0

I have built a react web application for a client that is hosted on Windows Server 2016 in IIS (configured with windows authentication) I can see the www-Authenticate Negotiate response header and when I look at the IIS logs I can see my username in the cs-username field. Is there an easy way to pass the client user's details from the web server to the react client application so I can display a user's information or is this going to require building a custom .Net app to handle? I'm pretty new to SSO, Active Directory and Windows Auth so I'm looking for the easiest solution possible

tgolisch
  • 6,549
  • 3
  • 24
  • 42
CMARQ
  • 1
  • 1
  • Since you have IIS, most people would consider making "a service" or "web api" using .NET, but there are other technologies which would work. Are there any server-side languages that you already know, or tech standards at your org? Might want to start there. – tgolisch Mar 11 '20 at 15:13
  • Hey, thanks for replying. I actually have an API built to feed the app. It's a Spring Boot application so it's java. I can write a .Net app in C# if I have to, but I was hoping there was an easier way to pass the information back either as a response header configured in IIS or as a part of my existing spring boot API. – CMARQ Mar 11 '20 at 17:42
  • I'm not certain, but I would expect Spring Boot should be able to get that info. It might be an environment var https://stackoverflow.com/questions/44803211/read-environment-variable-in-springboot. In .NET or CGI it is in Request.ServerVariables. Spring Boot must have something equivalent. – tgolisch Mar 11 '20 at 18:26
  • How is your app deployed/served in IIS? Is it CGI, or Managed, or using NSSM or something? (eg. https://www.quora.com/How-do-I-deploy-spring-boot-application-on-a-Windows-server) – tgolisch Mar 11 '20 at 18:32
  • The react application is just the default website on iis. The spring boot API isn't deployed on IIS, it is deployed as a jar file which runs in the background as a windows service with WINSW (a windows service wrapper) – CMARQ Mar 11 '20 at 18:48
  • In that case, you could either use .NET or you could even get that info via a CGI script. Those examples should be easy to find, and simple. I could paste one below, if you don't care about the technology, or search for something you find likeable. – tgolisch Mar 11 '20 at 18:53

0 Answers0