Kerberos.NET
nsspi
Kerberos.NET | nsspi | |
---|---|---|
1 | 2 | |
500 | 61 | |
2.0% | - | |
7.7 | 0.0 | |
3 months ago | about 2 years ago | |
C# | C# | |
MIT License | BSD 2-clause "Simplified" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Kerberos.NET
-
Can someone explain how Services/Service Principal Names work in AD?
The mapping of Windows Services to SPNs is a bit lopsided. There's only a handful of SPNs on any given computer object, but that's okay because there's a special SPN called host/computername that is a catch-all. There's a mapping of 50 or so service types mapped to host so when you ask for say fax/computername, AD will treat that as a search 'find me fax/computername OR find me host/computername'. There's an official list on docs somewhere (can't find it), but here's a mapping I created from that official list. All of this lopsidedness works because the local services are running as local system or network service, and therefore use the computer account.
nsspi
-
What I learned about C# from job interviews
I had this problem in spades when I was learning how to invoke the Windows SSPI api. It ended up being so complicated I wrote an entire project to do it, because I also had to manually handle the CER concerns of pinvokeing.
-
Need help building an application services architecture - I think MassTransit and ReBus don't fit my requirements
Since I'm in an enterprise with AD, I was planning on just directly using Windows Integrated authentication (I wrote a library to do just this: NSSPI). The clients will send messsages (over the gateway) to the Auth Service and ask to perform auth directly. After Auth is complete, the Auth service will hand back a signed JWT token and all requests the client makes to any other service after that point will have the bearer token.
What are some alternatives?
MQTTnet - MQTTnet is a high performance .NET library for MQTT based communication. It provides a MQTT client and a MQTT server (broker). The implementation is based on the documentation from http://mqtt.org/.
Towel - Throw in the towel.
InstagramApiSharp - A complete Private Instagram API for .NET (C#, VB.NET).
Solid.Identity.Protocols.Saml2p - A simple SAML2p protocol library for aspnetcore.
pingcastle - PingCastle - Get Active Directory Security at 80% in 20% of the time
node-expose-sspi - Expose Microsoft Windows SSPI to Node for SSO authentication.
snapshooter - Snapshooter is a snapshot testing tool for .NET Core and .NET Framework
PlexSSO - Plex backed Single Sign On
libplanet - Blockchain in C#/.NET for on-chain, decentralized gaming
waffle - Enable drop-in Windows Single Sign On for popular Java web servers.
Ceras - Universal binary serializer for a wide variety of scenarios https://discord.gg/FGaCX4c