Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0Psuedo "Single Sign On" from Intranet to Public PortalPsuedo "Single Sign On" from Intranet to Public Portal
Previous
 
Next
New Post
8/22/2006 1:21 PM
 
Ian Lackey

Joined: 7/22/2006
Posts: 127

Hello All,

The purpose of this post is to get some opinions of an idea I had for a Pseudo single sign on solution for my company's portals. I am wondering if the idea is worth pursuing or if there is a better way to do it. If it is a sound idea, is there anyone out there that has implemented something similar or documentation on how to develop an equivalent solution.

So here is the situation:

We currently have an Intranet site that is currently becoming the main online resource for our employees. We also are planning on implementing a public portal to display information about projects that employees are currently working on. The intranet site uses windows authentication, while the public portal will not be tied to the domain for obvious security reasons, which brings me to the problem:

We would like the employees to be able to edit the public portal from a link on their intranet homepage, without being required to login with a different username and password via forms authentication. 

Proposed solution:

Create an ASPX page that uses the current windows identity to get the portal address, username and password from a lookup table and post it (via sol) to the login form of the corresponding dotNetNuke portal. The username will not be tied to or match the windows username and the password will be a randomly generated string.

Has something like this be done before or is this a horrible solution?

If this all seems reasonable, the I have one more problem to contend with... All edits on the portals must be approved before being publicly visible. I know that some modules already support moderation, is there a way to enable moderation on all edits to a portal?

Sorry for the lengthy post, I hope it all makes sense. Please post any opinions, information, insults, you may...

Thanks

ITLackey
 
New Post
8/22/2006 9:29 PM
 
workcontrol

Joined: 6/30/2006
Posts: 147

Suggestion: you create a custom login module, not an aspx page.  The custom login module can read in the URL parameters (username, randompassword, etc) and create the account in DNN and then log the user in.  Your intranet will call the custom login module page.  The challenge it to project the URL parameter from naked eyes. 

Robert Tango
www.workcontrol.com
Custom Modules: UserManager|UserDirectory|UserImport|PortalSSO
 
New Post
8/23/2006 11:26 AM
 
Ian Lackey

Joined: 7/22/2006
Posts: 127
I like they way you are going with that. My only hesitation is, I would like to have the table that contains the list of domain usernames behind the firewall. This will ensure that only intranet users can query the table for usernames. Just another layer of defense against information disclosure. With such a module I would need to query that table from the public portal, correct?  If not, I apologize for my confusion, and ask for a more detailed explaination. I would prefer to not have to write an ASPX app to for this solution, just seems like overkill. We are using Sharepoint internally (simply because of the office intergration features) and was considering creating a webpart to do the SSO stuff.
 
New Post
8/23/2006 9:28 PM
 
Fuji Nguyen

Joined: 5/31/2003
Posts: 219

Just released a new version of Psuedo SSO.   You can download and tweak the  source code (login.ascx) to accept URL parameters and then log the user into the portal.  Below is the link:

http://opensource.indyneinc.com/home/DevX/Articles/SingleSignOnforDotNetNuke3/tabid/99/Default.aspx

Enhancements in the new release

  1. Implementing UserInfo class to hold the data from SSO DB for manipulation in the SSO module
  2. Enabling mass import of users from SSO DB into DotNetNuke from the module Edit page
  3. Standardizing on view/sp names.  Sample script for AdvendtureWork DB is availabe for download.
  4. Distribution of PA only and PA with source in separated files 
  5. New module settings to control module behaviors
    • Redirect to page in portal after login
    • Automatic assign users to a global role
    • Automatic create role and assign users to role based on data in the SSO DB
    • Set default password if imported users have blank password.  Strong password enforcement included. 
    • A random password to be assigned to newly imported users if the new accounts have blank password

Regards

Fuji Nguyen
FREE Visitor Hit Counter
Visit opensource.indyneinc.com for detail.
 
New Post
8/24/2006 9:57 AM
 
Ian Lackey

Joined: 7/22/2006
Posts: 127

I appreicate the input from both of you! My question is, do I need a custom login module? Is there something stopping me from creating a POST request to the /Default.aspx?ctl=login URL?

I need to extract all of the login for returning the login data from DNN. Which obviously must then exist outside of a module. Ideally, I should be able to provide a link to an employee on any intranet page that when clicked will direct them to the public portal and create an authenticated session. The intranet pages are NOT DNN portals, but will all be developed in ASP.Net. The first suggestion from workcontrol is pretty much what I am looking for, and the only drawback mentioned was viewable URLs with credintals in them. Again, couldnt this be mitigated using SSL and POST instead of a typically querystring? Is receiving the post what will require a custom mod, shouldnt I be able to post to the default login URL?

 
 Page 1 of 2
12Next 
Previous
 
Next
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0Psuedo "Single Sign On" from Intranet to Public PortalPsuedo "Single Sign On" from Intranet to Public Portal


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out