Enterprise Edition of PHPRunner and ASPRunner.NET provides Active Directory authentication option. It is a useful feature but it has some restrictions, for instance, you cannot use a hybrid database/AD approach where some users will use Active Directory login and some others will have their usernames and passwords stored in the database.
This changes in version 10.6 where Active Directory is no longer a replacement for database-based login but a supplement. Active Directory is now considered a "security provider" and works the same way as "Login via Google" or "Login via Facebook". We are also adding new security providers like OpenID, SAML, AzureAD and Okta.
This is how it works on the backend side. If you have used "Login via Google" or "Login via Facebook", you should be already familiar with this concept. When user logs in via a third-party security provider we create a record in the users table with a unique id that for Facebook starts with fb, for Google it starts with go, and for Active Directory that prefix will be ad.
Continue Reading "New security providers in version 10.6"