通过Web请求C ++ / Node.js进行Windows身份验证

Question

Problem I want to be able to use Windows Authentication with Node.js.

I understand that IIS handles Windows Authentication in ASP.NET, however what I can't figure out is, how I can get at the current Client Windows username from node.js. I get that it's not running via IIS (and don't really want to go down the IISNode route).

There must be a way of getting at the Client's windows username via Node.js - even if I have to write a C++ library / service.

Initial thoughts were that I'd be able to setup a web service within ASP.NET, which would use Windows authentication, and allow me to use a web request to get that user - but this is perhaps too naive!

I don't want to ask the user for their username and password - as this misses the point.

Any ideas, thoughts, or places I can look? Or is this just not possible?

Note: This is within a closed Intranet, and Windows Authentication is used within our ASP.NET applications along with Active Directory.

Answer 1

Approach

Unless I miss some of the requirements, you should be able to setup a IIS web site to relay requests to your Node.js application so that

• A client browser will authenticate against your IIS site;
• The IIS site will forward the authenticated request to the Node.js app and back to client.

Make sure to disable anonymous access and only use IWA for the IIS site.

Please see Relaying a request in ASP.NET for a couple of examples of how to relay requests in ASP.NET with C# or VB. You would also need to pass the user name with a header or a GET/POST parameter:

Response.AppendHeader("CustomUserNameHeader", Page.User.Identity.Name);

Assumptions

• The Node.js app needs to know the name of the user logged in on the client computer.
• It's possible to make the Node.js app accessible only from the IIS site, otherwise, the solution is completely insecure.