How to use currently logged in Windows Active Directory user to login to a web app?
Question
I want to use the current logged in Windows AD account to authenticate with my web app. It's fine (desired, actually) to have the front end pass the authentication token (or whatever form that takes in AD) to the back end for validation with our SSO provider. But how do I get the AD information into the front end, so that it can be passed the back end? What does this info look like, how is it acquired, etc? I can't find any tutorials or guidance on the topic.
I know this is possible because I see it being done on other web apps, but I don't know how to do it myself and am having a very hard time finding a solution.
1 answers
solution1
1 ACCPTED 2019-08-30 18:22:14
If you want seamless login (so the user doesn't have to type in their username/password) then you will want Windows Authentication. You can read about how it works here .
To make this work with Node.js Express you can use the NodeSSPI package. The documentation has examples on how to use it.
The browser will also have to trust your site before it will send credentials automatically. For IE and Chrome, that means adding the site to the list of Trusted Sites in the Internet Options. Firefox keeps its own list in the network.automatic-ntlm-auth.trusted-uris setting in about:config
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.