1

I need to implement solution Desktop Client + Application server (Web Service) in .NET.

The Client shall Authenticate against Active Directory (Kerberos Single Sign On) and forward its verified Active Directory identity to Web Service (NET Web API or WCF).

Web-service should verify that the Client is signed against Active Directory. Both computers (Client and server) are running in one AD domain.

I suppose that this can be implemented using WCF (see code here), but today NET Web API is preferred over Windows Communication Foundation. It is possible to implement it in ASP Web API as well?

Similar question not answered is here.

Tomas Kubes
  • 23,880
  • 18
  • 111
  • 148

1 Answers1

2

Yes, it is possible. The answer is here: https://learn.microsoft.com/en-us/aspnet/web-api/overview/security/integrated-windows-authentication

The API can use Windows authentication. The authentication is handled by IIS, as long as you have your web.config setup right, as described in that article.

From your application, you just need to tell it to pass the Windows credentials by using the UseDefaultCredentials property:

HttpClientHandler handler = new HttpClientHandler() {
    UseDefaultCredentials = true
};

HttpClient client = new HttpClient(handler);
Gabriel Luci
  • 38,328
  • 4
  • 55
  • 84