Hi all,
I am working to integrate a DNN installation with a 3rd party authentication service. I'm reading up on DNN documentation as fast as I can, but it looks like there are a couple of ways that I can get this done so it would save me some time if I could get a little bit of direction.
The authentication itself is pretty easy:
1) instead of using the DNN login box, the user is redirected to a 3rd party site
2) the user types in login information on the 3rd party site. That site checks the user/pass, and redirects back to the DNN site with a key passed in the querystring that represents that login attempt.
3) dnn takes the "login attempt key" and does a server http call to the 3rd party site, which either returns with user information (firstname / lastname / etc), or an error indicating that the login attempt failed.
4) dnn creates an account if necessary (or updates an existing login account), and logs in the user under that account.
Which approach makes the most sense:
1) Simply hacking the sourcecode (obviously bad because the site wouldn't be able to be upgraded to new versions of DNN without rebuilding this aspect ... but at least I know i can get it up and running quickly)
2) Use a custom authentication provider (I see that's new in 4.6 -- but I'm not sure how much of the existing framework I'd be able to leverage since my task is relatively simply, nor how compatible it will be with future versions of DNN)
3) Use modules or some other method... the safest but I don't know if it has hooks into the authentication system that I would need.
Thanks for your thoughts. As I said, I am ramping up on this as fast as possible but I'd welcome any direction.
-Rob