Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationLoop ProblemLoop Problem
Previous
 
Next
New Post
7/11/2007 10:23 AM
 
Michel Mathijssen

Joined: 7/11/2007
Posts: 3

Hi All,

I've been testing the AD Authentication for usage in an Intranet environment for a while, but I kept running into loop problems.
Finally I decided to adjuste some of the code myself. 

The changes I made, let me login on all the different portals, with the same AD account. Maybe someone has some use for it, so here it is...


One BIG remark: 

This code does not let user logout! Make sure you choose your Admin and Host account carefully (they should be part of the domain)!  

Initially I installed DNN 4.4.1, and added the AD Fix (Little remark: I do use Integrated authentication on the entire site, not only the WindowsSignin page!)


Here are the changes I made so far:


OnAuthenticateRequest in AythenticationModule.vb:
=================================================

Replaced the entire sub with:

        Public Sub OnAuthenticateRequest(ByVal s As Object, ByVal e As EventArgs)
            Dim _portalSettings As PortalSettings = Common.GetPortalSettings
            Dim config As Authentication.Configuration = Authentication.Configuration.GetConfig()

            If config.WindowsAuthentication Then
                Dim Request As HttpRequest = HttpContext.Current.Request
                Dim Response As HttpResponse = HttpContext.Current.Response

                Dim blnWinLogon As Boolean = (Request.RawUrl.ToLower.IndexOf((AUTHENTICATION_LOGON_PAGE).ToLower) > -1)
                Dim blnWinLogoff As Boolean = (Request.RawUrl.ToLower.IndexOf((AUTHENTICATION_LOGOFF_PAGE).ToLower) > -1)

                ' When on the login page, alsway's login, no matter what!
                If (blnWinLogon) Then
                    ' Login
                    Dim objAuthenticationController As AuthenticationController = New AuthenticationController()
                    objAuthenticationController.AuthenticationLogon()
                    AuthenticationController.SetStatus(_portalSettings.PortalId, AuthenticationStatus.WinLogon)
                    'Redirect to the home page
                    Response.Redirect(Request.RawUrl, True)
                End If

                'When logging off, alway's log off, no matter what!
                If (blnWinLogoff) Then
                    ' Logoff
                    Dim objAuthentication As New AuthenticationController
                    objAuthentication.AuthenticationLogoff()
                    'Redirect to the home page
                    Response.Redirect(Request.RawUrl, True)
                End If

                Dim currentAuthenticationStatus As AuthenticationStatus = AuthenticationController.GetStatus(_portalSettings.PortalId)
                Select Case currentAuthenticationStatus
                    Case AuthenticationStatus.Undefined
                        'Redirect to the login page
                        Response.Redirect(GetUrlWindowsSigninPage, True)
                    Case AuthenticationStatus.WinLogon
                        'User is logged in, do nothing
                    Case AuthenticationStatus.WinLogoff
                        'User is logging of, should not reach this
                        'Response.Redirect(GetUrlWindowsLogoffPage, True)
                    Case AuthenticationStatus.WinProcess
                        'Redirect to the login page
                        Response.Redirect(GetUrlWindowsSigninPage, True)
                End Select


            End If

        End Sub

        Private Function GetUrlWindowsSigninPage() As String

            'Create the return variable
            Dim url As String

            ' Get some needed settings
            Dim _portalSettings As PortalSettings = Common.GetPortalSettings
            Dim Request As HttpRequest = HttpContext.Current.Request
            Dim Response As HttpResponse = HttpContext.Current.Response

            If Request.ApplicationPath = "/" Then
                url = "/Admin/Security/" + AUTHENTICATION_LOGON_PAGE + "?tabid=" & _portalSettings.ActiveTab.TabID.ToString
            Else
                url = Request.ApplicationPath & "/Admin/Security/" + AUTHENTICATION_LOGON_PAGE + "?tabid=" & _portalSettings.ActiveTab.TabID.ToString
            End If

            Return url
        End Function


CreateUser in AspNetMembershipProvider:
=======================================

Removed the check on the password. This would check failes if the user allready exists in the database, but not for this portal:

 ' the username exists so we should now verify the password
        'If ValidateUser(objVerifyUser.PortalID, user.Username, user.Membership.Password) Then
  ...
  'Keep the existing code
  ...
        'Else
  ' not the same person - prevent registration
  'createStatus = UserCreateStatus.UsernameAlreadyExists
 'End If
 
GetStatus & SetStatus in AuthenticationController:
==================================================

Add a unique identifier for the AD user to the name of the cookie.
This would avoid the 'loop' when a users is Authenticated and the cookie is not yet expired.

            Dim strUserName As String = HttpContext.Current.Request.LogonUserIdentity.Name
            Dim authCookies As String = AUTHENTICATION_STATUS_KEY & "." & PortalID.ToString & "." & strUserName

 



It would be great if somebody could changes this code to enable the logoff...
 
 Page 1 of 1
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationLoop ProblemLoop Problem


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out