1

So, I'm migrating an application built with ASP.Net 4.7 to .Net 5 (using preview 7).

One of the things that the old app does is validating a user against Active Directory. The goal is not to implement Authentication with Active Directory. I want to use the same approach: Only validate the user agains AD, and then, if the validation is OK, I will handle the authentication in another way.

Old code:

Membership.ValidateUser(model.UserName, model.Password)

What is the way to do it in .Net 5? (Or .Net Core, since almost every basic stuff is working the same way, at least when comparing to .Net Core 3.1)

Hahn86
  • 55
  • 1
  • 5
  • 17
  • That code was already obsolete for several years. `Membership` is an ASP.NET 1.0 class (the version released in 2002, not ASP.NET Core 1.0). It was replaced when ASP.NET MVC came out with claims based authentication. For several years, authentication is performed by ASP.NET Identity. .NET 5 is actually .NET *Core* 5, so it uses ASP.NET Core Identity too – Panagiotis Kanavos Oct 07 '20 at 19:17
  • What do you mean by `Active Directory authentication`? That's actually *Windows* authentication and doesn't need `ValidateUser` at all, the user is already known. You'd only need that for *forms* authentication, perhaps to look up the user in a different domain. Both options are available in .NET Core and even more, through command-line switches or wizard options, when you create a new project. You'll find an introduction [here](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity?view=aspnetcore-3.1&tabs=visual-studio). – Panagiotis Kanavos Oct 07 '20 at 19:23
  • The [Authentication section](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/?view=aspnetcore-3.1) explains how to set up [Windows/Active Directory](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore-3.1&tabs=visual-studio) authentication, [Azure AD](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/azure-active-directory/?view=aspnetcore-3.1) auth, [Google](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/?view=aspnetcore-3.1&tabs=visual-studio), Facebook, etc – Panagiotis Kanavos Oct 07 '20 at 19:25
  • As I said, I don't want to implement authentication. I also don't ant to use the windows logged user. I want to have a form with user and password input, and I want to validate the input credentials in a specific LDAP address – Hahn86 Oct 07 '20 at 19:32
  • That's what `implement authentication` means. That's what `Membership.ValidateUser` does. That class is obsolete for *years* though. You'd have to change your code if you migrated from WebForms to MVC anyway. Since you go to .NET Core, you have to use .NET Core's middleware – Panagiotis Kanavos Oct 07 '20 at 19:33
  • That middleware *already* implements registration, login forms etc. It already includes providers to connect to *multiple* providers, even for the same web app. Something that was impossible with WebForms. It includes [Federation](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/ws-federation?view=aspnetcore-3.1) eg for ADFS, which was considered better than having users in one domain send their credentials to a server on a different domain too. – Panagiotis Kanavos Oct 07 '20 at 19:42
  • To use LDAP, you need an extra library. [That's explained in this possibly duplicate question](https://stackoverflow.com/questions/49682644/asp-net-core-2-0-ldap-active-directory-authentication/49685121#49685121) – Panagiotis Kanavos Oct 07 '20 at 19:42
  • 1
    I know what it means, that's why I said that I didn't want to implement authentication. Actually, the 'old' application it's in production right now, it's ASP.Net MVC with .Net Framework 4.7 and it's using the code I showed. Can you point me to the right direction on how to use .Net Core's middleware? I already searched a lot, tried different solutions, and nothing works. There's other piece of code that searches the LDAP for a user and get's user related data. That part I was able to put it to work using .Net Core. The only thing missing is validating a combination of username and password. – Hahn86 Oct 07 '20 at 19:44
  • All you need to do is add a few lines in the `Startup` class, and *maybe* [customize the login UI](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/scaffold-identity?view=aspnetcore-3.1&tabs=visual-studio) – Panagiotis Kanavos Oct 07 '20 at 19:45
  • I think you pointed to the right direction already. I will try that and give you the feedback. Thanks! – Hahn86 Oct 07 '20 at 19:46

0 Answers0