[Mono-list] Trying to authenticate users against Active Directory from Mono
Martin Thwaites
monoforum at my2cents.co.uk
Thu Jun 23 22:14:13 UTC 2016
I think you'll struggle with this. Authenticating with a 403 challenge (as
in NTLM) may not work on the linux. You may be able to try doing the
concurrent bind about the domain with the credentials, but I doubt you'll
get it in the same way as windows authentication works in IIS.
A better option would be to implement an ADFS server in your domain, and
accept users using a SAML response. There are various libraries out there
that do that, not sure which work on mono, but they use standard libraries
so I can't imagine it would be that hard. We use Kentor.AuthServices on
windows, but I would imagine it would work on Mono.
On 23 June 2016 at 11:57, James Allsopp <jamesaallsopp at googlemail.com>
wrote:
> Hello,
> I'm trying to authenticate users of an Asp.Net MVC4 site against an Active
> Directory Server. The site's going to be running on CentOS 7 running nginx.
>
> I've managed to use the Novell.Directory.LDAP code to successfully query a
> OpenDS LDAP test server, and I've used LDAPAdmin to connect to the main AD
> server, but this required the GSSAPI option with "Use current user
> credentials" option. I have no idea how to supply this from Mono.
>
> Once I've done this, I've then no idea how I should reimplement the
> "PrincipalContext.ValidateCredentials" method using the Novell code.
>
> If anyone can offer any suggestions, I would be very grateful,
>
> Thanks,
> James
>
> _______________________________________________
> Mono-list maillist - Mono-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-list
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ximian.com/pipermail/mono-list/attachments/20160623/696fa5f2/attachment.html>
More information about the Mono-list
mailing list