我有几个节点应用程序的nginx反向代理。我们的用户都在Windows域控制的网络上。我知道我可以使用 express-ntlm 或 passport-windowsauth 提示用户输入登录凭据,但这是非集成的身份验证。
I have an nginx reverse proxy to a few node apps. Our users are all on a Windows domain controlled network. I'm aware I can use express-ntlm or passport-windowsauth to prompt the user for their login credentials, but that's non-integrated auth.
是否可以在没有IIS(或Apache)的node.js(或nginx)中直接使用集成身份验证(Windows身份验证用户可以绕过凭据提示)?如果是这样,怎么样?
Is it possible to use integrated auth (windows authenticated users can bypass credentials prompt) directly from within node.js (or nginx) without IIS (or Apache)? If so, how?
我想我们可以用IIS代替nginx作为反向代理,但是如果可以的话,我想避免这样做。
I suppose we could replace nginx with IIS as the reverse proxy, but I'd like to avoid that if I can.
推荐答案是的,你可以,有一个名为 node-sspi 。它仅适用于Windows环境。
Yes, you can, there is a package called node-sspi. It only works on Windows environment though.
Windows的SSPI服务器端身份验证NodeSSPI到Node.js是Apache HTTPD的mod-auth-sspi。简而言之,NodeSSPI通过本机Windows SSPI对传入的HTTP(S)请求进行身份验证,因此NodeSSPI仅在Windows上运行。 Windows SSPI server-side authentication for Node
NodeSSPI to Node.js is what mod-auth-sspi to Apache HTTPD. In a nutshell NodeSSPI authenticates incoming HTTP(S) requests through native Windows SSPI, hence NodeSSPI runs on Windows only.
如果需要将它用于其他操作系统,您需要开发自己的节点模块或使用Apache 。
If you need to use it for other OS, you need to develop your own node module or use Apache.
更多推荐
是否可以在没有IIS的情况下使用Windows集成身份验证?
发布评论