'Using AD to validate user and Authorization using Asp.net Identity
I have this use case for a web application (ASP.NET MVC 5) where I'm supposed to validate if the user exist in the active directory (authentication) and then check its groups and access rights stored in a SQL database (authorization) before allowing the user to use perform various functions in the web application.
The SQL Database would contain 3 tables:
- User (user belongs to a group)
- Group (group contains user access rights)
- User Access Rights
The groups are customisable and it contains user access rights. For example, a user can create a group called "Normal User" which contains access rights such as "CanViewOrder", "CanUpdateOrder", "CanDeleteOrder", "CanCreateOrder".
I manage to do the validation
PrincipalContext principalContext = new PrincipalContext(domain, domainURL, container, username, password);
isAuthenticated = principalContext.ValidateCredentials(UserName, Password);
if (isAuthenticated)
{
user = UserPrincipal.FindByIdentity(principalContext, UserName);
}
//set authentication cookie that contains authorization information
I know the next step that follows is to create an authentication cookie for the user that contains the authorization information.
How could I achieve the desired functionality using ASP.NET Identity with Entity Framework?
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|