4

We have a new application which is having ReactJS as front end and back end is .NET Core API.

A requirement is to authorize the windows logon user with respect to Active Directory.

The .NET Core API will be doing the Authorization part.

We have used the following code in .NET Core API but it is returning the ID under which the App-Pool of .NET Core API is running. We tried setting the API on Windows Authentication enabled but it did not work as well.

            dynamic userIdentity = WindowsIdentity.GetCurrent();
            dynamic userPrincipal = new WindowsPrincipal(userIdentity);
            string Admin = _configuration["AppUserRoles:Admin"];
            result = userPrincipal.IsInRole(Admin);

I have changed the code to the following:

            dynamic userIdentity = WindowsIdentity("UserID");
            dynamic userPrincipal = new WindowsPrincipal(userIdentity);
            string Admin = _configuration["AppUserRoles:Admin"];
            result = userPrincipal.IsInRole(Admin);

We need to pass the the UserID from ReactJS to the API Layer.

In ReactJS I have tried the following:

            var path = require('path');
            var userName = process.env['USERPROFILE'].split(path.sep)[2];
            var loginId = path.join("domainName",userName);

But this is not working in ReactJS.

Is there a way we can fetch the Windows Logon ID in React JS and pass it to the API layer for authorization?

Improve this question
1
  • 2
    maybe take a look at helloJS? It supports windows authentication Commented Jan 25, 2018 at 13:39

2 Answers 2

Reset to default
5

We were able to get this done by the following approach:

under IIS we hosted the website as follows:

  1. Added a website ReactJSWeb.

    i. Added .NETCore virtual directory under the ReactJS website.

Both Main website and Virtual directory had Authentication set as Windows Authentication Enabled.

In .NET Core API - authentication module we added a Attribute [Authorize] on the class and added the following code in the method:

using Microsoft.AspNetCore.Authorization;

        dynamic userIdentity = WindowsIdentity(**User.Identity.Name**);
        dynamic userPrincipal = new WindowsPrincipal(userIdentity);
        string Admin = _configuration["AppUserRoles:Admin"];
        result = userPrincipal.IsInRole(Admin);

This worked and we are now able to do the Authorization properly based on the Active Directory security group the user is part of.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Seconded. This would be extremely helpful to read with more context
Seconded. Same problem for me
0

Is it possible to share what you did to have client authenticated following that approach? I'm getting crazy with a similar scenario like yours...

I very appreciate that.

Improve this answer

2 Comments

Please don't use the answers section for your question. You can always ask questions...
Sorry about that! But I would like to do some comments (or questions) here, but I don`t have enough points to do that... Sorry!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.