[Progress Communities] [Progress OpenEdge ABL] Forum Post: Problem with Custom SSO

Status
Not open for further replies.
C

C Kiraly

Guest
Greetings All - Let me go through the prelims... Sitefinity 12.0 / Custom SSO (Non-OAuth & Non-OpenID) Created a custom C# control and placed on a new page (/login-landing-page) that has the following code in page_load: protected void Page_Load(object sender, EventArgs e) { if (ClaimsManager.GetCurrentIdentity().IsAuthenticated) { SitefinityIdentity identity = ClaimsManager.GetCurrentIdentity(); //Response.Redirect(ConfigurationManager.AppSettings["SSOAuthRedirect"]); } else { string token = Request.QueryString["isgtoken"]; if (string.IsNullOrEmpty(token)) { //Response.Redirect(ConfigurationManager.AppSettings["SSONoToken"]); } else { if (!Page.IsPostBack) { ProcessToken(token); } } } } In basic - the landing page runs ClaimsManager.GetCurrentIdentity().IsAuthenticated to check if the user is authenticated - if so, it would redirect to the SSO User Account page (portal subdomain), if not, it would check the url for a specific query string, process said information, and then authenticate the user based on the processed information... I know it's not a ton of info - but the point on that is that THAT ALL WORKS. The problem I'm having is if I go to the SSO User Account page, and then come back to the Sitefinity site, it doesn't see the user logged in. If I manually go to the login-landing-page, with no query string in the url, it tries the ClaimsManager.GetCurrentIdentity().IsAuthenticated and comes back false. If I enter the query string (copy and pasted) [isgToken is the parameter - so the url looks like site.org/login-landing-page?isgToken=value], even with a non-valid token, when the landing page loads and processes ClaimsManager.GetCurrentIdentity().IsAuthenticated it comes back as true and would then 'redirect' to the wanted page, showing the user as logged in... So long as I stay on the Sitefinity site, it sees the user just fine. When I go to any of the sso pages (portal.site.org/whatever) and then come back to sitefinity pages, it stops seeing the user authenticated unless I go to the landing page again... I'm not sure if it's a cookie issue, or what, or if I've missed a setting from Dev to Live that i'm having an issue with, or if this is a Sitefinity setting or something on the SSO side... I've been looking at this for days, and just need another opinion on what some possible solutions could be... Thanks in advance for any help!

Continue reading...
 
Status
Not open for further replies.
Top