I'm setting up an intranet ecommerce site with NOPCommerce 2.5 and I want the user to be automatically logged on to the site. Everybody on the network is authorized to be customer. Is there an active directory integration for NOPCommerce or does anybody have tips & tricks on how to move forward?
I know that nopCommerce uses their own implementation of the ASP.net Membership Provider. So yes, it is possible to edit that, and have it automatically generate a nopCommerce user via the Network Credentials.
I'm not aware of anything that already exists for this functionality.
Related
In my system, it will be multiple front-end portal for consumer.
All the different portals contains same logic but different css style only.
For example:
Portal Default : www.myweb.com
Portal A : a.myweb.com
And a user belongs to portal A could access the system from both default portal and A portal.
If the user login the default portal, just redirect him to Portal A.
I just wonder if there is an easy way to implement this with Symfony 3.
Meanwhile I am thinking about the CMS for these portals.
It seems that CMF only support symfony 2.
I am not sure if it could fit symfony 3.
As all the portals use the same content, the CMS only maintain default portal contents.
Thank you for your time and please kindly share your suggestions.
I recently integrated Symfony CMF 2.0.0 with Symfony 3.3 project. It works, although most of its bundles are deprecated or poorly maintained.
Also I encountered an issue that having multiple tree roots (for each subdomain for example) in Symfony CMF is not implemented
Besides Symfony CMF there are some other Symfony and PHP based content management solutions:
Sylius (ecommerce solution)
Drupal 8
eZPublish 5
Bolt CMS
October CMS
PageKit
Sulu CMS
I have an existing WebForms application and we're now creating a new MVC application. They both authenticate using our own custom provider, using the same database.
I can successfully log in in each application separately using the same credentials, but what I now want is to implement a single-sign on (ie: if the user is already logged in in app1, app2 would automatically detect the user's settings and identify him as being logged in).
I have done my homework and read the references here, here and here, amongst others.
So far I have done the following:
Set the same machineKey on both sites:
Set the same forms auth on both sites:
Despite all of this, I haven't managed to get SSO working. I have managed 'Single-sign off', whereby when the user signs off one site, he's signed off from the other.
Is there anything I'm missing?
I would like a configuration-only solution, that does not require me to do any coding.
I am answering my own question just for closure's sake.
The reason why my my SSO was not working is because the main, existing website has its own cookie and session manager, and does not play by the rules of Forms authentication. It calls
FormsAuthentication.SignOut();
Shortly after login has completed.
I tried the configurations mentioned above with 3 different websites, a mixture of MVC and WebForms, different pipelines (integrated vs classic), with our custom membership provider, and it all worked marvellously.
So the steps defined above should work as long as your application does not do funny things with forms authentication.
I'm working on an MVC4 site using SimpleMembership to handle user accounts and role based authentication. We have another site and we'd like to implement a single sign on system allowing users from the existing site to log in to the one I am building. What would be the best way to achieve this and hopefully leverage to the existing roles based authorization I'm using on the MVC4 site. Is it possible to have multiple membership providers (i.e. use the built in one and if the user is not found, attempt to authenticate via a custom provider that I'll write (once I work out how!). Or would it be better to abandon the built in membership/roles and roll my own?
I also thought of letting WebSecurity check the local database and if the user is not found, query the 2nd database and if the users credentials are valid, create a local account for them. One issue with this approach is if a user called Fred registers on the MVC site, and then a user from the other site called Fred logs in, we couldn't create them a local account with the same username. We could prefix/suffix the username with some text to indicate that they are from the other site but then we lose the single sign on feature.
We will also want to integrate AD authentication for staff in the future.
So essentially I'm looking for the best way to authenticate users from multiple databases and keep using roles based authentication?
I've also done a little digging was wondering if ADFS might be useful for this.
Any help or advice would be greatly appreciated!
I recommend the use of an Identity server to handle all your login request and switching to a claim based authentication instead of a role based authentication if you can.
I personally went with Thinktecture IdentityServer
pluralsight.com have a good course on it.
Thinktecture IdentityServer is build on top of simple Membership and it supports multiple protocol such as
WS-Federation
WS-Trust
OpenID Connect
OAuth2
ADFS Integration
Simple HTTP
I recommend checking it
Good Luck
When you create a new MVC project in Visual Studio, you get an AccountController that supports user self-registration and self-help changing passwords. This is great as a basic first step for a public internet site. But for an intranet site where an admin is responsible for creating users and assign them roles, is there any equivalent pre-existing template to start from?
To clarify, I am looking for a template that continues to use basic auth and that continues to use the ASP.Net membership and role services, as does the internet template, but provides UIs for user and role management that are intended for use by an administrator. The site is going to be on the internet but is not going to be "public" per se. There will be one or more sys-admin accounts that will have the ability to provision other users. The site will hosted by a yet-to-be-selected hosting provider.
Yes, it's called the Intranet Application. I know, who would think an Intranet application was an Intranet application?
MVC3 has 3 templates, Empty, Internet Application and Intranet Application.
We have a ASP.NET MVC3-Application which includes a lot of links to Documents in SharePoint 2010 - Libraries. If the User clicks on one of these links, he'll be invited to choose between ReadOnly-Mode or Edit-Mode of the Office-Document. If he chooses "Edit-Mode", he will have to enter the credentials for SharePoint.
Is it possible to do some kind of SingleSignOn out of the MVC-Application, using the Users MVC-App-Creentials to log into SharePoint2010? We'd like to have the user clicked on the link and to be able to edit the document and click save (saving back to SharePoint) without entering his credentials once again. Are there any experiences?
//edit: the MVC-Application & SharePoint are both in a different Active Directory than the User, so this problem is not solvable by implementing a User > SharePoint SSO. Further it is not possible to access SharePoint through the SharePoint Server Object Model in the MVC3-Application: SharePoint uses .NET 3.5 and MVC3 requires .NET 4.0
You can achieve what you are trying to do, however, you would need to enable claims based suthentication on SharePoint and write a custom provider.
One of the possible solutions in your case is Active Directory Federation Services.
http://blogs.technet.com/b/andrew/archive/2010/06/09/what-is-adfs-and-why-you-should-care.aspx