Hi all,
I am quite new to DNN/.Net development so feel free to correct me as I go along.
I have started building an authentication provider that would use information obtained from the HTTP Header to "automatically" log the user into DNN. The idea would be to have DNN sitting behind some 3rd party access management tool (i.e. Siteminder). The user would authenticate into the 3rd party tool which would then redirect them to the DNN home page. When the user is authenticated with the 3rd party tool, a set of HTTP Headers are created. One element would be the user id of the person logged in (i.e. SM_USER).
The DNN Authentication Module would sit on the home page. When the page loads, the authentication provider would read what HTTP Header element to look for, obtain the user id from that element, and log into DNN with no intervention from the user. If, for some reason, DNN could not authenticate the user id, then the user would be redirected to another address provided in the settings area.
I have started a project on CodePlex but there was a server error of some sort and I will post the code that I have so far when I can. In the meantime, does anybody have any recommendations as to how to proceed?
The problem that I have right now with the code is obtaining information from the settings section of the module. Below is the code that I am using. Any suggestions would be appreciated.
LOGIN.ASCX.CS
using
System;
//using System.Collections;
using
System.Collections.Specialized;
using
System.Reflection;
using
System.Web;
using
DotNetNuke.Services.Authentication;
using
DotNetNuke.UI.Utilities;
using
DotNetNuke;
using
DotNetNuke.Entities.Users;
using
DotNetNuke.Security.Membership;
using
DotNetNuke.Common;
using
DotNetNuke.Common.Utilities;
using
DotNetNuke.Entities.Modules;
using
DotNetNuke.Services.Exceptions;
namespace
{
IAPWS.Modules.HeaderAuthentication// -----------------------------------------------------------------------------
// <summary>
// The Login AuthenticationLoginBase is used to provide a login for a registered user
// portal.
// </summary>
// <remarks>
// </remarks>
// <history>
// [cnurse] 9/24/2004 Updated to reflect design changes for Help, 508 support
// and localisation
// [cnurse] 08/07/2007 Ported to new Authentication Framework
// </history>
// -----------------------------------------------------------------------------
public partial class Login : AuthenticationLoginBase
{
private string _appID;private string _sHeader; // Used to identify what HTTP Header will contain the username of the pre-validated user.
private string _sUserName; // Used to store the actual username of the user
private string _sFailedLoginURL;private string _sLogoutURL;UserInfo objUser;//bool bAmAdmin; // Is this person listed as an administrator?
#region
{
}
{
}
{
}
{
}
{
}
{
}
{
}
Public Propertiespublic string AppIDget { return _appID; }set { _appID = value; }public string sHeaderget { return _sHeader; }set { _sHeader = value; }public string sUserNameget { return _sUserName; }set { _sUserName = value; }public string sFailedLoginURLget { return _sFailedLoginURL; }set { _sFailedLoginURL = value; }public string sLogoutURLget { return _sLogoutURL; }set { _sLogoutURL = value; }public override bool Enabledget { return AuthenticationConfig.GetConfig(PortalId).Enabled; }public string ReturnURLget { return Null.NullString; }
#endregion
#region
{
Private Methodsprivate void loginUser(string pUserName)//Try and Log User into DNN
UserLoginStatus loginStatus = UserLoginStatus.LOGIN_FAILURE;// Alterations to be done..
// user object will need to be populated.
UserInfo objUser = UserController.ValidateUser(PortalId, pUserName, "DNN", "", PortalSettings.PortalName, IPAddress, ref loginStatus);//Raise UserAuthentication Event
OnUserAuthenticated(eventArgs);
}
UserAuthenticatedEventArgs eventArgs = new UserAuthenticatedEventArgs(objUser, sUserName, loginStatus, "DNN");
#endregion
#region
{
}
{
Protected Methodsprotected override void OnInit(EventArgs e)base.OnInit(e);protected override void OnLoad(EventArgs e)// This is the key area..
// 1. Obtain HTTP Header marker to look for.
// 2. Using HTTP Header marker, obtain username.
// 3. Log user into DNN using username.
try
{
//HttpResponse res = HttpContext.Current.Response;
// 1. Establish connection to Header area.
//HttpRequest req = HttpContext.Current.Request;
// 2. Obtain username header marker (i.e. SM_USER) to look for.
//AuthenticationConfig config = AuthenticationConfig.GetConfig(PortalId);
//sHeader = config.HeaderVariable;
// 3. Using username header marker, obtain username from header.
//NameValueCollection colHeaders = req.Headers;
//sUserName = colHeaders.GetValues(sHeader);
sHeader =
AuthenticationConfig.GetConfig(PortalId).fldHeader;//sFailedLoginURL = colHeaders.GetValues("FailedLoginURL");
// 4. Log user into DNN.
loginUser(sUserName);
}
{
res.Redirect(sFailedLoginURL,
}
catch (Exception exc)HttpResponse res = HttpContext.Current.Response;true);//base.OnLoad(e);
}
#endregion
}
}