{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Ridiculous、 的问题《ASP.NET Core 2.0 LDAP Active Directory Authenticat》','https://www.manongdao.com/q-261780.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have found a lot of information from the past saying that LDAP authentication isn't enabled yet but you can get around that using third party packages. However, it seems that LDAP authentication WAS implemented back in January. I can't seem to find any information on HOW to implement it.
I already have custom authentication set up in my project, I just need the logic to fill in the HandleAuthenticateAsync method.
I have tried using other examples, but they don't seem to work with .NET Core 2.0.
Here is the only relevant code that I have that I can think of posting
protected override Task<AuthenticateResult> HandleAuthenticateAsync()
{
// Get Authorization header value
if (!Request.Headers.TryGetValue(HeaderNames.Authorization, out var authorization)) {
return Task.FromResult(AuthenticateResult.Fail("Cannot read authorization header."));
}
// TODO: Authenticate user
// Create authenticated user ticket
var identities = new List<ClaimsIdentity> { new ClaimsIdentity("custom auth type") };
var ticket = new AuthenticationTicket(new ClaimsPrincipal(identities), Options.Scheme);
return Task.FromResult(AuthenticateResult.Success(ticket));
// else User not authenticated
return Task.FromResult(AuthenticateResult.Fail("Invalid auth key."));
}
So, my question is, how do I implement LDAP Authentication in .NET Core 2.0?
Thanks to Win's Answer for pointing out that I needed to use Windows Compatibility Pack, I was able to figure this out.
The first thing I had to do was install the Nuget package
At the time, I needed a preview version, so I appended
-Version 2.0.0-preview1-26216-02on the end of this commandThen, add using statements for
System.DirectoryServicesandSystem.DirectoryServices.AccountManagementThen, just plug this logic into my
HandleAuthenticateAsyncmethod:According to #2089, it is only available in Windows Compatibility-Pack for .NET Core. I currently use Novell.Directory.Ldap.NETStandard.
For authentication and authorization, we can use Cookie Authentication Middleware with claims.
It has few moving pieces, so I created a working sample project at GitHub. There are two main pieces - LdapAuthenticationService and SignInManager.