Sunday, 28 August 2016

Windows authentication to Login into multiple websites Using Asp.Net

01:43    No comments

Common Login

Common login as the name implies, providing single interface for login into multiple websites.

Implementation
Step 1: First you need to create a website which is going to act as an interface for your other websites. Let’s create a website name it CommonLogin. Now add an aspx page.
In your aspx define your websites that you needed in CommonLogin. Here I have defined three websites in my Common login.
<tr>
<td>
<asp:ImageButton runat="server" ID="imgTravelling" ImageUrl="Images/Travelling.jpg" Width="300" Height="300" OnClick="imgTravelling_Click" />
</td>
<td>
<asp:ImageButton runat="server" ID="imgSports" ImageUrl="Images/Football.jpg" Width="300" Height="300" OnClick="imgSports_Click" />
</td>
<td>
<asp:ImageButton runat="server" ID="imgMovies" ImageUrl="Images/Movies.jpg" Width="300" Height="300" OnClick="imgMovies_Click" />
</td>
 </tr>

Step 2: In your CommonLogin.cs define the URL of the websites that you have included

protected void imgTravelling_Click(object sender, EventArgs e)
    {
        if (User.IsInRole("Travelling"))
        {
            string strURL = "http://localhost:63464/TravellingHome.aspx";
            AccessPortal(strURL, UserName);
        }
        else
        {
            lblMessage.Text = "You are not aothorized for Travelling Portal";
        }
    }
    protected void imgSports_Click(object sender, EventArgs e)
    {
        if (User.IsInRole("Sports"))
        {
            string strURL = "http://localhost:18782/SportsHome.aspx";
            AccessPortal(strURL, UserName);
        }
        else
        {
            lblMessage.Text = "You are not authorized for Sports";
        }
    }
    protected void imgMovies_Click(object sender, EventArgs e)
    {
        if (User.IsInRole("Movies"))
        {
            string strURL = "http://localhost:63839/MoviesHome.aspx";
            AccessPortal(strURL, UserName);
        }
        else
        {
            lblMessage.Text = "You are not authorized for Movies Portal";
        }
    }

    private void AccessPortal(string strURl, string UserName)
    {
        RemotePost myremotepost = new RemotePost();
        myremotepost.Url = strURl;
        myremotepost.Add("UserName", UserName);
        myremotepost.Post();
    }
}

public class RemotePost
{
    private System.Collections.Specialized.NameValueCollection Inputs = new System.Collections.Specialized.NameValueCollection();

    public string Url = "";
    public string Method = "post";
    public string FormName = "form1";

    public void Add(string name, string value)
    {
        Inputs.Add(name, value);
    }

    public void Post()
    {
        System.Web.HttpContext.Current.Response.Clear();
        System.Web.HttpContext.Current.Response.Write("<html><head>");
        System.Web.HttpContext.Current.Response.Write(string.Format("</head><body onload=\"document.{0}.submit()\">", FormName));
        System.Web.HttpContext.Current.Response.Write(string.Format("<form name=\"{0}\" method=\"{1}\" action=\"{2}\" >", FormName, Method, Url));
        for (int i = 0; i < Inputs.Keys.Count; i++)
        {
            System.Web.HttpContext.Current.Response.Write(string.Format("<input name=\"{0}\" type=\"hidden\" value=\"{1}\">", Inputs.Keys[i], Inputs[Inputs.Keys[i]]));
        }
        System.Web.HttpContext.Current.Response.Write("</form>");
        System.Web.HttpContext.Current.Response.Write("</body></html>");
        System.Web.HttpContext.Current.Response.End();
    }
}


                                                                              
Step 3: In your WebConfig define authentication and define roles which can access the websites. You can also use Membership users and roles functionality of sql server for authorization. I have used Active directory user and roles.

    <authentication mode="Windows">
    </authentication>
    <authorization>
      <allow roles="Sports,Movies,Travelling"/>
      <deny users="*"/>
    </authorization>

 Step 4: Host your websites on IIS and choose authentication mode Windows.

Hosting on IIS
Step 5: I have created three roles Sports, Travelling and movies and assigned to users. When I run the website windows authentication pop up will be shown. On entering the correct information user will be redirected to Commonlogin website.

Windows Authentication
Step 6: I have provided the credentials of Sandeep who has the Sports roles.

Windows Authentication
Step 7: common login home page will open when authentication is OK.

common login
Step 8: When Sandeep will try to access portal other than Sports. You are not authorized message will be shown
Unauthorized access
Step 10: if he accesses the Sports portal he will Redirected to that portal.
Sports Home
Step 11: same goes with the other user they are only able to access that portal, which they are authorized of. Reena will only able to access movies portal while Amit will only able to access travelling portal.
Reena Homepage
Movies HomePage

0 comments:

Post a Comment