I'm making a mobile app using web api 2 as a back end with an angularjs/html5 front end. As a result, razor is out.
I've found a bunch of third party log in solutions but nothing specific for windows authentication. I wound up restarting my web api project to "individual user Accounts" instead of "windows authentication" since that seems to automatically put in oWin and oAuth. But I'm unsure of where to go from there.
I feel like this is something simple that I'm missing. Can anyone point me in the right direction?
You should configure your WebAPI and IIS to support Windows Authentication.
I assume that you had included
<authentication mode="windows">
in Web.Config of WebAPI. Hope IIS is also configured appropriately.
And when you call your WebAPI from HTML (say $.ajax or equivalent) make sure you include
xhrFields: { withCredentials: true }
in that call.
Related
I've got an web app developed using angularjs for the front-end, java ee for the server side and a java restful api to connect both ends. I am using glassfish for the development process but the solution should be compatible with websphere, wildfly (not as important as the other three) and weblogic (doesn't need to be the same approach to all of them but that would be ideal).
So both the front-end and the resful api authenticate against the server which was solved by using BASIC authentication and only ONE username/password combination was asked for. When I changed BASIC to be FORM (using j_security_check) so I could design a proper login page. After having changed this, first I have to login using the form and then I have to login against the rest api as well, which is not what I want. So I've been trying different approaches ever since without any success.
Things I've tried so far:
Create a filter so I can capture username/password and add this into the header of the restful calls so no log in info is asked after the form login page -> doesn't work in glassfish
Change the login for specified in the web.xml for one developed by myself using angular so I can capture username/password and use an injector to add it to all the calls to the resful api -> Cannot login against the server since it doesn't accept any of my attempts by either rejecting then or saying that the page doesn't exist (probably doing it wrong but couldn't find much info about this...)
Using web.xml form authentication try adding an angular controller to capture the username/password and use an injector (angular doesn't work with the login page using j_security_check)
Capturing the response from the server on login so I can use the session to authenticate when using the restful api (don't know how to capture the response in the form page...)
Any thoughts are more than welcome after almost two weeks trying to make this work.
If you need more information or a example of any part of the code please just say and I will add it to the question.
Thanks!
I'm developing a web application with (MVC5 + AngularJS) for UI and WebAPI2 for webservices. Theose are two seperate projects hosted in different servers. And i'm Authenticating my webapp against an Active Directory. I enabled Windows Authentication for it and everything works perfect so far.
Now the problem is, I want to enable Windows Authentication on my WebAPI too. Only the authorized active directory users should be able to consume the web services. I enabled Windows Authentication features in IIS.
If i do so, the login prompt is fired twice. One for my MVC5, and second one fired when a webapi call is sent from angularjs. So literally i'm entering credentials twice.
So my question is, Can we inherit/pass the credentials of first login to the WebAPI ajax call, so that we can supress the second prompt.
Thanks in advance...!!
I'm currently try to develop an Office web addin, integrated in the Outlook (Read and Compose).
Everything works fine, except the authentication process.
Indeed, We have to authenticate the user from within Azure AD to access another application (our own application using the Azure AD Architecture where we need to call some web apis)
The solution I used is issued from this great article from Richard diZerega :
Connecting to SharePoint from Azure web app
This solution (we opt for the last scenario) works fine in our Desktop and Web based solution.
But it clearely doesn't work in phone web app , IOS app.
The problem comes from the popup Windows allowing the user to log in.
Actually, window.open, window.location.replace etc ... don't work "as expected" in our Outlook frame.
Everytime it open a popup window. (This is a good solution when the user use the desktop or web Outlook application)
I remember read somewhere that the Office Window where the plugin is loaded, is a secured Window where we can't do any sort of redirection.
I tried to work with ADAL.js, enabling the implicit flow of course, but the problem is the same. We need to redirect the frame to the Azure AD login page.
Finally, the question is : How to deal with an OAuth2/OpenID authentication in an Outlook web addin, and when we want it to work with all kind of devices ?
Login in Adal.Js is a page redirect by default. You don't have pop up issue. Adal.Js gets idtoken initially to be used for your own back end. It also does iframe requests to get access tokens for API endpoints. Office365 APIs support CORS api requests and you can use adal.js to send requests. Tokens will be attached to the requests if you define the endpoints in the config.
You can read about examples here: https://blogs.office.com/2015/03/06/increasing-opportunities-javascript-developers-office-365-platform/
or here : http://www.andrewconnell.com/blog/adal-js-cors-with-o365-apis-files-sharepoint
I'm plan on deploy a Java application to Google AppEngine and use federated login (still experimental according to Google). The application is pretty simple Java EE application which expose RESTful interface for simple CRUD operations.
I then want to be able to authenticate to this application using Windows Client Application written in C#.
I think the application should be able to open a window with a browser in ti which will present the login page of my web application and after successful authentication I should be able to get the login token or a cookie to use in the rest of my HTTP requests.
Is it possible to do such thing using federated login? I've found a post explain how to do it using google proprietary login.
Thank you,
Ido.
I've manage to make this work much easier then I thought it would be.
When I send HTTP request to my web service I get 302 Found response with response header name Location which point to the login page.
I use WebBrowser control, register to it Navigated even and navigate to the URL in the Location header.
When the Navigated even fire I use the code from this answer to get the cookies container.
I check each cookie until I find one with the name ACSID and store it.
For every web request to my service I add cookie name ACSID with the value saved at step 4.
This is not the most secure way of doing this. I will add check for the domain of the cookie but this looks good.
Is it possible to get Silverlight ASP.NET Forms authentication working on IIS?
I followed sample http://blogs.msdn.com/b/brada/archive/2008/05/03/accessing-the-asp-net-authentication-profile-and-role-service-in-silverlight.aspx and it works on ASP.NET Development Server but when hosting on IIS I get Error: "You are not authorized to view this page due to invalid authentication headers.".
Any success out there?
I can help you get rid of this ""You are not authorized to view this page due to invalid authentication headers"." error. You need to enable Anonymous authentication on your deployed application. That's it.
But Enabling forms authentication along with anonymous authentication is what I am looking for. Point is that I need to get users download my .xap which requires anonymous authentication but once .xap is downloaded in user's silverlight player, it wants to use forms authentication for log in. Multiple authentication at once doesn't seem to work for me. If you know anything in this regard, let me know please.