I have an nginx reverse proxy to a few node apps. Our users are all on a Windows domain controlled network. I'm aware I can use express-ntlm or passport-windowsauth to prompt the user for their login credentials, but that's non-integrated auth.
我有几个节点应用程序的nginx反向代理。我们的用户都在Windows域控制的网络上。我知道我可以使用express-ntlm或passport-windowsauth来提示用户输入他们的登录凭据,但这是非集成的身份验证。
Is it possible to use integrated auth (windows authenticated users can bypass credentials prompt) directly from within node.js (or nginx) without IIS (or Apache)? If so, how?
是否可以在没有IIS(或Apache)的node.js(或nginx)中直接使用集成的auth(Windows认证用户可以绕过凭证提示)?如果是这样,怎么样?
I suppose we could replace nginx with IIS as the reverse proxy, but I'd like to avoid that if I can.
我想我们可以用IIS代替nginx作为反向代理,但是如果可以的话我想避免这样做。
1 个解决方案
#1
4
Yes, you can, there is a package called node-sspi. It only works on Windows environment though.
是的,你可以,有一个名为node-sspi的包。它只适用于Windows环境。
Windows SSPI server-side authentication for Node
NodeSSPI to Node.js is what mod-auth-sspi to Apache HTTPD. In a nutshell NodeSSPI authenticates incoming HTTP(S) requests through native Windows SSPI, hence NodeSSPI runs on Windows only.
NodeSSPI到Node.js是Apache HTTPD的mod-auth-sspi。简而言之,NodeSSPI通过本机Windows SSPI对传入的HTTP(S)请求进行身份验证,因此NodeSSPI仅在Windows上运行。
If you need to use it for other OS, you need to develop your own node module or use Apache.
如果需要将其用于其他操作系统,则需要开发自己的节点模块或使用Apache。
#1
4
Yes, you can, there is a package called node-sspi. It only works on Windows environment though.
是的,你可以,有一个名为node-sspi的包。它只适用于Windows环境。
Windows SSPI server-side authentication for Node
NodeSSPI to Node.js is what mod-auth-sspi to Apache HTTPD. In a nutshell NodeSSPI authenticates incoming HTTP(S) requests through native Windows SSPI, hence NodeSSPI runs on Windows only.
NodeSSPI到Node.js是Apache HTTPD的mod-auth-sspi。简而言之,NodeSSPI通过本机Windows SSPI对传入的HTTP(S)请求进行身份验证,因此NodeSSPI仅在Windows上运行。
If you need to use it for other OS, you need to develop your own node module or use Apache.
如果需要将其用于其他操作系统,则需要开发自己的节点模块或使用Apache。