Single Sign on should work?

Nov 28, 2011 at 7:03 AM

I have a issue getting single sign on to work. I have two sites using the same keys and membership database, with forms authentication enabled. they are as follows:

www.domain.com       (main)
support.domain.com   (nearforums)

The machine keys in web.config are identical and the other requirements are in place. Once again, same MySql membership DB and all. According to this documentation, it should work both ways:

http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx

As of right now, when I authenticate on the nearforums site I am automatically logged into the main site, which is great. But when I log into the main site, I cannot automatically authenticate into the nearforums site. It's as if the forms cookie is being expired or something, which is a bummer.

This would be way easier and more seamless than open auth. I tried setting up open auth, and for a noob like me it is a bit much to handle. Like I said, it isn't as seamless for users either. That said, I was abel to get every other aspect of your site to look fantastic and it blends almost seemlessly.

Thanks, for the awesome forum.

 

 

Coordinator
Nov 28, 2011 at 11:07 AM

Hi,

That's a good one!!

We could do a test, if you don't mind.

Append the following line of code at the bottom of the file <nearforums path>\Views\Forums\List.cshtml

@{ var user = Membership.GetUser(); if (user == null) { <h2>NO DATA FROM MEMBERSHIP</h2> } else { <h2>LOGGED IN: @user.UserName</h2> }}

 

Now, go to the mainsite and log in. After successfully loging in, go to the homepage of the nearforums site.

At the end of the page it should be a message, send it to us.

Kind regards,

Jorge

 

PS: OpenId SSO is not a good choice here because it is not intended to "autologin" by default, you must do a script roundtrip (like its done with Google accounts) or something like that, but it is a lot of work.

Nov 28, 2011 at 8:31 PM
Edited Nov 28, 2011 at 8:35 PM

LOGGED IN: test

..Is the text displayed in the near forums site. It does not indicate that I am logged in at the menu bar. Before I logged into the main site, it said NO MEMBERSHIP. I will send you a screenshot via email.

UPDATE

I cannot post back a screenshot. But menu bar is asking me to sign in while this debug string is stating Logged In.. I guess it is because you guys support so many different authentication mechanisms. Obviously, you are more aware than I what is happening.

Thanks very much for investigating,
Dan

 

Coordinator
Nov 29, 2011 at 8:54 AM

Hi Dan,

You mean that you login on the main site, go to nearforums and get "LOGGIN IN: test"? (even if the menu bar is saying that you are not logged in)

If this is the case, I think we could provide you a patch to you... (that could later be contained on the next release)

 

Kind Regards,

Jorge

Coordinator
Nov 29, 2011 at 3:55 PM

Hi Again,

I could reproduce it on my dev machine!

Nearforums was not trying to read from the forms cookie to authenticate through membership.

Is already implemented on the version-007 branch of the repository and it will be released. 

I uploaded the files that changed to avoid you to reinstall Nearforums on your server, to apply it:

 

Please give us feedback if it worked ;)

Kind Regards,

Jorge

 

Nov 30, 2011 at 3:04 AM

SUCCESS!

It worked great. I really appreciate you handling this for us! This is a great capability to have.

For a future version, you might want to add just a tad bit more code (isn't that always the case)..

  1) When logging off from the main site, you may want to detect this and log off from the forum as well.

  2) When changing users at the main site (i.e. public computer for example) you may want to have it detect different user in the forum too. At the moment, it keeps you logged in as the first user.

Seems as though those darn cookies really are persistent! These are not a big deal for us though, we are just greatful that it makes life easier for our users, period.

Thanks and TONS of Gratitude,
Dan

Dec 2, 2011 at 10:19 AM
Edited Dec 2, 2011 at 10:36 AM

Thanks guys, this worked for me too. Again, if you want to see this you can go to http://99.175.100.45:85/, login as Guest1, password  is Guest1.

And yes, I agree with djabraham, nearforums stays logged in when I log out of the main site. I temporarily put the login off link in the List.cshtml. I'll see if I can figure something out. Awesome!

Coordinator
Dec 2, 2011 at 10:23 AM

Happy to hear that!!!

Mar 11, 2012 at 10:18 PM
Edited Mar 11, 2012 at 10:23 PM
MarioRosario wrote:

And yes, I agree with djabraham, nearforums stays logged in when I log out of the main site. I temporarily put the login off link in the List.cshtml. I'll see if I can figure something out. Awesome!


Ok, sorry I took so long to get to this. This is my hack to log off both sites simultaneously, my site and nearforums as a virtual directory site. This allows me to keep both sites seperated for ease of upgrades. From my main site when I click on the log off link, I redirect it to a page that says you are logged off. I removed the logout link from nearforums. Then from my logoff page I invoke the following javascript.

This seems to work:

<script type="text/javascript">
    function LogOut() {

        // I still need to figure out what to do with the hard coded 192.168...
        var UrlString = 'http://192.168.1.67/Forums/Logout?returnUrl=/'; 

        // HttpPost is a function which calls XMLHttpRequest()
        HttpPost(UrlString);

    }

$(document).ready(function () {
    LogOut();
});
</script>

<div style="font-size:3em; padding:200px 0px 300px 0px; text-align:center;">You are now logged out.</div>