Blazor - Windows Authentication

Question

I designing an in-house app that requires user authenticate against the AD. With that said, user has to provide his/her id/password at the login screen in order for the authentication. (We don't want anyone can just open the app and do whatever)

I have gone through several articles about setting up the environment and use the existing identity via System.Security.Principal.WindowsIdentity.GetCurrent(). No one talks about authenticating via information provided by the UI.

I have the login form built and I have a customized AuthenticationStateProvider, but I don't know how to pass the credential that I got from the user to Windows, so it can authenticate it with AD.

Can someone shed some light that as how I can go about doing this? Thanks!

Answer 1

Through Stefan's lead, I've found the package System.DirectoryServices.Protocols. The usage is pretty similar to the Novell mentioned by Stefan. Below is the test code that I plan to integrate into the AuthenticationStateProvider.

using (var cn = new LdapConnection(new LdapDirectoryIdentifier("ad_servername")))
{
    try
    {
        // this how you can verify the password of an user
        cn.Bind(new NetworkCredential("myid", "mypwd"));

        
    }
    catch(LdapException l)
    {
        Console.WriteLine("logon failed");
    }
}

Answer 2

I'm using the .NET Standard LDAP client library for that, it works fine.

Use it like this:

using (var cn = new LdapConnection())
{
     // connect to AD host
     cn.Connect("your_ad", 389);
     try
     {
         cn.Bind("user@domain", "pwd");
     }
     catch(LdapException e)
     {
        // invalid credentials
     }
}