Perhaps I'm not thinking clearly but I have an existing website/application that I want to "front-end" with DNN without re-writing the application in DNN's modular format, i.e; I want DNN to handle membership, authentication, etc. Authenticated users could then access my existing web application.
There are a couple articles here that discuss what it might look like when integrated and some discuss the pitfalls that might be associated with such an arrangement, however none of the articles outline the steps I would need to take to deploy DNN this way.
I have been unsuccessful in my attempts to setup child sites or even parent site in DNN host management that will successfully point to my existing application. It errors out because it's looking for all the DNN libraries.
When I try adding adding a virtual application/directory in the DNN site definition (IIS) that points to my existing web app, I get DNN's error page stating the page doesn't exist.
I don't want to rewrite the application as a module, but if someone would be kind enough to walk me through the steps of setting the two websites up so they can share membership information, I would be terribly grateful. What would I need to setup in IIS, DNN, and my existing website.
Thank You...
C. Lane
You pretty much won't, you can have DNN running side by side with another application running, or you can convert content/modules/functionality into DNN.
If you want to share membership, you'll have to code your application to use the DNN authencation/users/profiles, but there aren't any step by steps for that.
This question actually comes up pretty frequently. An easy solution would be to have both applications use AD authentication. Probably not the solution you are looking for but its the simplest.
I've never tried it, but if they are both using SqlMembershipAuthentication, you might be able to configure both to point to the same database (the dnnDB). Check this link for SqlMembership configuration.
I'm sure DNN wouldn't support this, but it could work,... I think.
Related
I'm developing Asp .Net(MVC3) web application for my company.Some users use this site in internal network and some will use internet site.I've to Authenticate Users using the website.How can i do it?
Whether it is possible to check the Authentication code only after deploying the Solution? How can i check it in my local solution?Can Anyone Explain Step by step Process involved in this?
Its hard to give you a step by step procedure given that I don't know much about your infrastructure, or your dev environment.
With that said, it sounds like you want forms authentication for your external site, and integrated authentication for your internal. In both cases, the back end authentication would be done by Active Directory. A VERY common scenario.
All you need to know is the right terms to use, and you'll quickly find examples online. Google up something like "mix form and windows authentication mvc". But again, given all the different versions of IIS and MVC, there are quite a few scenarios so you may not find a definitive guide and instead you'll have to wind up evaluating each and mashing up a solution for your environment.
Hai,
i am trying to store the user permissions for my web site.But I am little bit confused with xml and Database. For each user in site have different permissions. Have u ever faced this issue? for Example , if my site is a shopping site , for a local user , the report menu need not to display. A sales man need not to display the purchase page. and so on ..
I think you understood my problem .I have done this user management using a xml file . For each user a new node will create according to the menu and keep in the xml file . Next time the user login ,checks the permissions and and show only the allowed menus.
My boss tell me to do the same thing using the Database. by using XmlDataSource it is quite simple to bind data to the treeview (for setting permission) and binding to the menustrip also.
He is pointing the security problem . i don't think like so.
Which is better ? DB or XML
http://msdn.microsoft.com/en-us/library/yh26yfzy.aspx
My advice would be to use asp.net membership and roles (written by Microsoft). It is a very good security solution - login security, roles (permissions) and is stored in a SQLServer database (not sure if it can be stored elsewhere).
I use it on my site and you can use membership controls straight out of the box (login forms, change password, etc.) or you can roll your own.
The only tricky bit I found was setting up the membership tables, views and stored procs in my dB (you download a dB script), but really it was fairly straightforward to implement.
Here's a link to asp.net membership and roles
ASP .NET Membership and Roles (part of the Provider Model introduced on ASP .NET 2) is (IMHO) nice only when you need some basic stuff. The issue is that you need to use the whole system using SQL Server, but if you are planning to move to a different DB provider (MySQL, SQLite, etc..) then you'd have to implement your own provider (which is at best painful), and learn how the whole pieces fit each other. Granted, finding a custom implementation it's quite easy, but is not a copy & paste thing.
Another bad thing of the default provider model is that you will get a ton of SQL stored procedures, also called maintainance nightmares. The issue is that if your site scales, then these SP's will make your life a living hell (been there) and if you even dare to change hostings then you're in for a treat, so my advice would be make your own permissions hierarchy and use it the way you wish. Also, look for advices and some pre-existing solutions to the permissions problem which is quite common.
Website security can be split up into to distinct parts.
Authentication: Logging in
Authroization: Roles/Permissions.
The ASP.NET Forms Authentication Provider is a great way to implement authentication. I recently created a custom provider that communicates with our companies X500 directory (LDAP). It was very straight forward.
For Authorization, we implemented the entlib security application block. It allows you to keep Roles/Permissions in a separate location that can be accessed by your UI as well as your service layers (assuming your developing a scale-able solution). You may also want to look at the Windows Itentity Foundation which is slated to supersede entlib security application block, however it is only available for .NET 4.0.
I'm not sure I'm asking the right question here, but I'm looking to provide web based functionality from one ASP.NET application to another remote 'portal-like' application. Is it possible to simply give the portal a DLL? As an example, let's say the SaaS web app has a patient-entry form that I want to be able to use from the portal application. I would like the portal app to be able to set preferences (permissions, color, style, etc), make a function call, and have that capability presented within a certain div or something. Is there any .NET technologies that provide this kind of integration?
EDIT:
Here is a link to a quick diagram I made trying to describe the scenario: http://img.ly/ESG. I know there are other ways of doing this (eg JSON-P calls), but I need to give the portal developers something they can control on their end. Also, if anything changes they'll know I will send them a new version of the DLL which will indicate to them the new functionality.
I'll give you a shopping list of things to check out:
DotNetNuke:
http://www.dotnetnuke.com/
Workflow Foundation -
http://msdn.microsoft.com/en-us/netframework/aa663328.aspx
Microsoft SAAS platform -
http://www.microsoft.com/serviceproviders/saas/default.mspx
Depending on exactly what you're looking for, you might also research "multitenancy".
To answer your original question, yes, you can do it with DLL's, but there are easier ways to do it.
I have a web site solution (asp.net) that runs on a SQL server database. I have several of those installations running and i want to create an administration module which can monitor and interact with them all. - and if all goes well - push/upgrade an installation to FTP/SQL.
What is the best approach to architecturing this?
SHould i simpley just integrate with the database on each installation (easiest approach as i see it) but this will give problems when/if I upgrade the database model
Should I write a webservice which interacts with the database and i "simply" connect with this webservice on each website when i need to administer it?
Any solutions i havent thought about is very welcome
/Brian
The latter would be a better approach as this would give you independence from any underlying customisations to the installations.
I agree abstract the implementation into a webservice, and then use something like the enterprise library to interact with the datastore.
This will give you a good framework to work from and should help decouple your application, resulting in more flexiblity moving forward.
I'm trying to use the asp.net (3.5) built in user management framework but I'm not 100% sure how to do this on godaddy. Google didn't help much, anyone have experience with this?
You can roll your own or find one. You cannot run the Asp.net configuration tool directly against your GoDaddy account. (If you notice, it's just another asp.net website runing in another dev web server via Visual Studio).
You can use the System.Web.Security.Membership and Roles static classes in the Membership Provider to hook into it. This is very easy to do. Membership.GetUsers(), etc.
You can also use the stored procs to manually add/remove users and roles.
-Nathan
Go to your hosting control center
in menu Content on top, go to IIS Management,
there will be list of web folder,
on top of the list you can see asp.net runtime versions and (modify) link in brackets, click on it. There you'll see if you are using asp.net 3.5.
I have also had this problem. About a year ago. So I am curious to know what the solution might be, if there is one! I was told by Go Daddy, back then, that they had ASP.net admin stuff "locked down" pretty tight. I went back and forth with their help people, who had to actually escalate it - because the general help team didnt understand what I was asking. What I ultimately did was I canceled my hosting service (they did give me a refund for unused time!) and I went over to a different host. Hope this helps and I will be listening carefully to responses as I am curious to see if they changed OR if someone has a workaround.
To get the tables that the membership provider uses, look in %WINDIR\Microsoft.NET\Framework\v2.0.50727. That is where the SQL statements used by the wizard are located. Also, check out:
http://www.asp.net/Learn/Security/tutorial-04-vb.aspx
for a more thorough explaination of how memberships tables are set up. You can do all the same work that the admin tool does, just not in a GUI format.