Here's my situation. I have a DotNetNuke application. I want to link to an existing ASP.net website from within the DNN website, and have decided to use DNN's IFrame for that.
The existing ASP.net application uses Forms Authentication for security - only authorized users can access the pages. This asp.net application also requires user roles for authorization to different pages.
I don't want users to have to sign on twice, and I'd like the asp.net page to use the user membership and role data from the DNN application - it shouldn't require it's own membership database.
Is this possible? According to the MSDN website:
"ASP.NET supports forms authentication in a distributed environment, either across applications on a single server or in a Web farm. When forms authentication is enabled across multiple ASP.NET applications, users are not required to re-authenticate when switching between the applications."
Does this apply to DotNetNuke applications linking to asp.net applications? Both are on the same domain, too.
(I tried modifying the config.web of the asp.net page to work with the DNN config.web, matching machine keys and forms settings - but it didn't work. I could be doing something wrong, but before I pursue, I want to know if it's even possible.)
Thanks for any help!
I don't know if what you're talking about is possible within DNN. We're on DNN 4.0 and they do some weird things with the ASP.NET membership tables which may cause trouble.
What I can tell you is an alternative way (assuming you have control over the ASP.NET application). There is a project called MADAM (Mixed Authentication Disposition ASP.NET Modules - I know a bit of a mouthful) that can be used to provide a method other than forms authentication for application logon.
What you could do is set MADAM up on your ASP.NET application and from DNN pass user credentials to the ASP.NET application. The end result appears to the user as single sign on.
If you need me to elaborate on anything, let me know in the comments.
Actually i am displaying some aspx pages in a iframe module present on a dnn page. Now since inside the iFrame i am displaying aspx pages hosted elsewhere but on same server. I am just want to authenticate the dnn logged-in user before loading the page inside iFrame.
Do dnn provide any API which i can call from apsx pages hosted elsewhere in order to restrict access to ony unauthorized user.
Related
I have integrated my ASP.NET website into a SharePoint Site by using an IFrame in the SharePoint Page via a Content Editor Web Part. The ASP.NET web application doesn't have any authentication & authorization implemented in it.But the SharePoint site is having some authentication implemented. Now my requirement is how to get and use that SharePoint authentication information in my ASP.NET web application programmatically to do some code manipulations based on the authenticated user level.Any help would be appreciated.Thanks in Advance
The 'Right' way of doing it would be to redevelop your site as a collection of Application pages. This allows you to limit permissions to Site Collection Administrators, or just about any level of SharePoint Authentication.
http://msdn.microsoft.com/en-us/library/Ee231581(v=vs.100).aspx
This allows you to use the SharePoint object model directly in your 'web' application.
It's a bit complicated to shift from a traditional web application to getting all the pieces running under the Sharepoint _layouts folder, but its worth the time spent and pretty easy to update.
It should be noted that your existing IIS website would be removed and the pages re-homed to that layout folder, via a SharePoint Feature containing your application pages.
I built an ASP.Net MVC 4 application which uses forms authentication by means of a custom membership provider inheriting from the Simple Membership.
Everything is working fine, but now I have a new requirement: I need to integrate a JSP application with mine.
This means that it has to authenticate against the same user database of my application and that they should somehow share the session in order to achieve a kind of Single Sign-On among the two applications (if an user is already authenticated in the ASP.Net application, he should be able to access the JSP application without logging in again, and vice-versa).
What architecture do you suggest me to use?
I would like to change as little as possible the ASP.Net application.
Thanks!
If you need to auhtenticate accross different domains:
You can implement your own security token service (like facebook, google does) Here is some ready to use implementation: http://thinktecture.github.io/Thinktecture.IdentityServer.v2/
If the sites are running on the same domain (subdomain), then you can try to share an authentication cookie within these domains.
An explaining article: http://www.codeproject.com/Articles/106439/Single-Sign-On-SSO-for-cross-domain-ASP-NET-applic
I am attempting to implement a claims based solution into an application. I have an MVC/Classic ASP application, as well as an STS. After authenticating with the STS, I can see the AUTH_USER server variable from my MVC pages. However, this (as well as AUTH_TYPE, LOGON_USER, etc) are not visible in my Classic ASP pages. I would like to be able to test against a server variable that a user is in fact authenticated on the server. If possible, I could read the claim created by the STS to validate the user with my classic ASP pages (not sure if that's an option)
Basically I need a way for my classic asp pages to know that the user is valid when I am logging in via an STS.
Thanks!
I need to integrate my sharepoint site and ASP.net site. So, First login will occur in the SharePoint site with Active Directory authentication and from there i need to traverse to ASP.Net site through a link. Now my question is whether its possible to pass my SharePoint Active Directory credentials to ASP.Net site? Will i be able to do this through a query string? Will i be able to navigate to and fro between SharePoint and ASP.Net sites.
The main point here is the user should not enter his credentials twice ( ie.. He should be authenticated automatically while navigating between two sites.)
What are the options available for me?
Do these things possible to achieve? SharePoint will be hosted using Windows SharePoint Services 3.0.
Thanks in advance,
ReplyQuote
Is the ASP.NET site on the same network? If so, then you can use AD (Windows Auth) for authentication on the ASP.NET site just like you're using it on the SharePoint site. You don't need to pass the credentials, and you can't anyway since all you have is an authenticated identity. If you configure the ASP.NET site to require Windows Authentication, you'll be able to get the user's identity from the server variables (AUTH_USER).
See How to: Use Windows Authentication in ASP.NET 2.0
The behaviour I would like is for a user to be able to visit a custom built website and if they are already authenticated against sharepoint for the custom website to know who they are and give them various rights. If they are not recognised by sharepoint then I would like them to login to sharepoint and be directed back to the custom website.
Sharepoint picks its users and groups up from Active Directory. I don't know much about the internals of the server, but the custom one will be in a separate domain (I think) though I have full control over the custom and moderate control over the SP infrastructure.
A hint at how to progress would be great!
As you rightly said SharePoint can be condigured to use Active Directory for Authentication and User Management. So AD and Sharepoint are 2 different things and you are just linking them. You can develop your custom asp.net application to use AD for Authentication.
Using SharePoint groups in your custom application is difficult (You will have to develop your own service which will check the loggedin user and see if he is present in the SharePoint group)
Another option is to use a Custom ASP.net membership provider and use this in your sharepoint application. This way you can use the same asp.net membership provider for your asp.net application.
Check out Configuring Single Sign on for SharePoint. Could give you some ideas.