Custom Forms Authentication cookie for Single Sign On

Author
APGvNext Sam
vNext Dev
  • Total Posts : 13229
  • Joined: 2001/05/23 00:00:00
  • Status: offline
2010/08/03 21:05:09 (permalink) Authentication
0

Custom Forms Authentication cookie for Single Sign On

If you are trying to integrate the software into your own site, and are in the following situation:
  • You are already using a Forms Authentication Cookie (Cookie A) for authentication (login) for your site (whether or not you have your own membership provider), and
  • Your Forms Authentication Cookie does not contain the user name for the user, but email or some other info to identify the users (e.g. your own membership provider authenticates user with email instead of user name), and
  • You want to achieve single-sign-on between your site and the forum, i.e. you want your users to log on from your site's sign in page, and have the user recognized automatically by the forum.
You will not be able to use the built-in membership integration feature we have in the software. What you will have to do is to find out 
  1. a method to import members to our db, and
  2. a mechanism for the forum to recognize a logged on user from your site.

1. For importing members

You can choose one of the following options:
  • do it manually using the Fast Member Import feature in the AdminCP;
  • call our spRegister stored procedure on your own page when user finishes the registration process on your site;
  • use our Site Integration Package's Membership Provider for our forum to insert members into our db when user finishes the registration process on your site (similar to the above);

2. For single sign on support

You will need to create a separate Forms Authentication Cookie ( Cookie B ; in addition to your own site Forms Authentication Cookie) that contains the user name for the forum to recognize the user.  
 
Please use the attached sample code FormsAuth.zip to see how this can be done (read the comment inside the code). Please install the sample code as a Web Application before running it.
 
2 prerequisites for this to work:
  1. Your site must share the same Machine Key with the forum (same machinekey specifications in both web.config files);
  2. You must use different Forms Authentication Cookie names for Cookie A & Cookie B (site & forum);
Our software has native support for Login and Registration page Redirection, meaning you can specify your own login page and registration page in the AdminCP and the software will redirect users to your specified pages when they click on the login / registration links on the forum. This way you can ensure that users only perform the 2 tasks on your site pages.
post edited by Samuel - 2013/02/26 15:23:21
#1
T Stanley
New Member
  • Total Posts : 1
  • Joined: 2012/06/24 04:09:51
  • Status: offline
Re: Custom Forms Authentication cookie for Single Sign On 2014/08/19 12:28:32 (permalink)
0
Hi Samuel.  I would like to accomplish exactly the goals as stated in this Custom Forms Authentication Cookie post.  I notice that it is from 2010.  Is there an update to these instructions for vNext 5.1?  I have it installed on my local development machine along with my custom site (also a dev copy).  I use the SqlMembershipProvider along with the SqlStoredProcedureProfileProvider package from back in .NET 2.  I think this actually does use the email address as the cookie ID, but I'm not sure.
 
In any event, can you put me on the right path, please?  Thanks very much
 
Tom
#2
APGvNext Sam
vNext Dev
  • Total Posts : 13229
  • Joined: 2001/05/23 00:00:00
  • Status: offline
Re: Custom Forms Authentication cookie for Single Sign On 2014/08/19 12:55:07 (permalink)
0
nope, there is not an update. The concept in this post revolves around the use of FormsAuthentication cookie, which is part of the .NET framework.
 
You just replace the web.config with one that's compatible with your site if needed, based on the .NET framework installed on your site.
#3
Jump to:
© 2020 APG vNext Commercial Version 5.5