diff --git a/README.md b/README.md index de1eef7..d290cb9 100644 --- a/README.md +++ b/README.md @@ -1,25 +1,24 @@ # Microsoft.AspNetCore.Authentication.ActiveDirectory [![Build status](https://ci.appveyor.com/api/projects/status/hhd468o15oct73sg?svg=true)](https://ci.appveyor.com/project/SharePointRadi/microsoft-aspnetcore-authentication-activedirector) -Middleware for ASP.NET 5 for Windows Integrated Authentication with NTLM and Kerberos +Middleware for ASP.NET Core for Windows Integrated Authentication with NTLM and Kerberos ##Overview -This ASP.NET 5 middleware lets you authenticate to Active Directory. +This ASP.NET Core middleware lets you authenticate to Active Directory. The old school ASP.NET Membership capabilities and Forms Authentication had a nice LDAP provider, and IIS has native Windows Integrated Authentication capability, supporting both NTLM and Kerberos authentication. -The new ASP.NET 5 stuff doesn't have NTLM/Kerberos authentication middleware and ASP.NET Identity 3 doesn't have an LDAP provider. This library allows you to do Windows Integrated Authentication with ASP.NET 5. +ASP.NET Core doesn't have NTLM/Kerberos authentication middleware and ASP.NET Identity 3 doesn't have an LDAP provider. Usually, IIS handles this (and it still can), but what if you are hosting on Kestrel? This library allows you to do Windows Integrated Authentication with ASP.NET Core. ##Status -This is still work in progress. Kerberos is not attempted yet. +NTLM is working. Kerberos is not attempted yet. Todo: -- Create a Log Out action link - Get some unit tests in place -- Add comments and clean up some code +- Implement Kerberos ##Getting Started -1. Review the sample in the "samples folder. +1. Review the sample in the `samples` folder. 2. Either install through the NuGet package: https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.ActiveDirectory/ OR just reference the source code directly. @@ -37,7 +36,7 @@ app.UseNtlm(new ActiveDirectoryOptions SignInAsAuthenticationScheme = ActiveDirectoryOptions.DefaultAuthenticationScheme, }); ``` -At this stage your middleware is accessible from the {site}/windowsauthentication/ntlm endpoint. ReturnUrl will take the user to the page after login. +At this stage your middleware is accessible through the {site}/windowsauthentication/ntlm endpoint. ReturnUrl will take the user to the page after login. I use this endpoint to perform NTLM handshaking. ## Setting up a custom controller URL If you don't like the default "/windowsauthentication/ntlm", you can use the CallbackPath and LoginPath settings to configure your alternative route. @@ -113,7 +112,7 @@ See https://tools.ietf.org/html/rfc4559 for more info on NTLM ## Kudos Most of the code here is based on what Yannic Staudt developed here: https://github.com/pysco68/Pysco68.Owin.Authentication.Ntlm -It is adapted for ASP.NET vNext with some changes to the logic. A HUGE thanks for the interop class! +It is adapted for ASP.NET Core with some changes to the logic. A HUGE thanks for the interop class! ##Contribution Feel free to reach out, I would love to hear if you are using this (or trying to). Pull requests are more than welcome. diff --git a/global.json b/global.json index 3d2a5a2..d5427d4 100644 --- a/global.json +++ b/global.json @@ -1,5 +1,5 @@ { - "projects": [ "src", "../../aspnet/Security/src", "../../aspnet/HttpAbstractions/src" ], + "projects": [ "src" ], "sdk": { "version": "1.0.0-preview2-003121" } diff --git a/samples/Sample-AspNet5.Mvc6.Ntlm/project.json b/samples/Sample-AspNet5.Mvc6.Ntlm/project.json index 1bdcf06..484b581 100644 --- a/samples/Sample-AspNet5.Mvc6.Ntlm/project.json +++ b/samples/Sample-AspNet5.Mvc6.Ntlm/project.json @@ -2,6 +2,10 @@ "version": "1.0.0-*", "dependencies": { + "Microsoft.NETCore.App": { + "version": "1.0.0", + "type": "platform" + }, "Microsoft.AspNetCore.Diagnostics": "1.0.0", "Microsoft.AspNetCore.Mvc": "1.0.0", "Microsoft.AspNetCore.Server.Kestrel": "1.0.0", @@ -27,7 +31,7 @@ }, "frameworks": { - "net451": {} + "netcoreapp1.0": {} }, "buildOptions": { diff --git a/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/NtlmAuthenticationHandler.cs b/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/NtlmAuthenticationHandler.cs index 269b17c..b025ad2 100644 --- a/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/NtlmAuthenticationHandler.cs +++ b/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/NtlmAuthenticationHandler.cs @@ -50,7 +50,7 @@ protected override Task FinishResponseAsync() (Context.Items.ContainsKey(RespondNoNtlmKey)) || (Context.Items.ContainsKey(RespondType2Key))) { - if (PriorHandler.GetType().BaseType == typeof(AuthenticationHandler)) + if (PriorHandler.GetType().FullName == "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler") { var challengeContext = new ChallengeContext(ActiveDirectoryOptions.DefaultAuthenticationScheme); PriorHandler.ChallengeAsync(challengeContext); diff --git a/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/Structures.cs b/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/Structures.cs index eee49d7..0916114 100644 --- a/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/Structures.cs +++ b/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/Structures.cs @@ -139,7 +139,7 @@ public void Dispose() { if (cBuffers == 1) { - SecurityBuffer ThisSecBuffer = (SecurityBuffer)Marshal.PtrToStructure(pBuffers, typeof(SecurityBuffer)); + SecurityBuffer ThisSecBuffer = (SecurityBuffer)Marshal.PtrToStructure(pBuffers); ThisSecBuffer.Dispose(); } else @@ -153,7 +153,7 @@ public void Dispose() //What we need to do here is to grab a hold of the pvBuffer allocate by the individual //SecBuffer and release it... int CurrentOffset = Index * Marshal.SizeOf(typeof(Buffer)); - IntPtr SecBufferpvBuffer = Marshal.ReadIntPtr(pBuffers, CurrentOffset + Marshal.SizeOf(typeof(int)) + Marshal.SizeOf(typeof(int))); + IntPtr SecBufferpvBuffer = Marshal.ReadIntPtr(pBuffers, CurrentOffset + Marshal.SizeOf() + Marshal.SizeOf()); Marshal.FreeHGlobal(SecBufferpvBuffer); } } @@ -174,7 +174,7 @@ public byte[] GetBytes() if (cBuffers == 1) { - SecurityBuffer ThisSecBuffer = (SecurityBuffer)Marshal.PtrToStructure(pBuffers, typeof(SecurityBuffer)); + SecurityBuffer ThisSecBuffer = (SecurityBuffer)Marshal.PtrToStructure(pBuffers); if (ThisSecBuffer.cbBuffer > 0) { @@ -209,7 +209,7 @@ public byte[] GetBytes() //byte array... int CurrentOffset = Index * Marshal.SizeOf(typeof(Buffer)); int BytesToCopy = Marshal.ReadInt32(pBuffers, CurrentOffset); - IntPtr SecBufferpvBuffer = Marshal.ReadIntPtr(pBuffers, CurrentOffset + Marshal.SizeOf(typeof(int)) + Marshal.SizeOf(typeof(int))); + IntPtr SecBufferpvBuffer = Marshal.ReadIntPtr(pBuffers, CurrentOffset + Marshal.SizeOf() + Marshal.SizeOf()); Marshal.Copy(SecBufferpvBuffer, Buffer, BufferIndex, BytesToCopy); BufferIndex += BytesToCopy; } diff --git a/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/project.json b/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/project.json index c0d66a2..ab1c9b9 100644 --- a/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/project.json +++ b/src/Microsoft.AspNetCore.Authentication.ActiveDirectory/project.json @@ -18,10 +18,12 @@ "Microsoft.AspNetCore.Http.Extensions": "1.0.0", "Microsoft.AspNetCore.Http.Features": "1.0.0", "Microsoft.AspNetCore.WebUtilities": "1.0.0", - "Microsoft.Net.Http.Headers": "1.0.0", + "Microsoft.Net.Http.Headers": "1.0.0" }, "frameworks": { - "net451": { } + "netcoreapp1.0": {}, + "net451": { + } } }