search

JackAdams / meteor-accounts-ldap

Authentication against an LDAP server in Meteor
MIT License
21 stars 12 forks source link

Question: Support Windows Integrated Authentication? #12

Open Spiralis opened 8 years ago

Spiralis commented 8 years ago

Is there any chance that this package will be able to do the equivalent of what the passport-windowsauth package does in regards to allowing Windows Integrated Authentication when the meteor app has been demeteorized to a node app and is running in IIS?

I can live with having users to login manually, but in a Windows enterprise environment where a site is running via IIS the browser will automatically login the user on the domain (via AD / LDAP).

passport-windowsauth has two different modes, so to speak: 

passport.use(new WindowsStrategy({
  ldap: {
    url:             'ldap://wellscordoba.wellscordobabank.com/DC=wellscordobabank,DC=com',
    base:            'DC=wellscordobabank,DC=com',
    bindDN:          'someAccount',
    bindCredentials: 'andItsPass'
  }
}, function(profile, done){
  User.findOrCreate({ waId: profile.id }, function (err, user) {
    done(err, user);
  });
}));
passport.use(new WindowsStrategy({integrated: true}, function(profile, done){
  User.findOrCreate({ waId: profile.id }, function (err, user) {
    done(err, user);
  });
}));
JackAdams commented 8 years ago

Sorry @Spiralis, I've got to confess that my knowledge of passport and Windows Authenticated Integration is non-existent. I barely know the basics of LDAP. I just wrote this package because I needed some tricky integrations with Meteor's accounts-password package, so both could be used seamlessly in the same app.

The package code is not well documented (or organized), but if you wanted to take a stab at adding support for the authentication method you're suggesting, I'm open to accepting a PR.