9

Please provide guidance on how to implement Windows Authentication on ASP.NET Core RC2+.

I see other SO questions that describe bearer authentication like Bearer Authentication with ASP.NET Core RC2 404 instead of 403

But that is not what I am looking for.

Improve this question
3
  • 3
    Do you mean using NTLM to automatically sign in your domain users? Then you need to use IIS and what IIS offers to do so and choose the "Windows authentication" template when creating a new application. If you mean to have forms sign on (i.e. using Identity), then there is no way to do this out of the box and you need to write your own Identity Authroization for it. It won't be implemented by default for security reasons Commented Jun 8, 2016 at 5:56
  • Thank you it works. Commented Jun 8, 2016 at 5:58
  • I spent an age looking for a solution for this, it turns out a simple HttpContext.User.Identity.Name works as before in ASP.NET 4 Commented Dec 5, 2016 at 14:16

3 Answers 3

Reset to default
8

You can do this using WebListener, like so:

  1. Open your project.json and add WebListener to dependencies:

    "dependencies" : {
  ...
  "Microsoft.AspNetCore.Server.WebListener": "0.1.0-rc2-final"
  ...
}

  2. Add WebListener to commands (again in Project.json)

      "commands": {
    "weblistener": "Microsoft.AspNet.Hosting --server Microsoft.AspNet.Server.WebListener"
  },

  3. In Startup.cs, specify the WebHostBuilder to use WebListener with NTLM

     var host = new WebHostBuilder()
        // Some configuration
        .UseWebListener(options => options.Listener.AuthenticationManager.AuthenticationSchemes = AuthenticationSchemes.NTLM)
        // Also UseUrls() is mandatory if no configuration is used
        .Build();

That's it!

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

Will this work on other platforms like Mac and Linux??
No. Both IIS and WebListener can host .NET Core applications only on Windows as of now. Check the link below for official documentation from the ASP.NET team docs.asp.net/en/latest/fundamentals/servers.html#weblistener
Is Kerberos supported? Or better, AuthenticationSchemes.Negotiate?
@IvanProdanov, can clarify something for me? This article says "WebListener can't be used with IIS or IIS Express...WebListener is useful for deployments where you need to expose the server directly to the Internet without using IIS." Does this mean either a) you use IIS (which requires a web.config to be created with a forwardWindowsAuthToken="true" attribute--the only way I could get Windows Auth to work), or b) you use WebListener instead of IIS?
@JamesToomey Did you ever found an answer for this James?
|
4

This doesn't appear to work any longer in the .Net Core 1.0.0 (RTM). I do the WebHostBuilder exactly as above in Ivan Prodanov's answer; it runs, don't get an error there, but the HttpContext.User is not marked with a WindowsIdentity. Following code used to work in ASP.Net 5 beta6:

in project.json:

"version": "1.0.0"
"dependencies": {
  "Microsoft.AspNetCore.Owin": "1.0.0",
  "Microsoft.AspNetCore.Server.WebListener": "0.1.0",

in middleware class:

public async Task Invoke(HttpContext context)
{
    try
    {
        ClaimsPrincipal principal = context.User;

// <-- get invalidcastexception here:
        WindowsIdentity winIdentity = (WindowsIdentity)principal.Identity;  

        ....
        ....
Improve this answer

3 Comments

Can you try adding "Microsoft.AspNetCore.Server.IISIntegration": "1.0.0" in your dependencies
In v0.1.0 it was options.Listener.AuthenticationManager.AuthenticationSchemes which has been renamed options.ListenerSettings.Authentication.Schemes. Also you must now add .AllowAnonymous = false
Switching to what @TimothyKlenke mentions, I receive "WebListenerOptions" does not contain "ListenerSettings"
3

Check your launchSettings.json file - change anonymousAuthentication to false

  "iisSettings": {
    "windowsAuthentication": true,
    "anonymousAuthentication": false,

For deployment to iis check this Asp.Net core MVC application Windows Authentication in IIS

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.