Using Windows Authentication in ASP.NET core via HTTP.sys server


Previous article ASP.NET core and integrated windows authentication in nanoserver container showed how to use integrated Windows authentication in docker windows container via IIS which requires a lot of prep steps and pretty cumbersome to implement. Another option is to use WebListener which as renamed to HTTPSYS in ASP.NET core version 2.0. Solution is hosted in following Github repo

You have to prepare your Windows AD environment as per this Enabling integrated Windows Authentication in windows docker container article as a prerequisite.

You startup.cs file shall have following entry in ConfigureServices method which will enable both anonymous and Windows Authenticated access.


Your Program.cs need following entry in BuildWebHost method

This will allow to use both Windows and Anonymous authentication side by side. Now your home controller can specify which actions will require authentication and which not as per below.

Dockerfile below is using multi stage build and publish process

Final step is to run built image on Container host which was prepped earlier

docker run -d -h containerhost –security-opt “credentialspec=file://win.json” -p 8888:80 artisticcheese/winauth:nano-httpsys

Accessing this URL from domain joined machine via name only will not require users entering password and will automatically log them in, accessing via IP address will prompt for password and will allow login, accessing action which does not require authentication as expected will not require password. See below.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s