2

I'm working on a web project based on Windows Server 2008 R2, Asp.Net 4 & MVC3 in C# and Active Directory.

01- My new created Web Site should have a Login Page which will authorize a user against the Active Directory.

02 -The Login Page should also remember when a User previously logged-in and allow access without re-entering the password all the time / it should also work on mobile device (Phone Gap and Sencha).

03 - The web site would be hosted on a Server which has access to AD (Intranet) directly.

I'm very new at Active Directory, although I made several searches I still have some doubts and confusion and I would love have your clarifications:

  • Does the .Net have Classes specifically designed to make easier connected and authorizing a User against AD? What is the easier way to go for web applications?

  • Regarding point 02, how avoid a User re-entering the Password on subsequential log-in? Can I use AD and Cookies? Which Class are designed for this in .Net?

  • Regarding point 03, do I need some special configuration on the AD to allow access from my website (running on a intranet where AD is accessible), I heard about LDAP.. does it make sense in my case?

Many thanks for your time on this.

Paolo Moretti
  • 54,162
  • 23
  • 101
  • 92
GibboK
  • 71,848
  • 143
  • 435
  • 658
  • 2
    Maybe this could help you out http://stackoverflow.com/questions/6147864/asp-net-mvc-authenticate-users-against-active-directory-but-require-username – scheien Sep 27 '12 at 07:58

1 Answers1

1

I'd suggest you start by looking at the ActiveDirectoryMembershipProvider. There's lots of info on MSDN, including this article, which describes how to use Forms Authentication with multiple domains (your case is simpler, you only have one domain).

The ASP.NET Login control has a "Remember Me" feature - you could look at how this works and create an MVC equivalent.

Joe
  • 122,218
  • 32
  • 205
  • 338