Link to home
Start Free TrialLog in
Avatar of nanosuit25
nanosuit25

asked on

Sharepoint login, using cookie as credentials for authorization.

Hey experts,

I am trying to customize the sharepoint login page, so that i pull a cookie which contains a username and i go about decrypting it, the problem it seems is that my code just doesnt get very far and i get a page cannot load error. I am pretty much trying to override the OnLoad event of the page and i am going to authenticate against an FBA database that i have setup. Any help on this would be greatly appreciated. Just to note, there is some info around the web and i have been compiling it together and using it to the best of my knowledge for a few weeks now, im very new to sharepoint. I pretty much want to bypass this page completely and if the cookie has the right credentials just allow the user into the sight.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web.UI;
using System.Web;
using System.Data;
using System.Data.SqlClient;
using System.Web.UI.WebControls;
using System.Web.Security;
 
namespace OverwriteSharepointEvents
{
    public class OverwriteSharepointEvents : Microsoft.SharePoint.WebControls.UnsecuredLayoutsPageBase
    {
        protected System.Web.UI.WebControls.Label FailureText;
        CommonFunctions.CommonFunctions cf = new CommonFunctions.CommonFunctions();
        protected override bool AllowAnonymousAccess
        {
            get
            {
                return true;
            }
        }
 
        protected override void OnLoad(EventArgs e)
        {
 
                String userNameStr = "";
                //pass strName to function to decrypt
                HttpCookie cookie = HttpContext.Current.Request.Cookies["COOKIE"];
                if (cookie == null)
                {
                    FormsAuthentication.RedirectToLoginPage();
                }
                else
                {
                    cookie = HttpContext.Current.Request.Cookies["COOKIE"];
                    userNameStr = cf.decryptStringToString(cookie.Values["USERID"]);
                }
                String userName = authorizeUser(userNameStr);
 
                if (userName.ToString() == "")
                {FormsAuthentication.RedirectToLoginPage();}
                else
                {FormsAuthentication.RedirectFromLoginPage(userName, true);}
 
        }
        public String authorizeUser(string userNameStr)
        {
            DataSet ds = new DataSet();
            SqlCommand sqlCmd = new SqlCommand("spGetUser");
 
            //Code to access sql and check the usernameStr against the JLLIS database
            sqlCmd.Parameters.Add("@Name", SqlDbType.VarChar, 250);
            sqlCmd.Parameters["@Name"].Value = userNameStr;
            ds = cf.LoadDataSet(sqlCmd, true);
 
            String userName = ds.Tables[0].Rows[0]["username"].ToString();
            return userName;
        }
 
 
    }
}
 
I have also included the changes that i have done to the login page.
<%@ Assembly Name="Microsoft.SharePoint.ApplicationPages, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"%>
<%@ Assembly Name="Microsoft.SharePoint.Publishing, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<%@ Assembly Name="PKCSKeyGenerator, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f0ed41dac287a11b" %>
<%@ Assembly Name="CommonFunctions, Version=1.0.0.0, Culture=neutral, PublicKeyToken=36487aad088dd7cb" %>
<%@ Assembly Name="OverwriteSharepointEvents, Version=1.0.0.0, Culture=neutral, PublicKeyToken=ea8479c8098eb102"%> 
 
<%@ Page Language="C#"Inherits="OverwriteSharepointEvents.OverwriteSharepointEvents" MasterPageFile="~/_layouts/NsiteCustomPages/simple.master" %> 
 
<%@ Import Namespace="Microsoft.SharePoint.ApplicationPages" %>
<%@ Import Namespace="Microsoft.SharePoint.Publishing" %>
<%@ Import Namespace="OverwriteSharepointEvents" %>

Open in new window

Avatar of williamcampbell
williamcampbell
Flag of United States of America image

It probably hangs on this line

    ds = cf.LoadDataSet(sqlCmd, true);

Can you comment that out and the next line and see if the page
This returns a blank user so you should end up back at the login page

 If that is the 'bad' line then we can take it from there

wc
Avatar of nanosuit25
nanosuit25

ASKER

i will give this a try as soon as i can get access back to my server thank you.
So i was able to get on the server this morning and give it the old college try, but to no avail. Just to give you even more insight i have those assemblies installed in the Global assembly cache not in the applications bin folders. Although it shouldn't matter since i have their public key tokens and i know those are right. The error is an IE error, Page cannot be displayed. Maybe is there away to attach a debug process to this page so i can see what the hell is going?

 http://joehewitt.com/software/firebug/

 try using Firefox and the above utility to pinpoint the errror
Just messing around with different things today, i was able to deduce that it isnt even pulling the cookie. Because it keeps coming back null? I don't know why that would be? Im going to download and try that tool.
HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies["COOKIE"];
                if (cookie == null)
                {
                    Response.Write("must redirect to cookie not found page");
                }
                else
                {
                    Response.Write("found cookie");
                    userNameStr = cf.decryptStringToString(cookie.Values["USERID"]);
                    userNameStr = cf.authorizeUser(userNameStr);
                }

Open in new window

Cookies may be turned off in your browser
Cookies are turned on, and i am setting the cookie properly from a separate application that i created.
COOKIE name is correct?  Can you find it on Disk?

No i cannot find the cookie in temporary internet files.
nope i got it, i was able to find the cookie
ASKER CERTIFIED SOLUTION
Avatar of williamcampbell
williamcampbell
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I have a second portion to the program that i wrote which sets the cookie it also checks back for the cookie and gives it to me. What i am thinking is more along the lines of Sharepoint accessing the cache. The cookie is there for some reason sharepoint doesn't access the browsers cache. I think it might have something to do with IIS or ISAPI filters, which i have no experience with. Im going to give you the credit for this one because i have to post another question which is a little more direct, on the sharepoint forums.
Cheers nano hope you find the answer