Home Dashboard Directory Help
Search

PrincipalContext.ValidateCredentials exceptions when reusing object for multiple validations by RussellChadwick


Status: 

Active


4
0
Sign in
to vote
Type: Bug
ID: 768582
Opened: 10/24/2012 9:38:35 AM
Access Restriction: Public
1
Workaround(s)
view
2
User(s) can reproduce this bug

Description

The .NET framework code within System.DirectoryServices.AccountManagement.CredentialValidator.Validate(string userName, string password) appears to corrupt object state during a specific usage pattern.
This can be worked around by forcing a SimpleBind on every call.
I was hoping to take advantage of the connection caching in this class, but after running into this issue and seeing the code in reflector, it looks fairly scary from a thread safety standpoint.

It appears that the code tries to communicate with the Ldap server over a secure port using non secure communications.
Details
Sign in to post a comment.
Posted by Microsoft on 10/24/2012 at 11:45 PM
Thanks for your feedback.

We are rerouting this issue to the appropriate group within the Visual Studio Product Team for triage and resolution. These specialized experts will follow-up with your issue.
Posted by Microsoft on 10/24/2012 at 9:51 AM
Thank you for your feedback, we are currently reviewing the issue you have submitted. If this issue is urgent, please contact support directly(http://support.microsoft.com)
Sign in to post a workaround.
Posted by RussellChadwick on 10/24/2012 at 9:52 AM
var principalContext = new PrincipalContext(ContextType.Domain, "ip address of AD server", "user", "password");
principalContext.ValidateCredentials("user", "BadPassword", ContextOptions.SimpleBind);
principalContext.ValidateCredentials("user", "GoodPassword", ContextOptions.SimpleBind);
principalContext.ValidateCredentials("user", "BadPassword", ContextOptions.SimpleBind);