DEVHIDE
Login Or Sign up

ASP.NET Core "fake" Mixed Authentication

719 Views Asked by At

I'd like to implement a "fake" Mixed Authentication using ASP.NET Core Identity and Individual User Accounts as the underlying authorization method.

The process should be like that:

  1. database User table is populated with all employees (i.e. Username is John.Smith or Jane.Smith)
  2. user opens the Intranet app which is deployed on IIS with Windows Authentication enabled
  3. user is authenticated upon AD and its username is DOMAIN\John.Smith
  4. system does another authentication upon database data using John.Smith as a login without password
  5. system issues a new authentication ticket for John.Smith with all its roles and claims fetched from the database

I'm stuck at point 4, where should I do that "fake" authentication?

.net asp.net-core asp.net-identity windows-authentication mixed-authentication
Original Q&A
1

There are 1 best solutions below

0
Nan Yu On

You doesn't need to start a new authentication and issue a new ticket , you can keep using the ticket/principle authenticated from windows authentication , you can use IClaimsTransformation to associate your current windows authentication user with local database user :

public class ClaimsTransformer : IClaimsTransformation
{
    public Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)
    {
        var id = ((ClaimsIdentity)principal.Identity);

        var ci = new ClaimsIdentity(id.Claims, id.AuthenticationType, id.NameClaimType, id.RoleClaimType);

        //read database and create/check a user in local database , add userID as claim in Principal
        if (....)
        {
            ci.AddClaim(new Claim("localUserID", "XXX"));
        }
        else
        {
            ci.AddClaim(new Claim("localUserID", "XXXX"));

        }


        var cp = new ClaimsPrincipal(ci);

        return Task.FromResult(cp);
    }
}

In IClaimsTransformation ,after windows authentication , you can check/create a local user in your database with windows user's id/name , add id which identify local user in database to ClaimsPrincipal , so that next time you can use that claim to identify local database user when performing user management .

Related Questions in .NET

Related Questions in ASP.NET-CORE

Related Questions in ASP.NET-IDENTITY

Related Questions in WINDOWS-AUTHENTICATION

Related Questions in MIXED-AUTHENTICATION

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

Copyright © 2021 Jogjafile Inc.