Menu
Please provide guidance on how to implement Windows Authentication on ASP.NET Core RC2+.
I see other SO questions that describe bearer authentication like Bearer Authentication with ASP.NET Core RC2 404 instead of 403
But that is not what I am looking for.
354
a) To create a web api project in windows authentication mode, follow below steps: After choosing ASP.Net Web Application, select Web API template and from the right side click Change Authentication button and select Windows Authentication.
This blog starts with authentication and authorization concepts and after that explains the three default important ways and three custom authentication ways for doing authentication and authorization i.e. windows, forms ,passport, multipass, JWT and SAML authentication.
You can do this using WebListener, like so:
Open your project.json and add WebListener to dependencies:
"dependencies" : {
...
"Microsoft.AspNetCore.Server.WebListener": "0.1.0-rc2-final"
...
}
Add WebListener to commands (again in Project.json)
"commands": {
"weblistener": "Microsoft.AspNet.Hosting --server Microsoft.AspNet.Server.WebListener"
},
In Startup.cs, specify the WebHostBuilder to use WebListener with NTLM
var host = new WebHostBuilder()
// Some configuration
.UseWebListener(options => options.Listener.AuthenticationManager.AuthenticationSchemes = AuthenticationSchemes.NTLM)
// Also UseUrls() is mandatory if no configuration is used
.Build();
That's it!
109
This doesn't appear to work any longer in the .Net Core 1.0.0 (RTM). I do the WebHostBuilder exactly as above in Ivan Prodanov's answer; it runs, don't get an error there, but the HttpContext.User is not marked with a WindowsIdentity. Following code used to work in ASP.Net 5 beta6:
in project.json:
"version": "1.0.0"
"dependencies": {
"Microsoft.AspNetCore.Owin": "1.0.0",
"Microsoft.AspNetCore.Server.WebListener": "0.1.0",
in middleware class:
public async Task Invoke(HttpContext context)
{
try
{
ClaimsPrincipal principal = context.User;
// <-- get invalidcastexception here:
WindowsIdentity winIdentity = (WindowsIdentity)principal.Identity;
....
....
Check your launchSettings.json file - change anonymousAuthentication to false
"iisSettings": {
"windowsAuthentication": true,
"anonymousAuthentication": false,
For deployment to iis check this Asp.Net core MVC application Windows Authentication in IIS
41
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
