Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Nico Lubbers 151 posts 175 karma points
    Feb 09, 2010 @ 14:37
    Nico Lubbers
    0

    MembershipProvider and oAuth to login into Umbraco backend

    Hi all,

    I am trying to get the UsersMembershipProvider to validate against a (external) webservice. This way I can make a single login system based on oAuth (which is provided by my client) where Umbraco is using the accounts of another (external) CMS-system to validate users against.

    To make it clear: I am talking about the login into the umbraco CMS here... so not to be confused with members of the website.
    Users that are already logged in into the clients CMS should be (with a click on a menu-button) automatically loggin in into Umbraco by using the oAuth protocol.

    Now I have it pretty much working, but I still need to do adminitration of users in Umbraco, as it seems that there the membershipprovider is not used...

    So I would like to validate if my approach is correct... this is how it works now:

    Step 1: implement a membership provider which inherits umbraco.providers.UsersMembershipProvider
    Step 2: implement an aspx which accepts an oAuth token and validates it against the other CMS returning true or false AND the roles the user has.
    Step 3: use the roles from the webservice to work with umbraco

    If I look into the source of /umbraco/login.aspx.cs the following code is there:

            protected void Button1_Click(object sender, System.EventArgs e)
    {
    // Authenticate users by using the provider specified in umbracoSettings.config
    if (Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].ValidateUser(lname.Text, passw.Text))
    {
    if (Membership.Providers[UmbracoSettings.DefaultBackofficeProvider] is ActiveDirectoryMembershipProvider)
    ActiveDirectoryMapping(lname.Text, Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].GetUser(lname.Text, false).Email);

    BusinessLogic.User u = new User(lname.Text);
    doLogin(u);

    ...

     

    I would expect that it is possible to have no user administration in umbraco, because it is already in the other CMS. But somehow I am overlooking it. My solution now is to have atleast a username for each account in the other CMS to be duplicated in Umbraco. In my opinion not a very robust way (double administration you know)...

    My code looks like this (pseudo)

        protected void Page_Load(object sender, EventArgs e)
    {
    // use the oAuth request parameters to validate against the 3rdPartyCms webservice
    myUser = GetUserDetailsFromoAuth();

    if (Membership.Providers["UsersMembershipProvider"].ValidateUser(myUser.userName, userPassword))
    {
    umbracoUsername = convert3rdPartyCmsUser();
    umbraco.BusinessLogic.User u = new User(umbracoUsername);
    doLogin(u);

     

    Any ideas on to improve this?

    Nico

     

     

     

     

  • Alfes 4 posts 24 karma points
    Nov 28, 2011 @ 01:59
    Alfes
    0

    Hi,

    Did you manage to improve it lately? I need to use oAuth with Umbraco. It would be appreciated if you could give me some more directions with some working code.

    Thanks a lot.

     

Please Sign in or register to post replies

Write your reply to:

Draft