Base solution for your next web application
Starts in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Windows Authentication - ASP.NET Core and Angular 9 - Single Application #9172


User avatar
0
Mepgovlic created

Hello,

We started a new project based on ASPNETZERO the template of ASP.NET Core and Angular 9. We would like to enable our users to access the application using their active directory account and without being prompted to enter username and password.

We followed some articles in the documentation and some posts in stackoverflow but we are not able to get this to work, here is what we did:

  • In login.component.ts we added the following lines in ngOnInit (We added the appsettings and its initialization in AppConsts as well): if (AppConsts.isWindowsAuthentication == true) { this.loginService.authenticateModel.userNameOrEmailAddress = 'foo'; this.loginService.authenticateModel.password = 'bar'; this.login(); }
  • In the project MyProject.Core we added the following external auth source: public class AlwaysTrueExternalAuthSource : DefaultExternalAuthenticationSource<Tenant, User>, ITransientDependency { public override string Name => "AlwaysTrueExternalAuthSource"; public override Task TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, Tenant tenant) { return Task.FromResult(true); } }
  • In the file CoreModule class and in the PreInitialize method we added the follow: Configuration.Modules.Zero().UserManagement.ExternalAuthenticationSources.Add<AlwaysTrueExternalAuthSource>();
  • In the project MyProject.Web.Core in the TokenAuthController in the Authenticate method we added the following lines: var windowsIdentity = WindowsIdentity.GetCurrent(); model.UserNameOrEmailAddress = windowsIdentity.Name.ToLowerInvariant(); model.UserNameOrEmailAddress = model.UserNameOrEmailAddress.Substring(model.UserNameOrEmailAddress.IndexOf("\\") + 1);

We published the application to IIS and when we browse the application, we are redirected to the login page and the username and password are by default filled with foo and bar and then the login process is triggered and the page is redirected.

  • On Chrome
    • We are presented with the windows authentication prompt for user and if we enter the user we keep getting the prompt again and again and in the console we get this error if we cancel: AbpUserConfiguration/GetAll?d=1591821199097 net::ERR_CONNECTION_RESET 401 (Unauthorized)
  • On Edge
    • We have the same scenario except that we are not prompted with the windows authentication prompt to login and we get the following error in the console:

Notes: We published the application to IIS and we enabled Windows Authentication and we also installed IIS CORS Module and configured it although this is not required because we are using a signle application to host both backend and frontend applications.

Your support is highly appreciated, this should be easy task following the documentation but it is not getting to work and we have spent 2 days on this and we can't be delayed more.

Best regards, Anas Nabelsi.


3 Answer(s)
  • User Avatar
    0
    musa.demir created

    Ldap is already implemented. Did you try to use it?

    https://aspnetboilerplate.com/Pages/Documents/Zero/User-Management#ldap-active-directory

  • User Avatar
    0
    Mepgovlic created

    Hello,

    Thank you for your response, but It is not the solution that we are looking for, we already tested LDAP and it is working but as I was informed by the team, if we enable the LDAP we will lose the Multitenancy feature which is a very important feature in our case we have at least 3 tenants.

    Regards, Anas Nabelsi.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    If you are using 8.1 or above, each tenant can configure its own LDAP config, see https://docs.aspnetzero.com/en/common/latest/Change-Logs#v8-1-0-2019-12-20. So, you can use multi tenancy and LDAP together.