问题描述:

In an ASP.NET MVC 3.0 application (intranet), the end user is logged on the domain (sample : MyDomain\User1. In my application there is a validation section, when I want to valid a jQuery UI popup appear and I have to enter password of the user logged.

I'd like to know :

  • how can I check if the password receive in the action method match with the User1 domain password

  • Is there a way to secure the password. To be clear, I have input (password type), in the model received from the form the password is in clear. Is it normal? Is there way to crypt that. I used ajax for posting.

Update1

After internal discuss here .. is it possible to do an Asynchrone Ajax post with the password and make a check (password match to password of the user in the domain, the user is authenticated over NTLM protocol) without use LDAP.

Thanks,

网友答案:

Why not just use Windows Authentication

Otherwise: Consult here

Gives a complete walkthrough of custom authentication against an Active Directory controller.

相关阅读:
Top