How to send login credentials from a SPA Web Application for querying TFS Server? RRS feed

  • Question

  • User1746860395 posted


    I'm not sure this is the right forum-group to ask this question but I'll try here first:

    I have an SPA application (Angular 1.4) on our Intranet from where the user should be able to click a button and create a WorkItem in our TFS-server that is in the same domain, but on a different server. Because this is an Intranet-application users should login with their domain user when they login to their Windows PC. I have not implemented this, Windows authentication, for my web application yet, but I guess this is simply some web.config settings and a few checks of checkboxes in Internet Information Server Manager?

    When the user clicks the "Create Bug"-button in my SPA I send details async via $http to a Web API Controller, that in turn calls the TFS Server API to create the bug in TFS. This works great when I run my SPA on localhost because I'm logged in with my domain-user and this user is also registrered as a valid TFS User. I guess that when I put my SPA into "production" my Web API Controller does not have this information about the domain-user, because my SPA does not send anything. And my domain-user is not logged in when the Web API controller is running its CreateBug-function. 

    So, I have to configure mye SPA to run on a IIS server authenicating users with Windows Authentication. This information must be sent to my Web API Controller from Angular/Javascript so that the the TFS Client-kode running om the controller has the domain-user-context to create the bug on my behalf.

    I may not have one question here, but many. Is the way I have described it valid? Will it work? Is there better or other ways of doing it? Any resources or walk-throughs?

    Looking forward for your feedback and comments!

    Have a nice weekend!!

    Friday, September 2, 2016 2:48 PM

All replies

  • User-1926401737 posted

    I guess this is simply some web.config settings and a few checks of checkboxes in Internet Information Server Manager?

    Do you enable Windows authentication in web configuration file? Could you share us your <authentication> section code?

    Besides, we could use the [Authorize] attribute to restrict access to controller actions to particular Windows users or groups, do you specify [Authorize] attribute?

    Monday, September 12, 2016 2:10 AM
  • User1746860395 posted

    Thanks for your reply. I have this section in web.config:

        <authentication mode="Windows"/>
        <identity impersonate="false"/>
        <compilation debug="false" targetFramework="4.5" />
        <httpRuntime targetFramework="4.5" />

    I tried the [Authorize] attribute but it didn't change anything really. In my Page_Load event on my authenticated.aspx I have this code that I want to parse out the domain user username:

     public partial class Authenticated : System.Web.UI.Page {
           protected void Page_Load(object sender, EventArgs e) {
                string result = "Unknown";
                var loggedOnUser = System.Security.Principal.WindowsIdentity.GetCurrent();
                    int index = loggedOnUser.Name.LastIndexOf("\\", StringComparison.Ordinal) + 1;
                    result = loggedOnUser.Name.Substring(index);
                var json = "{ \"User\" : \"" + result + "\"}";
                Response.ContentType = "text/json";

    This page is used in an async request from my SPA and will return the initials of the Windows user logged in. Or, that is what I want but its not working right now.

    Tuesday, September 13, 2016 10:48 AM