开发者

Active Directory + HTTP Authentication

开发者 https://www.devze.com 2023-03-01 16:41 出处:网络
Ok, I\'m working on an asp.net web application to be used internally to track where our staff goes out on campus and what they\'re doing.

Ok, I'm working on an asp.net web application to be used internally to track where our staff goes out on campus and what they're doing.

We currently use a system for this that uses "NoSQL" tables (which not 100% familiar anyway..) but it's old system using cgi scripts. So I'm rewriting it in asp.net to kind-of update the system to be more modern with a modern design and adding in active directory authentication for it since it uses it's own user databas开发者_如何学Goe separate from AD which we use everywhere else.

I've found an article to enable Active Directory Authentication via web.config, however, I'd rather instead of using forms authentication, I'd like to tie this into an HTTP-Prompt for authentication. I've tried some Google searches to try to find a solution, but I can't seem to find anyone out there that has done this before.

Thanks in advance.


First off, if you are going to authenticate people with their domain credentials, you should make sure to use HTTPS since otherwise their passwords will be easily obtainable using a network sniffer.

OK so what you are talking about is Windows authentication mode in ASP.NET with IIS Basic Authentication. You need to configure the following things in your web.config:

<configuration>
  <connectionStrings>
    <add name="ADConnectionString" connectionString="LDAP://your.ad.fqdn.com/DC=com,DC=fqdn,DC=ad,DC=your"/>
  </connectionStrings>
  <system.web>
    <membership defaultProvider="ADMembershipProvider">
      <providers>
        <add name="ADMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADConnectionString" connectionUsername="MYNTDOMAIN\someuser" connectionPassword="asdf1234"/>
      </providers>
    </membership>
    <authentication mode="Windows"/>
  </system.web>
</configuration>

Next you are going to want to configure IIS for Basic Authentication. Assuming you are running IIS 7.x, In IIS Manager find the root folder of your application, then click Authentication. You should be able to enable Basic Authentication here. You can also enable Windows Authentication to allow IE/Chrome users to log in automatically:

Active Directory + HTTP Authentication


Windows auth is usually transparent (they automatically authenticate with the credentials they are logged into Windows with). If you want them to be forced to enter credentials, your page needs to return a 401 HTTP status code.


It sounds like you want to enable Windows authentication within your ASP.NET application instead of Forms Authentication. It basically involves changing the authentication type in web.config from "Forms" to "Windows" and then setting up user/group permissions within IIS. The link below goes into specifics on those changes.

More info:

MSDN Article on Windows Authentication in ASP.NET

0

精彩评论

暂无评论...
验证码 换一张
取 消