Building a Login Page for your Authorization Provider
There are many times in where you may want to "bypass" log in for MOSS 2007 because an SSO provider has already provided authentication. In this case, you could have written your own membership and role providers like here and implemented those providers like here.
Now you need to actually login but either do not like the out of the box login and want to provide your own, or as mentioned above, there is no need.
The following is a sample of what you may do in the Page_Load event of the login page. You of course will want to change the web configuration file to point to your MOSS implementation to the correct location.
public
void AuthenticateToMOSS()
{
HttpCookie cookie = Request.Cookies["SMSESSION"];
Utilities mySQLCalls = new
Utilities();
string myUser = string.Empty;
string url = string.Empty;
try
{
// The user has been authenticated.
// 1. Create the ticket.
FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket(
1, // version
myUser, // This will be whatever your username will be and stored in MOSS for authorization
DateTime.Now, // issue time is now
DateTime.Now.AddDays(1), // expires tomorrow
true, // cookie is persistent
"member"); // role assignment is stored in the UserData
HttpCookie cookie1 = new
HttpCookie(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(ticket));
if (Session["RedirectURL"] == null)
{
//Here you can redirect somewhere in MOSS
Session["RedirectURL"] = FormsAuthentication.GetRedirectUrl(myUser, true);
Session["UID"] = iUID;
}
//// 2.5 Create Timeouts for cookies involved
if (cookie != null)
{
cookie.Expires = DateTime.Now.AddDays(1);
Response.Cookies.Add(cookie);
}
cookie1.Expires = DateTime.Now.AddDays(1);
//// 3. Attach the cookie to the outbound response.
Response.Cookies.Add(cookie1);
// 4. Do the redirect.
this.Page.Response.Redirect(url, false);
}
catch (System.Threading.ThreadAbortException)
{
//Do nothing
}
catch (Exception exc)
{
System.Diagnostics.Debug.Print(exc.ToString());
Response.Clear();
Response.Write(exc.ToString());
Response.End();
}
finally
{
}
}
Please notice that I am persisting all cookies here for client integration. I am also manually creating my ticket as MOSS seemed to have issues with the one-liner.
This is sample and may need some modification.
Comments
Anonymous
August 06, 2008
So given your example above would it be possible to authenticate to ORACLE OID server (LDAP) automatically so the user would not have to login to MOSS assuming they already authenticated to OID?Anonymous
August 06, 2008
wma, This will depend on whether you have access to the OID authentication but yes. Essentially, if from your login page, you can get the user context from OID, you can pass that on in your cookie and use that to authenticate. Usually, this is done through a locally installed web sso client on the front-end WFE server.