Is there an API or programatic way to log administrators into the back end automatically?
My scenario is that there is a client wants to use single sign on (some wierd custom Java thing they developed ages ago) to log in to all their systems, Umbraco included.
So the users essentially need to click a link on their SSO portal and be taken without a login prompt to the Umbraco backend.
You can try this one. This is just for a POC. I have tested on localhost, U7.1.8, and it works.
// First create a Httphandler. The Httphandler is called by a client whenever the client clicks on a link. Lets say the client clicks on a link "http://localhost/umb.sso?ssoid=1234"
It has one parameter called ssoid. This id can be use for a security check !!!!!.
Add the Httphandlers in your web.config file
Finally the HttpHandler looks like this one.
namespace UmbracoTest.UmbHelper
{
public class UmbracoLoginHandler : IHttpHandler
{
public void ProcessRequest(HttpContext context)
{
var ssoToken = string.IsNullOrEmpty(context.Request.Params["ssoId"]) ? "" : context.Request.Params["ssoId"];
// verifty that the token
// !!!!!!!!!!!!!!!!!
if (!ssoToken.Equals("1234")) return;
// if everything is fine, lets login as admin
var wrapper = new HttpContextWrapper(HttpContext.Current);
var webSecurity = new WebSecurity(wrapper, ApplicationContext.Current);
webSecurity.PerformLogin(0);
// finally redirect to the umb backend.
HttpContext.Current.Response.Redirect( "/umbraco/");
}
public bool IsReusable { get { return false; } }
}
}
Can also get the current User and log them into the backend automatically (windows auth).
public void ProcessRequest(HttpContext context)
{
var wrapper = new HttpContextWrapper(HttpContext.Current);
var webSecurity = new WebSecurity(wrapper, ApplicationContext.Current);
var userService = ApplicationContext.Current.Services.UserService;
var userId = userService.GetByUsername(HttpContext.Current.User.Identity.Name);
if (userId != null)
{
webSecurity.PerformLogin(userId);
HttpContext.Current.Response.Redirect("/umbraco/");
}else
{
HttpContext.Current.Response.Redirect("/");
}
}
Backend login API
Is there an API or programatic way to log administrators into the back end automatically?
My scenario is that there is a client wants to use single sign on (some wierd custom Java thing they developed ages ago) to log in to all their systems, Umbraco included.
So the users essentially need to click a link on their SSO portal and be taken without a login prompt to the Umbraco backend.
Cheers
Hi, JJ.
You can try this one. This is just for a POC. I have tested on localhost, U7.1.8, and it works.
// First create a Httphandler. The Httphandler is called by a client whenever the client clicks on a link. Lets say the client clicks on a link "http://localhost/umb.sso?ssoid=1234" It has one parameter called ssoid. This id can be use for a security check !!!!!.
Add the Httphandlers in your web.config file
Finally the HttpHandler looks like this one.
Can also get the current User and log them into the backend automatically (windows auth).
is working on a reply...