I just started using umbraco, is there any possibility to use third party authentication service like www.authenticateuser.com or we can suppose to use web service for authentication process.
You use just about anything to authenticate on umbraco. However aside from building or using another MembershipProvider it can be a very envolved process.
When I started our project I wanted to use WIF (Windows Identity Foundation) and Claims Authentication. A requirement came in to use CAS on Java/Spring. The cas login site was already built.
So what I did is I downloaded the CAS .Net Client from Jasig, then I gutted out all references to form's authentication and changed CASAuthenticationModule to inherit from SessionAuthenticationModule (WIF) and updated the entire CAS client for WIF so it would create claims identities and issue FedAuth Cookie Claims for authenticated users.
Now our CAS layer was mixed with both customers and employees, so half of it was a set of web services and the other half was active directory queries. So I built a utility class for merging the two sets of users together via classes like "XYZUser, XYZCustomerUser, and XYZEmployeeUser".
Then to support it in umbraco, I had to create a membership and role provider to wrap the utility class so things like GetUser, GetAllUsers, FindUsersByName, etc were implemented, and then for the role provider I surfaced AD groups for employees as roles for employees, and customer groups as roles for customers. Thus allowing me to secure umbraco content against the data coming from AD/CAS while also supporting an SSO (single sign on) login experience accross all the sites and umrbaco sites in our system.
As I said, it was involved, but it's pretty cool now that it works.
Ryan, have you looked at Kentor AuthServices [https://github.com/KentorIT/authservices]?
I'm trying to get SSO for Members working on Umbraco 7.x with our local IDP (Some Windows ADFS thing, I think... with SAML 2.0 claims, and I'm a bit confused at the time being trying to understand all the parts involved.
I guess something like you wrote here about mapping the SSO logged in user data to Umbraco Membership is needed. I know someone in Denmark has done some parts of it using OIOSAML.NET [http://digitaliser.dk/group/404609].
Any points besides the one you wrote would be greatly appreciated!
login authentication from third party service
hi,
I just started using umbraco, is there any possibility to use third party authentication service like www.authenticateuser.com or we can suppose to use web service for authentication process.
anyone can help me for this.
Thanks in advance
Hi Sweta and welcome to our :)
Yes it should be possible - Something similar is done in the Oauth Login package by Petr Snobelt here http://our.umbraco.org/projects/backoffice-extensions/oauth-login-to-umbraco-backend
So using AngularJS you should be able to achieve this functionality.
Hope this helps.
/Jan
You use just about anything to authenticate on umbraco. However aside from building or using another MembershipProvider it can be a very envolved process.
When I started our project I wanted to use WIF (Windows Identity Foundation) and Claims Authentication. A requirement came in to use CAS on Java/Spring. The cas login site was already built.
So what I did is I downloaded the CAS .Net Client from Jasig, then I gutted out all references to form's authentication and changed CASAuthenticationModule to inherit from SessionAuthenticationModule (WIF) and updated the entire CAS client for WIF so it would create claims identities and issue FedAuth Cookie Claims for authenticated users.
Now our CAS layer was mixed with both customers and employees, so half of it was a set of web services and the other half was active directory queries. So I built a utility class for merging the two sets of users together via classes like "XYZUser, XYZCustomerUser, and XYZEmployeeUser".
Then to support it in umbraco, I had to create a membership and role provider to wrap the utility class so things like GetUser, GetAllUsers, FindUsersByName, etc were implemented, and then for the role provider I surfaced AD groups for employees as roles for employees, and customer groups as roles for customers. Thus allowing me to secure umbraco content against the data coming from AD/CAS while also supporting an SSO (single sign on) login experience accross all the sites and umrbaco sites in our system.
As I said, it was involved, but it's pretty cool now that it works.
Ryan, have you looked at Kentor AuthServices [https://github.com/KentorIT/authservices]?
I'm trying to get SSO for Members working on Umbraco 7.x with our local IDP (Some Windows ADFS thing, I think... with SAML 2.0 claims, and I'm a bit confused at the time being trying to understand all the parts involved.
I guess something like you wrote here about mapping the SSO logged in user data to Umbraco Membership is needed. I know someone in Denmark has done some parts of it using OIOSAML.NET [http://digitaliser.dk/group/404609].
Any points besides the one you wrote would be greatly appreciated!
/Rolf
is working on a reply...