This node module was originally created to expose the Microsoft SSPI API (Security Support Provider Interface). This API is useful for Kerberos and NTLM authentication. Both theses authentications methods allow a Windows user account to automatically gives its credentials to a website without to fulfill a login/password form, which saves time for instance when a user has to use an internal company website. This is called SSO.
In the SSO scenario, the website may wish to access to an Active Directory Domain Controller to get more info about the logged user. Therefore, this module also exposes some part of the Microsoft Active Directory Service Interface (ADSI).
This library thus exposes a maximum of SSPI C/C++ functions and also some ADSI C/C++ functions to the NodeJS world.
It also exposes some C/C++ miscellaneous other functions that may be useful for getting some info about the system. It is called sysinfo.
The remaining part of the module is a set of javascript exported objects (classes, functions, etc.), written in Typescript, all wrapped in the sso
object. The purpose of them is to give to the developers some utilities to help achieve some basic SSPI use cases (both server and client with negotiate protocol).
C/C++ part:
All the javascript part is in fact written in Typescript.
- Server:
- The middleware
sso.auth(options?)
, which can be used with most of the webserver node frameworks (express, fastify, restify, connect, etc.)
- The middleware
- Client:
- the fetch client
const response = await new sso.Client().fetch(url);
, which can be used to query a webserver that uses the Negotiate with Kerberos/NTLM protocols. HTTP cookies are automatically managed.
- the fetch client
Jean-Louis GUENEGO [email protected]