[plt-scheme] Password validation in the web-server on Windows

From: Yoav Goldberg (yoav.goldberg at gmail.com)
Date: Sun Oct 16 18:41:21 EDT 2005

Look for advapi32.dll, you should have it on your machine.

Here is some sample code:
(require (lib "foreign.ss"))
(unsafe!)
(define advapi (ffi-lib "advapi32"))
(define LogonUserA (get-ffi-obj "LogonUserA" advapi (_fun _string
_string _string _int _int (_ptr o _int) -> _int)))
(define check-login
  (lambda (username domain pass)
    (if
        (= 0 (LogonUserA username domain pass 4 0)) ;;
4:LOGON32_LOGON_BATCH 0:LOGON32_PROVIDER_DEFAULT
        #f
        #t)))

Note: as I said, I'm on a win2k machince, so it always fail here.
It should work fine on WinXP - if it doesn't, maybe it's because
_string is not the correct type to use - I don't know "foreign.ss"
well enough. Also, keep in mind that this code doesn't close the
returned handle, and on a real system you definately want to close
that handle (using the CloseHandle API).

Yoav

Yoav

On 10/16/05, Jens Axel Søgaard <jensaxel at soegaard.net> wrote:
> Yoav Goldberg wrote:
> > That's good.
> > Windows API has the function "LogonUser", that does what you want.
> > Unfortnately, it requires the calling process to "run as system" on
> > Windows 2000 computers. Luckily for you, that's not the case with
> > Windows Server 2003 and WindowsXP.
> >
> > So, the easiest solution for you is to use the foreign interface to
> > call this API.
> >
> > I would have posted an example, but my computer is Win2k, and so it
> > always fail, and so I'm not sure my code is even correct.
> >
> > Anyhow, the API call is documented here:
> > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthn/security/logonuser.asp
>
> That looks promising indeed. On closer reading I can see, that
> works only on the server:
>
>   Requirements
>   Client       Requires Windows XP, Windows 2000 Professional, or
>                 Windows NT Workstation 4.0 SP3 and later.
>   Server       Requires Windows Server 2003, Windows 2000 Server, or
>                 Windows NT Server 3.51 and later.
>
>   Library
>
>   Link to Advapi32.lib.
>   DLL  Requires Advapi32.dll.
>
> (I couldn't find Advapi32.lib on my XP-machine)
>
> For my purpose that is good enough (I think), but I'd love to know
> how to do it on a client.
>
> --
> Jens Axel Søgaard
>
>
>
>


Posted on the users mailing list.