchScope.Subtree)); | ||
| + | Console.WriteLine(); | ||
| + | Console.WriteLine(response.Entries.Count + " entries found:"); | ||
| + | foreach (SearchResultEntry entry in response.Entries) | ||
| + | { | ||
| + | Console.WriteLine(" " + entry.DistinguishedName); | ||
| + | foreach (String name in entry.Attributes.AttributeNames) | ||
| + | { | ||
| + | Console.Write(" " + name + "="); | ||
| + | int n = 0; | ||
| + | foreach(object value in entry.Attributes[name].GetValues(typeof(string))) | ||
| + | { | ||
| + | if (n++ > 0) | ||
| + | { | ||
| + | Console.Write(','); | ||
| + | } | ||
| + | Console.Write(value); | ||
| + | } | ||
| + | Console.WriteLine(); | ||
| + | } | ||
| + | } | ||
| + | } | ||
| + | finally | ||
| + | { | ||
| + | if (conn != null) | ||
| + | { | ||
| + | conn.Dispose(); | ||
| + | } | ||
| + | } | ||
| </code> | </code> | ||