ASP.NET Authentication – Multiple Domains w/ Same Application
November 9th, 2009 | 
Author: 
In our series about ASP.NET authentication so far we’ve covered all the rather normal cases where you’d want to have the ability to log into different domains attached to the same application. There are a few additional hurdles you’ll need to overcome to make this work correctly.
The first is, how do I let each domain have its own unique set of logins?
You see, while you can use the same database for multiple domains spread across different applications, the usernames are application specific so that if you log in with domain1.com and domain2.com both pointing to the same domain, either will work. Normally, this is what we want to have happen.
But if those two domains really represent two different web sites and we are just using the same core code, things get a little trickier.
The easiest way to deal with this problem is to make the usernames unique prior to registering and prior to authenticating. This will mean you’ll need to trap some events.
To create a new user and make the username unique, trap the CreatingUser event on the new user wizard.
At this point, there are a couple choices. You can just change the username. I suggest pre-pending the username with the domain. Or you can call the registration APIs directly.
To change the username use this code.
m_createUserWizard.UserName =
"domain.com_" + m_createUserWizard.UserName;
If you want to just call the APIs, you’ll want to call CreateUser();
MembershipCreateStatus status;
Membership.CreateUser(m_createUserWizard.UserName,
m_createUserWizard.Password,
m_createUserWizard.Email,
m_createUserWizard.Question,
m_createUserWizard.Answer,
true,out status);
e.Cancel = true;
if (status == MembershipCreateStatus.Success)
e.Cancel = true;
else
{
// display errors.
}
To login you’ll need to trap the LoggingIn event and the LoginError event.
In the LoggingIn event, change the username
m_login.UserName = "domain.com_" + m_login.UserName;
In the LoginError, you’ll want to change it back so that it displays correctly if there is an error.
m_login.UserName = m_login.UserName
.Replace("domain.com_", string.Empty);
or something equally as effective.
Other Related Items:
S880693: SWAROVSKI CRYSTAL COMMUNITY TOP SHELL 2007 MEMBERSHIPSwarovski, 2007 Community Top Shell, Membership Piece #880693. Brand new, mint condition in original box with certificate. Dimensions: 2" inches.
Classy Custom Sherbert Alley Deluxe Pastel Pet Portal Pet DoorClassy Custom Sherbet Alley Deluxe Pet Door / Pet Portal the new smart pet door for dogs and cats. Featuring a silicone weather tight magnetically sea... Read More >
First Ascent DVD111810 Features: The film focuses on climbing's modern day pioneers and their quests to make first ascents of the most astounding unclimbed rock forma... Read More >
Related Post
Posted in none | 
Tags: applications, asp.net, authentication, CreateUser, csharp, domains, Membership, Portals
3 Responses to “ASP.NET Authentication – Multiple Domains w/ Same Application”
[...] ASP.NET Authentication – Multiple Domains w/ Same Application (Dave M. Bush) [...]
Wouldn’t it be easier to override the membership provider base class? Override each method with your custom handling for usernames, and you will never have to worry about it again. If you do it this way, you will have to modify the code in every single place you use the username.
It is at least worth considering.