Integrated Windows Authentication & SSL

前端未结

关注

 2  610

长情又很酷 2021-02-06 19:23

I have an administrative website on our intranet that currently uses Integrated Windows Authentication through IIS. We would like to move this application to a

2条回答

被撕碎了的回忆 (楼主)

2021-02-06 19:44
We had similar issues on our intranet site and ended up switching from Integrated Windows Authentication to requesting their network username/password directly on the site. That way we can redirect them to HTTPS or other such things without worrying about when the authentication popup shows up.

We have some code similar to this (assuming you're using ASP.NET) that authenticates the user, and then we store the authentication state in a cookie.
```
public static bool AuthenticateUser(string username, string password)
{
    System.DirectoryServices.DirectoryEntry _entry = new System.DirectoryServices.DirectoryEntry(ldap_path, username, password, System.DirectoryServices.AuthenticationTypes.Delegation);

    bool _authenticated = false;
    try
    {
        Object _o = _entry.NativeObject;
        _authenticated = true;
    }
    catch
    {
        _authenticated = false;
    }
    finally
    {
        // Avoids the "multiple connections to server not allowed" error.
        _entry.Close();
        _entry.Dispose();
    }

    return _authenticated;
}
```
It ended up saving us tons of headache and frustration by handling all authentication in the application rather than depending on IIS.
0 讨论(0)

查看其它2个回答
发布评论:

提交评论
- 加载中...