nanosuit25
asked on
Sharepoint login, using cookie as credentials for authorization.
Hey experts,
I am trying to customize the sharepoint login page, so that i pull a cookie which contains a username and i go about decrypting it, the problem it seems is that my code just doesnt get very far and i get a page cannot load error. I am pretty much trying to override the OnLoad event of the page and i am going to authenticate against an FBA database that i have setup. Any help on this would be greatly appreciated. Just to note, there is some info around the web and i have been compiling it together and using it to the best of my knowledge for a few weeks now, im very new to sharepoint. I pretty much want to bypass this page completely and if the cookie has the right credentials just allow the user into the sight.
I am trying to customize the sharepoint login page, so that i pull a cookie which contains a username and i go about decrypting it, the problem it seems is that my code just doesnt get very far and i get a page cannot load error. I am pretty much trying to override the OnLoad event of the page and i am going to authenticate against an FBA database that i have setup. Any help on this would be greatly appreciated. Just to note, there is some info around the web and i have been compiling it together and using it to the best of my knowledge for a few weeks now, im very new to sharepoint. I pretty much want to bypass this page completely and if the cookie has the right credentials just allow the user into the sight.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web.UI;
using System.Web;
using System.Data;
using System.Data.SqlClient;
using System.Web.UI.WebControls;
using System.Web.Security;
namespace OverwriteSharepointEvents
{
public class OverwriteSharepointEvents : Microsoft.SharePoint.WebControls.UnsecuredLayoutsPageBase
{
protected System.Web.UI.WebControls.Label FailureText;
CommonFunctions.CommonFunctions cf = new CommonFunctions.CommonFunctions();
protected override bool AllowAnonymousAccess
{
get
{
return true;
}
}
protected override void OnLoad(EventArgs e)
{
String userNameStr = "";
//pass strName to function to decrypt
HttpCookie cookie = HttpContext.Current.Request.Cookies["COOKIE"];
if (cookie == null)
{
FormsAuthentication.RedirectToLoginPage();
}
else
{
cookie = HttpContext.Current.Request.Cookies["COOKIE"];
userNameStr = cf.decryptStringToString(cookie.Values["USERID"]);
}
String userName = authorizeUser(userNameStr);
if (userName.ToString() == "")
{FormsAuthentication.RedirectToLoginPage();}
else
{FormsAuthentication.RedirectFromLoginPage(userName, true);}
}
public String authorizeUser(string userNameStr)
{
DataSet ds = new DataSet();
SqlCommand sqlCmd = new SqlCommand("spGetUser");
//Code to access sql and check the usernameStr against the JLLIS database
sqlCmd.Parameters.Add("@Name", SqlDbType.VarChar, 250);
sqlCmd.Parameters["@Name"].Value = userNameStr;
ds = cf.LoadDataSet(sqlCmd, true);
String userName = ds.Tables[0].Rows[0]["username"].ToString();
return userName;
}
}
}
I have also included the changes that i have done to the login page.
<%@ Assembly Name="Microsoft.SharePoint.ApplicationPages, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"%>
<%@ Assembly Name="Microsoft.SharePoint.Publishing, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<%@ Assembly Name="PKCSKeyGenerator, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f0ed41dac287a11b" %>
<%@ Assembly Name="CommonFunctions, Version=1.0.0.0, Culture=neutral, PublicKeyToken=36487aad088dd7cb" %>
<%@ Assembly Name="OverwriteSharepointEvents, Version=1.0.0.0, Culture=neutral, PublicKeyToken=ea8479c8098eb102"%>
<%@ Page Language="C#"Inherits="OverwriteSharepointEvents.OverwriteSharepointEvents" MasterPageFile="~/_layouts/NsiteCustomPages/simple.master" %>
<%@ Import Namespace="Microsoft.SharePoint.ApplicationPages" %>
<%@ Import Namespace="Microsoft.SharePoint.Publishing" %>
<%@ Import Namespace="OverwriteSharepointEvents" %>
ASKER
i will give this a try as soon as i can get access back to my server thank you.
ASKER
So i was able to get on the server this morning and give it the old college try, but to no avail. Just to give you even more insight i have those assemblies installed in the Global assembly cache not in the applications bin folders. Although it shouldn't matter since i have their public key tokens and i know those are right. The error is an IE error, Page cannot be displayed. Maybe is there away to attach a debug process to this page so i can see what the hell is going?
http://joehewitt.com/software/firebug/
try using Firefox and the above utility to pinpoint the errror
ASKER
Just messing around with different things today, i was able to deduce that it isnt even pulling the cookie. Because it keeps coming back null? I don't know why that would be? Im going to download and try that tool.
HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies["COOKIE"];
if (cookie == null)
{
Response.Write("must redirect to cookie not found page");
}
else
{
Response.Write("found cookie");
userNameStr = cf.decryptStringToString(cookie.Values["USERID"]);
userNameStr = cf.authorizeUser(userNameStr);
}
Cookies may be turned off in your browser
ASKER
Cookies are turned on, and i am setting the cookie properly from a separate application that i created.
COOKIE name is correct? Can you find it on Disk?
ASKER
No i cannot find the cookie in temporary internet files.
ASKER
nope i got it, i was able to find the cookie
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have a second portion to the program that i wrote which sets the cookie it also checks back for the cookie and gives it to me. What i am thinking is more along the lines of Sharepoint accessing the cache. The cookie is there for some reason sharepoint doesn't access the browsers cache. I think it might have something to do with IIS or ISAPI filters, which i have no experience with. Im going to give you the credit for this one because i have to post another question which is a little more direct, on the sharepoint forums.
Cheers nano hope you find the answer
ds = cf.LoadDataSet(sqlCmd, true);
Can you comment that out and the next line and see if the page
This returns a blank user so you should end up back at the login page
If that is the 'bad' line then we can take it from there
wc