Our company uses OneLogin for SSO so I have been attempting to integrate into Umbraco so that our users can access umbraco (we have several umbraco instances) from their OneLogin dashboard.
I am pretty much there I think.
Created a SSOController which
1) Validates the OneLogin SAMLResponse
2) Uses the Umbraco UserService to locate an IUser for the specified username / email
3) Uses the BackOfficeSignInManager to perform an ExternalSignInAsync
4) Sets the Principle onto the HttpContext.Current.User, also the Thread.CurrentPrinciple
I'm not sure if I had to do (4) but I based this off what the PostLogin Action does in the AuthenticationController.
When I click on my App in the OneLogin dashboard, the user is taken to our Umbraco instance and the custom controller is hit. Steps 1, 2 and 3 are performed and the user is redirected to //umbraco/
At this stage, the IsAuthenticated request is called in the browser, and this comes back with a "false" result, and so the user is redirected to the login form.
What have I missed here? It seems like the user is being logged in (as earlier the user was being redirected to the login form immediately, i.e. umbraco backoffice UI didn't attempt to load at all).
Integrating OneLogin single signon
Our company uses OneLogin for SSO so I have been attempting to integrate into Umbraco so that our users can access umbraco (we have several umbraco instances) from their OneLogin dashboard.
I am pretty much there I think.
Created a SSOController which
1) Validates the OneLogin SAMLResponse 2) Uses the Umbraco UserService to locate an IUser for the specified username / email 3) Uses the BackOfficeSignInManager to perform an ExternalSignInAsync 4) Sets the Principle onto the HttpContext.Current.User, also the Thread.CurrentPrinciple
I'm not sure if I had to do (4) but I based this off what the PostLogin Action does in the AuthenticationController.
When I click on my App in the OneLogin dashboard, the user is taken to our Umbraco instance and the custom controller is hit. Steps 1, 2 and 3 are performed and the user is redirected to //umbraco/
At this stage, the IsAuthenticated request is called in the browser, and this comes back with a "false" result, and so the user is redirected to the login form.
What have I missed here? It seems like the user is being logged in (as earlier the user was being redirected to the login form immediately, i.e. umbraco backoffice UI didn't attempt to load at all).
Thanks for any help you can give
Paul
After hours of wrestling with this, I post a request for help, and then within 5 minutes I have solved my own problem.
I shouldn't have been using the ExternalSignIn on the BackOfficeUserManager.
Instead I needed to use:
BackOfficeUserManager.UserManager.FindByEmail(userEmail)
To get a BackOfficeIdentityUser
And then I can call
BackOfficeUserManager.SignIn(BackOfficeIdentityUser, bool, bool)
This works brilliantly.
Thanks
Paul
is working on a reply...