Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...DNN 4.9 Requiring Dual Login for SSL Secure Pages! PLEASE HELP!DNN 4.9 Requiring Dual Login for SSL Secure Pages! PLEASE HELP!
Previous
 
Next
New Post
9/12/2008 8:10 AM
 
Eric Bewley

Joined: 11/12/2004
Posts: 5

I have an issue where the SSL pages on my site do not see the user as being logged in between secure and standard pages. I was using 4.8 and just upgraded to 4.9. The issue still exists.

I have two URLs for my site, for example, www.mysite.org and secure.mysite.com, and both are the same instance of DNN on the same server. (Yes, at the moment one is a .org and the other a .com.) The user starts out at http://www.mysite.org and all works well. They log in normally to see their personalized info. When they attempt to view a secure page, DNN is supposed to automatically route them to http://secure.mysite.com, which is happening (and seems to be more reliable in 4.9.0, as 4.8.x would often not route to the secure URL if the user had not been there previously). When the user is redirected to a secure page which can only be viewed by registered users, DNN asks them to log in again. Why is this?

The next part of this issue is about a secure page that is visible to users of any type. The user visits the site via the standard URL (http://www.mysite.org), logs in successfully, and then chooses to view a page which is secure but visible to all users. In such a case, the screen makes it appear that the user has logged out (Login link appears on page), yet if the user clicks on another standard page, they once again appear logged in (name appears instead of Login link). Furthermore, when the user is on that secure page which makes them appear logged out, and they click on the Login link, nothing happens -- the link does not respond. How can I keep users logged in on such secure all-access pages?

Eric
 
New Post
9/16/2008 11:47 AM
 
Mauricio Márquez

dnn.tiendaboliviana.com
Joined: 5/5/2003
Posts: 1126

Dear eric

Dotnetnuke ans asp.net handle seesions by using cookies. The browser security most of times don't allow to share cookies between different domains. for example, let say you have domA.mydomain.com and domB.mydomain.com. Then it is your browser the one that will not share cookies in domA when navigating in domB

Special techniques and configuration can be used. a good start could be:

http://weblogs.asp.net/scottgu/archive/2005/12/10/432851.aspx

http://www.asp101.com/articles/jayram/sharestate/default.asp

Also, I know there is a SSL solution for DNN (not free) that support different domains. search about it in the DNN stores

Locopon
Free modules: E-commerce, Complete localization (Portal, page, module settings, skins, etc.), Secure Login, and more
http://dnn.tiendaboliviana.com
 
New Post
9/16/2008 11:49 AM
 
Mauricio Márquez

dnn.tiendaboliviana.com
Joined: 5/5/2003
Posts: 1126

Just for you to now: If the ecure site uses the same domain that the not secure one then there is no problems at all. ou just need to exchange http and https and the browser security will continue to trust the same domain

Locopon
Free modules: E-commerce, Complete localization (Portal, page, module settings, skins, etc.), Secure Login, and more
http://dnn.tiendaboliviana.com
 
New Post
9/22/2008 10:50 PM
 
Dave

Joined: 10/21/2007
Posts: 2

I had this same problem and found a temporary solution that worked for me.  It worked for me because there is only one portal running off of the DNN install.  If that's the case for you, you can edit the httpCookies element in your web.config:

<httpCookies httpOnlyCookies="true" requireSSL="false" domain="yoursite.com" />

That will force the domain cookie to apply to the domain and all subdomains.  FYI, when I first tested it still didn't work until I cleared out my cookies because it won't replace the current one.

BTW, I had also tracked down a place in the core where the domain could be overriden.  I was going to suggest that a field be added along with the current SSL settings like "root domain" or something where this value could be set.
 
New Post
5/18/2009 5:27 PM
 
jchacon

Joined: 10/14/2008
Posts: 1

I was getting this problem also and modifying <httpCookies httpOnlyCookies="true" requireSSL="false" domain="yoursite.com" /> worked for me. Thank you!
 
 Page 1 of 1
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...DNN 4.9 Requiring Dual Login for SSL Secure Pages! PLEASE HELP!DNN 4.9 Requiring Dual Login for SSL Secure Pages! PLEASE HELP!


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out