How Can I Save AD Validation To Use For Later Calls?

Question

I'm assisting a team of developers with a MVC web app that's presenting a custom log in for authentication.

They use the user entered id and password to validate the user against ActiveDirectory (via a call to System.Web.Security.Membership.ValidateUser). They need later to use the same credentials to access the TFS API 2.0 (TFS 2015). That is, they want the user to only be able to see the TFS user stories, work items etc. that are associated with their user ID.

Is there some way to get (or save) the user credentials from the Membership.ValidateUser call to use them later with the TFS API? They've tried cookies but can't seem to quite get that to work.

score 0 · Answer 1 · answered Apr 07 '17 at 07:29

0

You could use ASP.NET Impersonation to achieve this. https://msdn.microsoft.com/en-us/library/134ec8tc.aspx?f=255&MSPPError=-2147217396

Using the ASP.NET Impersonation, when you invoke TFS REST API, it using the identity you login in.

Edit the Web.config file for the application and set the impersonate attribute of the identity configuration element to true, as shown in the following example.

<configuration>
  <system.web>
    <identity impersonate="true" />
  </system.web>
</configuration>

answered Apr 07 '17 at 07:29

Tingting0929

4,142
1
14
14

Thanks for the suggestion. I have passed it along to the team I'm working with; I am unsure if it helped or not. – Onorio Catenacci Apr 07 '17 at 16:15
@OnorioCatenacci Does it work for you and is there any feedback? – Tingting0929 Apr 17 '17 at 02:22
They ended up with a different solution so I honestly can't say if it would have worked or not. – Onorio Catenacci Apr 18 '17 at 12:47
@OnorioCatenacci could you share your solution here and mark it as the answer. – Tingting0929 Apr 19 '17 at 01:10

How Can I Save AD Validation To Use For Later Calls?

1 Answers1