All geek questions in one place

.NET user authentication, membership, portlet profile provider?

I am wondering if you can use the authentication, membership and / or profile functions in .NET to help integrate .NET web applications into the company’s corporate portal. In a nutshell, the portal sends custom header values ​​to any application that is "behind" the portal for fields such as username, user profile information, and some access rights. One of the problems we have with this portal is that we cannot use many of the .NET applications available on the Internet because they were not intended for “portals”, primarily in order to trust that the user has already authenticated.

Is it possible to somehow write your own authentication provider (or, perhaps, use auth forms in some way), just look at the header (plus IP) and automatically "authenticate" as this user? My thinking is that by writing a profile provider, possibly a membership provider, and somehow adding authentication, I can download cool components like the Oxite blog (mnet demo) that I found), switch providers to mine custom and use this behind my corporate portal with minimal code changes.

It makes sense? I feel like maybe I don't understand how these components fit into the riddle.

+3
source share
3 answers

I don’t think you can do it with zero changes in the .Net application, but I think you can do it with minimal changes. Please note that I assume that the Gateways portal is everything that happens with the .Net web application. That is, the portal receives each HTTP request from the browser, adds its own headers to it, sends the request to the .Net application, receives a response from the .Net application, rewrites things, and then returns the information to the browser.

, , (, ), , .Net- , - , , .Net . .

:

  • .Net- .
  • , # 1

1. .Net

.Net. , - login.aspx. ( ) portallogin.aspx portallogin.cs. portallogin.aspx portallogin.cs. . - , . , , PORTAL_SomeFunctionName, SDK , .

const string specialpassword = "ThisPasswordTellsTheBackendSystemThisUserIsOK";

Page_Load()
{
  if (PORTAL_IsLoggedInToPortal())
  {
    string username = PORTAL_GetCurrentUserName();
    // Authenticate the user behind the scenes
    System.Web.Security.FormsAuthentication.SetAuthCookie(username, false);
    System.Web.Security.FormsAuthentication.Authenticate(username, specialpassword);
  }
  else
  {
    throw new Exception ("User isn't coming from the Portal");
  }
}

web.config .Net , - portallogin.aspx login.aspx.

.

2. , # 1

. , .NET, , .

. System.Web.Security.MembershipProvider. , , GetUser ValidateUser ApplicationName. , . , , ( NotImplementedException (s)), , .

    public override string ApplicationName
    {
        get
        {
            return "Portal";
        }
        set
        {
            ;
        }
    }

    private const string specialpassword = 
       "ThisPasswordTellsTheBackendSystemThisUserIsOK";

    public override bool ValidateUser(string username, string password)
    {
        // If the password being passed in is the right secret key (same  
        // for all users), then we will say that the password matches the
        // username, thus allowing the user to login 
        return (password == specialpassword);
    }

    public override MembershipUser GetUser(string username, bool userIsOnline)
    {
       string email = PORTAL_getemailfromusername(username);

       System.Web.Security.MembershipUser u = new MembershipUser(
         this.name, username, username, email, "", "", true, false, 
         DateTime.Now(), DateTime.Now(), DateTime.Now(), 
         DateTime.Now(), DateTime.Now(), DateTime.Now()
       );
       return u;
    }

.Net RoleProvider ProfileProvider, .Net-. ( , ProfileProvider , , zipcode , , . HTTP- .

.Net, , .Net-, / . , .Net. , - , - .Net .

, . , - .Net. , - .Net. , , , .Net . HTML-, , , . - .Net, HTML-, IIS HTML ( , ... IIS, , ).

!

, , Plumtree ( BEA Aqualogic User Interaction) Microsoft SQL Server, IIS , Dynamics NAV. , .Net .

Tim
+3

, . , , , "" - .Net.

IIS7, , .Net (CGI ..). , Windows PHP.

+1

, , , asp.net .

cookie.

, .

.

0
source

Source: https://habr.com/ru/post/1702616/

More articles:


All Articles