×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Domain Authentication

Domain Authentication

Domain Authentication

(OP)
Hello, I am currently building out an API with MVC. The server sits somewhere on our network where it is capable of communicating with our LDAP server, which I am hoping to use for authentication. It is easy enough for me to create an API call where they pass up their credentials, and then I verify if they are correct or not. At that step though... I'm wondering if anyone has any advice on where to go. I'm thinking of returning a unique token that their client then uses for future requests, but I also want to ensure that any changes on the domain server, such as a password change or their account being disabled, forces the client to authenticate again. So far the only way I've been able to think of doing this is essentially storing their credentials on the API server, associated with their token, and verifying on every request with the LDAP server that the credentials are still valid. Is this a valid approach? And if it is, what would you consider the best way to store those credentials? And if it isn't a valid approach, how would you handle it?

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close