I am trying to develop an application in that i want auto login in DNN application.means in my application a login page will be there when i enter my username and password i have to redirect the user to DNN Site.Can Any one help me out in this situation?
you would have to develop your own authentication provider that can accept the information you are providing to login that person. See here for more info on authentication providers: http://www.dotnetnuke.com/Resources/Wiki/Page/Authentication_Providers.aspx
Related
I have an IdentityServer4 Application Now I Use ResourceOwnerPassword GrantType That Means the User Should Send Username,Password,ClientId,ClientSecret to Login and It Works Very Well.
Now I Want to Have an Other Way to Login, I Want to Add FingerPrint Login to My IdentityServer, I Want to My User Can Login By Username/Password Or FingerPrint But I Don't Know How to Implement It. Is There Any Body Can Help Me?
I'm currently working on a project where we want to connect facebook profiles to existing (and logged in) Okta users.
The website is made in ASP.NET using Sitecore 6.5.
We use the "Authorize URL" to do our login and account linking with redirect callouts.
I can register and create an account with the facebook identity provider when the user isn't logged in in Okta. In this case it follows the Callout redirects and we get a tx_id. Hover when you're logged in to Okta and you visit the same "Athorize URL" it follows the redirect_uri where you get a id_token as result. this is an JWT string which I managed to decode (example result).
How can I use the information in the JWT to link a user to the identity provider? Or is there another way to do this? I can't find any methods or API calls to add a user to an identity provider without the tx_id.
I believe you used https://developer.okta.com/docs/api/resources/social_authentication.html to add FB social auth for users. Yes, once you browse the final url
https://example.okta.com/oauth2/v1/authorize?idp=0oa0bcde12fghiJkl3m4&client_id=AbcDE0fGHI1jk2LM34no&scope=openid%20email%20profile&response_type=id_token&response_mode=fragment&state=someState&nonce=someNonce&redirect_uri=https://app.example.com/social_auth
you will be redirected to your app https://app.example.com/social_auth with id token in the url. In the redirected app you can read, decode and create session for user. However, the same user profile is also created in Okta.
Once the social auth user profile is created in Okta, you can use that to get id token next time.
We are partner to another company. We developed an asp.net site with membership as the provider. Our partner company requests the following. The users would log in to their site through their UI. Once the user is logged in, there is a link to our site. They want to bypass our login screen and let the users get into our site after they authenticate the user. Is there any standard for this? I checked openid, but it didn't seem like a quite fit. As far as I understood, in openid, there needs to be a link in our login page saying "Login using Company X". Then when the user clicks that the user is taken to Company X login page. Once the user is authenticated is redirected to the link we provided and the user is authenticated. Our partner company doesn't want the user to come to our login page. I still want to use everything that membership provides such as roles.
You might want to look at Claim Based Authentication.
Basically, you can redirect a user to your Partner Site. The user logins at their site, and then your Partner issues security token.
You can download the book - A Guide to Claims-Based Identity and Access Control, Second Edition - Book Download
Source: about slide is from PluralSight - Identity and Access Control in ASP.NET 4.5
Background: I'm using Open ID authentication in my asp.net website. Here is how it works currently - User would pick an Open ID provider from dropdown (google/yahoo/myopenid/etc..) and then click on Login button. The application would then pass the user to the provider authentication page. On successful authentication and authorization on the open ID provider site, user is directed to my application. So far, so good.
Problem: On the Open ID provider authentication page, if the user chooses/clicks Sign Up, then the provider is following its own workflow and the control never returns to my application.
Question: Is there a way where I can disable the dynamic registration on provider (i.e., the Sign Up)?, so that, the user would then be required to register with the provider and then use my application? Or
Is there a way that I can get the control back once the dynamic registration is done?
No. The OpenID protocol has no such provision and while it would be courteous of a Provider to remember to ultimately redirect their new user back to your site, not all do.
In ASP.NET 4.0,
I would like to be able to login a user via email and password only, not username.
The CreateUserWizards also have a notion of only creating users via username and not by email.
Is it possible to login someone with just email/password on ASP.NET?
It is possible. Check out the following:
Using Email to Login with ASP.NET Membership
Set email address as username in ASP.NET Membership provider