I am implementing a single-page application based on Angular and Node.js running on Windows Server in a corporate Windows Active Directory domain environment. I know that through AD (by passing the username and password) it is possible to authenticate using node packages such as passport-ldapauth and node-activedirectory.
My question is: what would be the most feasible / direct way to implement a single sign-on function so that a user who is already authenticated in Active Directory on the PC / domain does not have to enter his AD username / password again?
I came across Auth0 packages that can do this, but I understand that they needed an external hosted cloud service? (this is not an option for me).
Thank you very well in advance.
Update: I am learning Kerberos as it may be a solution, however, it seems there aren't any mature NPM packages for node and Kerberos? Update 2: I found a package called Node-SSPI that looks very promising. I did not have the opportunity to try it in a Windows domain (I hope it will be tomorrow), but he was able to verify that the user was logged on to my local computer.
thanks
source
share