Building a Login Page for your Authorization Provider

  • Article

There are many times in where you may want to "bypass" log in for MOSS 2007 because an SSO provider has already provided authentication. In this case, you could have written your own membership and role providers like here and implemented those providers like here.

Now you need to actually login but either do not like the out of the box login and want to provide your own, or as mentioned above, there is no need.

The following is a sample of what you may do in the Page_Load event of the login page. You of course will want to change the web configuration file to point to your MOSS implementation to the correct location.

public
void AuthenticateToMOSS()

        {

            HttpCookie cookie = Request.Cookies["SMSESSION"];

            Utilities mySQLCalls = new
Utilities();

 
 

            string myUser = string.Empty;

            string url = string.Empty;

 
 

            try

            {

                        // The user has been authenticated.

                        // 1. Create the ticket.

 
 

                        FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket(

 
 

                         1, // version

                         myUser,    // This will be whatever your username will be and stored in MOSS for authorization

                         DateTime.Now,    // issue time is now

                         DateTime.Now.AddDays(1), // expires tomorrow

                         true,    // cookie is persistent

                         "member");   // role assignment is stored in the UserData

                        HttpCookie cookie1 = new
HttpCookie(FormsAuthentication.FormsCookieName,

                        FormsAuthentication.Encrypt(ticket));

 
 

                        if (Session["RedirectURL"] == null)

                        {

                            //Here you can redirect somewhere in MOSS

                            Session["RedirectURL"] = FormsAuthentication.GetRedirectUrl(myUser, true);

                            Session["UID"] = iUID;

                        }

 
 

                        //// 2.5  Create Timeouts for cookies involved

                        if (cookie != null)

                        {

                            cookie.Expires = DateTime.Now.AddDays(1);

                            Response.Cookies.Add(cookie);

                        }

                        cookie1.Expires = DateTime.Now.AddDays(1);

 
 

                        //// 3. Attach the cookie to the outbound response.

                        Response.Cookies.Add(cookie1);

 
 

                        // 4. Do the redirect.

 
 

 
 

                        this.Page.Response.Redirect(url, false);

                    }

            catch (System.Threading.ThreadAbortException)

            {

                //Do nothing

            }

            catch (Exception exc)

            {

                System.Diagnostics.Debug.Print(exc.ToString());

                Response.Clear();

                Response.Write(exc.ToString());

                Response.End();

            }

            finally

            {

            }

        }

 
 

Please notice that I am persisting all cookies here for client integration.  I am also manually creating my ticket as MOSS seemed to have issues with the one-liner.

 This is sample and may need some modification.