stackoom
  简体   繁体   中英

ASP.Net MVC with Active Directory Authentication using Owin Middleware

 原文  2016-11-02 15:05:22       c#/ .net/ asp.net-mvc

Question

I need to create an ASP.NET MVC 5 application that would use a form (like when using Individual User Accounts) for login but instead of using user info in the database, use the Windows / AD account and credentials.

In other words like using Windows Authentication but using an html form instead of the popup Windows authentication usually shows. Is this possible?

Ideally authentication would be relegated to IIS and use the same protocols and allow or deny users based on roles.

How can I do this?

What do I need to configure in the web.config?

What do I need to have in Startup.Auth.cs?

1 answers

solution1
 8 ACCPTED  2016-11-02 18:52:05

I created a sample project at GitHub called AspNetMvcActiveDirectoryOwin . You can fork it.

There are few steps you will want to following -

First of all, you want to authenticate with Active Directory. 

public class ActiveDirectoryService : IActiveDirectoryService
{
    public bool ValidateCredentials(string domain, string userName, string password)
    {
        using (var context = new PrincipalContext(ContextType.Domain, domain))
        {
            return context.ValidateCredentials(userName, password);
        }
    }

    public User GetUser(string domain, string userName)
    {
        User result = null;
        using (var context = new PrincipalContext(ContextType.Domain, domain))
        {
            var user = UserPrincipal.FindByIdentity(context, userName);
            if (user != null)
            {
                result = new User
                {
                    UserName = userName,
                    FirstName = user.GivenName,
                    LastName = user.Surname
                };
            }
        }
        return result;
    }
}

Second, you want to create claims which will be used in Owin Middleware. 

public class OwinAuthenticationService : IAuthenticationService
{
    private readonly HttpContextBase _context;
    private const string AuthenticationType = "ApplicationCookie";

    public OwinAuthenticationService(HttpContextBase context)
    {
        _context = context;
    }

    public void SignIn(User user)
    {
        IList<Claim> claims = new List<Claim>
        {
            new Claim(ClaimTypes.Name, user.UserName),
            new Claim(ClaimTypes.GivenName, user.FirstName),
            new Claim(ClaimTypes.Surname, user.LastName),
        };

        ClaimsIdentity identity = new ClaimsIdentity(claims, AuthenticationType);

        IOwinContext context = _context.Request.GetOwinContext();
        IAuthenticationManager authenticationManager = context.Authentication;

        authenticationManager.SignIn(identity);
    }

    public void SignOut()
    {
        IOwinContext context = _context.Request.GetOwinContext();
        IAuthenticationManager authenticationManager = context.Authentication;

        authenticationManager.SignOut(AuthenticationType);
    }
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Active Directory Authentication on ASP.NET MVC Active Directory Authentication using Client Certificate in ASP.NET MVC Authentication using active directory in asp.net MVC Active Directory authentication using ASP.NET MVC 3 and c# How to make/create owin authentication middleware in asp.net vnext(MVC 6)? ASP.NET MVC 5: App Pool, Windows Authentication and Active Directory Asp.net mvc authentication storing Active Directory groups in a session ASP.NET MVC Active Directory Authentication return URL issue Am I using Active directory authentication in my ASP.NET MVC 5 app? ASP.NET MVC4 application using Angular.JS Active Directory Authentication
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM