stackoom
  简体   繁体   中英

.NET OWIN Authentication - Cookie + Windows (active directory)

 原文  2015-03-26 10:09:43       c#/ asp.net/ authentication/ active-directory/ owin

Question

I'm currently working on a project which has an authentication requirement which is causing me some problems and I'd like some guidance on the best way to achieve it.

I have an internet C# MVC 5 project which currently has OWIN cookie authentication in place for external users. We now need to allow internal users to be able to access the application through Active Directory. Basically, an internal user would log in to their Windows computer, navigate to the website and they'll be signed in.

I don't have any experience of doing AD authentication, so it's a bit of a black hole at the moment.

I'm assuming, using OWIN, I need to create a new authentication middleware that can run before my cookie authentication.

However, I'm not sure where to start with setting this AD middleware up, or whether there is an existing one I can use.

I've tried searching around but can't seem to find much information on doing AD authentication through OWIN, there's just a lot about Azure AD.

I did come across this one https://github.com/MohammadYounes/OWIN-MixedAuth , but running locally, it's using Windows basic authentication, perhaps this can be adjusted for my purposes?

Could someone offer some advice on how to achieve this?

Thank you!

2 answers

solution1
 1  2015-03-26 10:28:37

I was facing the same problem not-so-long ago, and went the route to use NTLM authentication (which boils down to what you want, intranet users will be "signed-in" automatically) while keeping full application accounts (ASP:NET Identity 2.0), you may want to check my OWIN NTML authentication middleware:

https://github.com/pysco68/Pysco68.Owin.Authentication.Ntlm

You will need to add a route to you "accounts controller" to handle the sign-in with NTLM and the creation of a local application account (if required). As a comfort-feature you could add an automatic redirect to that sign-in route for users from your intranet.

I hope this helps.

solution2
 1  2015-03-26 12:49:24

The link you came across is using Integrated Windows authentication NOT basic authentication .

I think your situation is similar to this one . The same can be achieved using OWIN-MixedAuth as per this comment .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.Net MVC with Active Directory Authentication using Owin Middleware .net core 5 Windows Authentication and Active Directory resources Using both OWIN Cookie Authentication and Windows Authentication in the same MVC application OWIN Cookie Authentication ASP.NET MVC 5: App Pool, Windows Authentication and Active Directory Asp.net WebPage with Windows Authentication aganst Active Directory Windows Authentication with Active Directory Groups OWIN cookie authentication without ASP.NET Identity Cookie persistence not working in OWIN authentication Owin authentication with windows and certificate
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM