DNN Login - Portal Redirection

0
votes

I'm having some trouble figuring out if DNN has the capability to redirect a user that is being validated to a URL on a different portal within the same site.

For example, say I have PortalA and PortalB, and a User1 that has only access to PortalB. However, I do want to allow for the user to attempt to use the Login page for PortalA, and some logic to determine that the user needs to be directed to PortalB during or after the login process. So, if User1 visits the site PortalA.com and attempts to login, I want User1 to end up being validated and logged in to PortalB, and landing on the home page for PortalB.

Looking at the PortalSettings object, I tried the PortalId and the PortalName that goes into the UserController.ValidateUser and UserController.UserLogin methods, but that does not help with any redirection across two portals. I also took a look at the changing HomeTabId variable that is used for obtaining the RedirectURL and it seems that changing that to an Id that is for the Home Page does not work - because the HomeTabId is outside of the current portal, Globals.NavigateURL() does not give me the URL to the correct portal I want to be redirected to.

I also tried to skip going to the OnUserAuthenticated event when the validation is a success for the intended portal, and then calling the UserLogin method then trying to redirect using Response.Redirect(Globals.NavigateURL()) with the correct URL, but that did not seem to be working either (I get stuck on the same page).

Additionally, there is a need to be able to determine on either PortalA or PortalB's login page, if the user logging in has access to both portals. If they do have access to both portals, then the user would be able to select (from a list, drop down, etc.) which Portal they are wanting to go to. From the selection, the user could then continue on to PortalA or PortalB FROM either PortalA or PortalB's login page as needed. I imagine that if the prior requirements can be solved, then this should be easily solved.

Just in case, there are business rules that dictate that we do need separate portals. Each portal has portal specific functionality, business logic engines, and navigation menus.

I did take a look at: and the response by Chris H., but the answer provided is not enough to solve my issue (we're using DNN Community edition, and I've already got the users set up for which portal they have access to).

EDIT: These portals are on the same domain. So, it'll look like portal1.mydomain.com and portal2.mydomain.com.

EDIT2: I'm currently thinking about doing the portal redirection before the attempt to validating and logging the user in. However, I would need to figure out how to carry over the sensitive user login information across the two portals - I'm not sure if attempting to carry over the data in session temporarily would work, since they're across two portals. I noticed already that if I log in with User1 to PortalA and then change the URL to PortalB, I would have to login again even though User1 has access to both portals. Would attempting to do the portal redirection before the login step be a reasonable approach, or should that be done after the fact?

1
c#.netdotnetnuke
Do the sites exist on completely different domains (i.e. p1.com and p2.com)? - DavidG
They are on the same domain. It'll be something like portal1.mydomain.com and portal2.mydomain.com. - py7133

1 Answers

0
votes

Here's what I've done since I posted the question which seemed to solve the requirements.

First, I created a database table to hold a login token for the user being redirected. Then, I created an intermediate page with a module on it that would do the check with the token and redirect the user to the login page. This intermediate page is used, because I pass the user name and token GUID on the query string to the intermediate page to handle. The intermediate page determines where the user should go at this point.

So let's say, User1 belongs to PortalB, and is trying to login on PortalA: On PortalA, User1 is authenticated, they are not a superuser, so their list of portals is obtained. User1 is said to be on PortalB, so an expiring token is created for User1 and then they are sent to PortalB's intermediate page (PortalB-np). On PortalB-np, the query string values for the token GUID and user name are obtained and compared with the token found in the DB. If the token has not expired and the IP Address is matching for the creator of the token, I redirect them to the login page for PortalB (PortalB-lgn) after storing the user name in session. This page is never seen to the user. On PortalB-lgn, I check that session variable on the load, and if it is found, immediately remove that session value and log that user in by obtaining the User's password via ASP.NET membership as well.

Some things to note: If attempting to manually reach the intermediate page without query string values, the user is redirected to the login page for the same portal that they are accessing. This is almost instant. If attempting to provide a login token and user name on the query string, a token will still attempt to be obtained, but will most likely fail since there is no corresponding token in the database for that user name, portal, and IP address combination within the short time frame for the expiration. Thus they will be directed back to the login page as well. This is almost instant.

For scenarios where a user can access multiple portals, I check the distinct portal count, and if it's more than one, assume the authentication for that user to the first portal in the list of portals they can access (since it's an all or nothing anyway, they should be able to access any portal in that list). If the authentication succeeds, prompt a drop down for the user to select which portal they want to go to. If the selection matches the current portal, just do a normal login, otherwise do a redirect as outlined above.

If there are any other thoughts on this implementation, I'd like to hear them - but this seems to work good for me right now.