Hello, I am currently building out an API with MVC. The server sits somewhere on our network where it is capable of communicating with our LDAP server, which I am hoping to use for authentication. It is easy enough for me to create an API call where they pass up their credentials, and then I verify if they are correct or not. At that step though... I'm wondering if anyone has any advice on where to go. I'm thinking of returning a unique token that their client then uses for future requests, but I also want to ensure that any changes on the domain server, such as a password change or their account being disabled, forces the client to authenticate again. So far the only way I've been able to think of doing this is essentially storing their credentials on the API server, associated with their token, and verifying on every request with the LDAP server that the credentials are still valid. Is this a valid approach? And if it is, what would you consider the best way to store those credentials? And if it isn't a valid approach, how would you handle it?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Domain Authentication
- Thread starter Moregelen
- Start date
Similar threads
- Locked
- Question
- Locked
- Question