Switch to Medhi's authentication approach

ices-taf / doc

Community documentation for the TAF project

http://taf.ices.dk

11 stars 4 forks source link

Switch to Medhi's authentication approach #149

Closed colinpmillar closed 6 years ago

colinpmillar commented 6 years ago

Summary

Current approach has a "injection" risk.

Tasks required

[x] rewrite authentication part of auth controller
[x] test

links to other issues?

None

colinpmillar commented 6 years ago

From Mehdi:

using System.DirectoryServices.AccountManagement;

public bool AuthenticateAD(string username, string password)
        {
            using (var context = new PrincipalContext(ContextType.Domain, "ices.local"))
            {
                return context.ValidateCredentials(username, password);
            }
        }

colinpmillar commented 6 years ago

https://github.com/ices-taf/ICES.TAF.WebSite/commit/2d9a3ce348948e4ce5dbde2feccd8d4da1c80c42

colinpmillar commented 6 years ago

Tested and working as before 👍