Single Sign on from .net project

Apr 17, 2013 at 6:58 AM
How to Login automatically into nearforums if user has logged in in one site..
How to use Memebership..

I am doing

FormsAuthentication.SetAuthCookie(txtUser.Text,true,"/");
FormsAuthentication.RedirectFromLoginPage(txtUser.Text,true,"/");

But it doesnt work.. What else shall i do..

In my webconfig I have pasted these lines : These lines have been pasted in web.config of nearforums too..
<authentication mode="Forms" >
     <forms loginUrl="login.aspx"
    name=".ASPXFORMSAUTH" 
    protection="All"  
    path="/" 
    timeout="30"  enableCrossAppRedirects="true"  slidingExpiration="true" />
  </authentication>
  <authorization>
    <deny users="?" />
    </authorization>
  <machineKey
validationKey="C50B3C89CB21F4F1422FF158A5B42D0E8DB8CB5CDA1742572A487D9401E3400267682B202B746511891C1BAF47F8D25C07F6C39A104696DB51F17C529AD3CABE" 
decryptionKey="8A9BE8FD67AF6979E7D20198CFEA50DD3D3799C77AF2B72F" 
validation="SHA1" />
Can u let me know what is my mistake.. I need help..
Coordinator
Apr 17, 2013 at 8:11 AM
Hi,
It looks like you configured correctly the same machine key in both websites and the forms authentication, but are you using a ASP.NET Membership provider? Which one?

Kind Regards,
Jorge
Apr 17, 2013 at 9:55 AM
jorgebg wrote:
Hi,
It looks like you configured correctly the same machine key in both websites and the forms authentication, but are you using a ASP.NET Membership provider? Which one?

Kind Regards,
Jorge

Thank you for prompt Reply Sir (jorgebg)

No I have no membership provider. If I am using a MySql Database how can I register the data as membership provider.
The link you provided says there are 2 membership providers i.e Microsoft SQL Server as a data source and another that uses Windows Active Directory. But I am afraid I have no clue regarding them.

Present scenario is that there is a website that has its own database and login system.

I know as of now nearforums does not provide support to set a cookie or use some session to validate a login.(i.e i set a certain cookie and nearforums reads the cookie and validates login).

The only method is membership. I went through a lot of articles on how to implement the membership authentication in .net application that is Not mvc but could not grasp it.

Can you please give me a link or provide a walkthrough regarding what code is needed to be written to enable membership authentication. Some sort of tutorial would really be helpful.

My present application that has its own login system is not mvc. Its a normal .net web application.
Coordinator
Apr 17, 2013 at 10:00 AM
Hi,
(Call me Jorge!)
Then you should use Custom database authentication, not ASP.NET Membership authentication.

Follow the instructions and if you have any doubt, let us know!

Kind Regards,
Jorge
Apr 17, 2013 at 10:10 AM
Thanks once again Jorge...

I tried using customdb.. The login works. but The only problem is that if I login to the mainsite and from there if I come to nearforums then I will have to login seperately for nearforums using the same credentials.

Means,

If I login to the site www.website.com using the username: test and password : test , then if i goto www.website.com/nearforums , I will have to login again by clicking on sign in .. What I want is if I login on the mainsite and if i visit nearforums I should be logged in by default.

Like we see in google i.e If i login on gmail.com I will be logged in automatically on docs.google.com

Is that possible?? If necessary I can make an object and pass it in a session but is there a mechanism in nearforums that checks for a particular session or something like that..

I did try to go through the nearforums code but i failed to understand if there is any such mechanism.
Coordinator
Apr 17, 2013 at 10:12 AM
Hi,
Single sign on is only possible using ASP.NET Membership.

Kind regards,
Jorge
Apr 17, 2013 at 10:27 AM
Hi Jorge,

Yes I understand very well single sign on is only possible using the membership..
The challenge is that I don't know how to implement ASP.NET Membership so I tried to work with the code..

What I did is added these lines on button click.. Is it sufficient??

MembershipCreateStatus newStatus = new MembershipCreateStatus();
Membership.CreateUser(txtUser.Text, txtPass.Text, txtEmail.Text, null, null, true,null, out newStatus);
FormsAuthentication.SetAuthCookie(txtUser.Text, false);
Response.Redirect("localhost/nearforum");

Will this work or something is missing??

When we say Membership provider what exactly does it do.. Do you have a sample working code which you can mail me so I can study it and implement ASP.NET Membership please..
Coordinator
Apr 17, 2013 at 10:29 AM
Hi,
It will not work :)
For ASP.NET Membership, you can start reading here: http://msdn.microsoft.com/en-us/library/yh26yfzy(v=vs.100).aspx

Kind regards,
Jorge
Apr 17, 2013 at 10:33 AM
Hi again,

I have gone through the document couple of times. But since you suggest I will go through it once again. But I fail to understand what it has to say.. Is there any other tutorial available for newbies or rookies???

If so please do let me know. Thank you for your time..
Apr 17, 2013 at 11:20 AM
Hi Jorge,

Sorry for disturbing you again..

I went through tutorial and I realized that its not possible to use ASP.NET Membership on the mainsite since that site is not in my control. Actually I was asked to integrate a forum and blog in their website. I saw that nearforums was a very good option and hence I used it. BUt since I integrated the forums their requirements keep on changing..

Now what I realized is that implementing .NET Membership is not just an issue of coding.. It has lots of configuration and they will not stop using their present DB..

Now is there any solution that you can suggest..

I am considering of using OpenID Webring.. But once again the problem is how should I register the mainsite on http://jorgebg.myopenid.com so that I can use it to connect both the websites (i.e www.website.com and www.website.com/nearforums) ..

:-) Sorry to bother over and over again.. But really need some clue/hint..

Thank you..
Coordinator
Apr 17, 2013 at 11:29 AM
Hi,
You are right, implementing ASP.NET Membership no the main site is not a matter of configuration...

You can use a OpenId webring but, once again, you will not be able to avoid the user to "relogin"... The user experience would be very similar to Custom db authentication...

To enable this option, you should create a OpenId Service Provider on your mainsite (we don't give support for this task) and then configure the endpoint into Nearforums config.

Kind Regards,
Jorge
Apr 17, 2013 at 11:49 AM
Hi Jorge,

I really appreciate the time and efforts you put in to guide me.. thank you for the support.. I guess I will have to figure out some unorthodox coding technique or some ajax or jQuery solution..

If I find any.. I will keep posted..

till then thank you once again.. And this nearforums site is awesome.. Thanks for building it under open source license..
Coordinator
Apr 17, 2013 at 11:53 AM
Great! thanks!
If you create a functionality on top of Nearforums and you want to contribute it back, you are welcomed!

Kind Regards,
Jorge
Apr 19, 2013 at 1:09 PM
Edited Apr 19, 2013 at 2:04 PM
Hi Jorge,

I have made a temporary solution which is submitted for testing.. But the premature solution is that I added this code in scripts/common.js

Assuming that the mainsite fills a cookie named UserNAme after user successfully logs in into the mainsite
var mainsiteURL = "http://www.mainsite.com/"; 
// kindly change above url to development server url for testing purpose

$(window).load(
    function() 
    {
        // if lands on login page
        if(document.location.href.indexOf("/login") !== -1)
        {
            // already logged into the mainsite
            if(getCookie("UserName") != null)
            {
                //Hide original signin div (not necessary but in case user has slow internet connection)
                var membershipdiv = document.getElementsByClassName("membership")[0];
                membershipdiv.getElementsByTagName("h2")[0].style.display = "none";
                membershipdiv.getElementsByTagName("form")[0].style.display = "none";
                
                // automatically fill the login form and submit the form for the user
                var loginform = membershipdiv.getElementsByTagName("form")[0];
                document.getElementById("username").value = getCookie("UserName");
                document.getElementById("password").value = "not applicable";
                document.cookie = 'LoginValidated=true; expires=Tue, 1 Mar 2020 20:47:11 UTC; path=/'
                loginform.submit();
                
            }
            // not logged into the mainsite and directly landed on the signin page
            else
            {
                //redirect to mainsite login
                window.location.href = mainsiteURL;
            }
        }
        
        // lands on any page other than login page
        else 
        {
             //if cookie is set but the website has not auto logged in the user yet
            if(getCookie("UserName") != null && getCookie("LoginValidated") == null)
            {
                //if user has not been logged into the forums site but logged into the mainsite
                //redirect to login page
                window.location.href = "/forums/login/" ; // --will require changes after the site is shifted from development server to actual/production server
            }
            //else
            //{
            //  //no problem let them surf anonymously
            //}
        }
    }
);

// In case there is no support for "document.getElementsByClassName" by browser
if(!document.getElementsByClassName){
document.getElementsByClassName=function(cn){
var allT=document.getElementsByTagName('*'), allCN=[], i=0, a;
    while(a=allT[i++]){
    a.className==cn?allCN[allCN.length]=a:null;
    }
return allCN
}
}

// In order to set the cookie  - a handy function
function setCookie(c_name,value,exdays)
{
var exdate=new Date();
exdate.setDate(exdate.getDate() + exdays);
var c_value=escape(value) + ((exdays==null) ? "" : "; expires="+exdate.toUTCString());
document.cookie=c_name + "=" + c_value;
}

// In order to get the cookie by name  - a handy function
function getCookie(c_name) // returns value is cookie found else returns null
{
var c_value = document.cookie;
var c_start = c_value.indexOf(" " + c_name + "=");
if (c_start == -1)
  {
  c_start = c_value.indexOf(c_name + "=");
  }
if (c_start == -1)
  {
  c_value = null;
  }
else
  {
  c_start = c_value.indexOf("=", c_start) + 1;
  var c_end = c_value.indexOf(";", c_start);
  if (c_end == -1)
  {
c_end = c_value.length;
}
c_value = unescape(c_value.substring(c_start,c_end));
}
return c_value;
}
Will let you know about the problems in the code when reported.
Coordinator
Apr 24, 2013 at 2:09 PM
Hi,
That could work but maybe you should check for possible XSS attacks and other vulnerabities...

Kind Regards,
Jorge