So here’s the problem I’m trying to solve:
1.) We’re using containerization for 99% of our product.
2.) The client wants to use windows authentication for "single sign-on".
So the solution we are trying to go with (let me know if there’s a better option) is for the client to log in to an IIS server (since the IIS server has the ability to use the IdentityPrincipal to grab the authenticated Windows user’s claims), convert those claims to a JSON Web Token (JWT), and return that JWT to the client.
Then, from that point, the client appends the JWT to the authentication header with each API request, and each containerized microservice can validate that token for the user. (More specifically, it’s validated at the ApiGateway, but that’s not the point.)
The problem we have is that during development, each container gets spun up on an internal default "nat" network (using Docker Desktop and Windows containers here. That bit’s important.)
So when attempting to spin up the token generation service in IIS Express, that is serving on the local host. We can’t containerize the IIS Express, (or IIS in general) or that breaks its ability to do Windows Authentication. Thus, the reason it stays running on the localhost, while all of the containers get spun up with the dockercompose, putting them on to the default "nat" docker network.
What this means is that the ApiGateway is no longer able to access the IIS Express instance, since as far as it is concerned, the "localhost" is that of the ApiGateway container, not the host system.
Bear in mind we have to get this working for individual development workstations.
I’ve gone down quite a few rabbit holes but haven’t found a solution yet. (eg; "host.docker.internal", etc.) I’ve even tried "extra_hosts" but that doesn’t seem to work from within Visual Studio (for Windows containers at least).
So TLDR: If you have a dockercompose.yml spinning up a number of containers for a solution, and another solution running IIS express, how do you configure one of those containers to access the IISExpress instance?
Source: Docker Questions