[英]Adding ASP.NET impersonation users of specific domain to windows authentication
I have MVC4 application installed in windows server 2008 in my company(IIS 7.5). 我在公司(IIS 7.5)的Windows Server 2008中安装了MVC4应用程序。 to access the windows server remotely we use(xxxxDMZ\\username, password) which are the same windows authentication required to access specific page of the website.
要远程访问Windows服务器,我们使用(xxxxDMZ \\ username,password),这与访问网站的特定页面所需的Windows身份验证相同。 My problem is not everyone has this "xxxxDMZ" account so they can't access that page, what I am trying to do is adding their windows login credentials to access that page(by only adding the username) which that would be 'xxxx\\username'.
我的问题是不是每个人都拥有此“ xxxxDMZ”帐户,所以他们无法访问该页面,我要做的是添加其Windows登录凭据以访问该页面(仅添加用户名),该用户名将为“ xxxx \\用户名'。
I read that in order to do that I have to use impersonation but I can't find clear way to implement it. 我读过这篇文章,为了做到这一点,我必须使用模拟,但是我找不到实现它的明确方法。
Any help is haghly appreciated. 非常感谢任何帮助。
Thank you very much in advance! 提前非常感谢您!
Here is a function you could use. 这是您可以使用的功能。 But the Domain needs to be accessible from the DMZ... which means opening up ports between your DMZ and your domain controller.
但是需要从DMZ访问域...这意味着在DMZ和域控制器之间打开端口。
public bool ValidateUser(string userName, string password)
{
bool validation;
try
{
LdapConnection ldc = new LdapConnection(new LdapDirectoryIdentifier((string)null, false, false));
NetworkCredential nc = new NetworkCredential(userName, password, "DOMAIN NAME HERE");
ldc.Credential = nc;
ldc.AuthType = AuthType.Negotiate;
ldc.Bind(nc); // user has authenticated at this point, as the credentials were used to login to the dc.
validation = true;
}
catch (LdapException)
{
validation = false;
}
return validation;
}
ref : LDAP Authentication in ASP.Net MVC 参考: ASP.Net MVC中的LDAP身份验证
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.