I'm about to start work on a project that needs to be accessible via DNN and can also operate as a standalone app. Both apps will use the same domain. I can embed the app in an IFrame module so that it's visible in DNN. I should also be able to make sure web.config cookiename and encryption values are the same so that i can share authentication. That means that I should be able to get single sign on with DNN and the new app.

However, what I want to do is the share the DNN Membership with the new app, so that not only can I get single sign on, where the usercontext is the same for each, but I want the new app to use the roles from the DNN cookie.

Anyone got any pointers on how this can be achieved? I've already tested that I can share authentication (single sign on).

Scenario:

User A logs into DNN and has the 'Publisher' role. User A goes to the IFrame containing external app. External app knows that User A is the current user. How do I get a list of roles ('Publisher') from the cookie for User A so I can add my own logic and security routines in the new app?

many thanks,

Steve

That looks very interesting, thanks Michael.

But I have a question: Since I can access the context user in the external app from the authentication cookie, surely I'd just need to decrypt the roles collection in the same cookie. Both apps are on the same domain. If I write the decryption routine in the external app, shouldn't I be able to get the info directly from the cookie without using a web service?

Hi Steve,

I'm currently looking to enable the exact same scenario you described. I was wondering if you were able to do it and if there were any issues that you encountered while doing so.

Any guidance here would be greatly appreciated.

Mitch