Client have a site built using Wordpress. We have built a web app for them in asp.net on a subdomain. Client now wants a login to the .net web app on the homepage of their wordpress site.
Obviously this needs to be secure.
How would this cross domain auth usually be performed?
Can it be done in an iframe or is some other method preferred>
Thanks
Wing
Using iFrame could do the trick but the elegant way of doing this would be using JSON data to communicate between different domains. You must be able to modify your client's wordpress site (authentication part of it) which would send a JSON object to your asp.net application.
Then your asp.net application should decide whether the login should be successful or not looking at the JSON data sent by wordpress site. Good luck
Related
I have a MVC ASP.NET site that uses a database lookup for user authentication and then stores authentication variables in cookies.
I want to redirect the user to a MVC ASP.NET Core subsite without the user losing his authentication variables.
I am not able to share cookies between the two sites due to different encryption-schemes.
Both sites are hosted on the same domain on a windows server (IIS). Is there any way to securely transfer data along with the url redirect?
Is there some obvious solution that i am missing?
Please let me know if you need additional information about the project.
As a temporary solution, the user is promted for a new login once he is redirected to the subsite. I wish to avoid this.
You can not share data from MVC web app to MVC core web app. That is because it is hard to do.
But, there is a way to share the authentication mechanism. You can have an identity provider which will be responsible for authentication of users in both the sites. The login functionality will be in the identity server. Once a user is logged in, both your sites will use those authentication data.
I have 2 Asp.net website in the same ISS7 webserver.
Both site use forms authentication.
When I'm logged in on first web site and I try to login on second web site, I lost authentication on fisrt one.
I need use both site on same browser and now is impossible.
What can I do to solve my problem?
SOLVED
I found solution in this post
Multiple applications using same login database logging each other out
Ensure that both web applications are using the same machineKey values in the web.configs. This is used for encryption/decryption of the forms authentication ticket. There is really good information here: http://msdn.microsoft.com/en-us/library/eb0zx8fc(v=vs.100).aspx
I need to implement the sub domains in asp.net web forms (not MVC) for all clients on fly.
Here is the whole scenario I have a General website for every one as http://mydomain.com
and once a client is registered to my website, he will be allocated a subdomain as
client1.mydomain.com
client2.mydomain.com
client3.mydomain.com
and all clients will be served from
http://mydomain.com/clientwebsite/
with their customized contents from DB server On the Client website.
I looked about it and came to know that it can be done by IIS URL re Write but we will have multiple links and options on client sites which postbacks with querystring and data. I dont know how to send that and rewrite on backend. it can be
client1.mydomain.com/mystoreitems
or
client1.mydomain.com/section=mystoreitems
Kindly guide me how to do this.
I have an large ASP.Net web application that will have a large number of users and I want to make this site accessible from other sites by take the credentials uses to have authentication to other sites on another domains, to make it easy to understand from you the idea like this site we can access it by using Yahoo, Google or Facebook account
my web application use form authentications.
any Idea to do this
Thanks all
I have tried to find out the links which might help you in your course to support multi-website authentication :-
Facebook Authentication
Google Authentication
OpenId
If you use the passport authentication provider instead of the forms provider on your web site this would enable authentication across domains that support this. This works if you can implement this across your domains or you're using existing sites that already support this.
I've got an ASP.NET application which uses forms authentication.
We're adding on an HttpModule that responds to requests in the /webdav folder and below. We need to use basic/digest authentication for these requests.
With <authentication> set to Forms in the root web.config, requests from webdav clients are receiving a 302 redirecting the user back to the login page.
Is MADAM the best way to achieve this?
I think MADAM would work well for you.
I'm using MADAM to make RSS feeds available that are specific to logged in users accessible to RSS Readers. I am also planning on using it when we implement mobile app access into our application. That way we can use the same controller logic and change the authentication using MADAM.
I would suggest that you use HTTPS requests if you're doing BASIC authentication. Also, if you are using IIS 7, make sure you add the http modules configuration into the system.webServer/modules section. I wasn't paying much attention and wasted time diagnosing why it was working locally and not on the development server in IIS 7.