ASP.NET Authentication – Multiple Domains w/ Same Application
November 9th, 2009 | 
Author: 
In our series about ASP.NET authentication so far we’ve covered all the rather normal cases where you’d want to have the ability to log into different domains attached to the same application. There are a few additional hurdles you’ll need to overcome to make this work correctly.
The first is, how do I let each domain have its own unique set of logins?
You see, while you can use the same database for multiple domains spread across different applications, the usernames are application specific so that if you log in with domain1.com and domain2.com both pointing to the same domain, either will work. Normally, this is what we want to have happen.
But if those two domains really represent two different web sites and we are just using the same core code, things get a little trickier.
The easiest way to deal with this problem is to make the usernames unique prior to registering and prior to authenticating. This will mean you’ll need to trap some events.
To create a new user and make the username unique, trap the CreatingUser event on the new user wizard.
At this point, there are a couple choices. You can just change the username. I suggest pre-pending the username with the domain. Or you can call the registration APIs directly.
To change the username use this code.
m_createUserWizard.UserName =
"domain.com_" + m_createUserWizard.UserName;
If you want to just call the APIs, you’ll want to call CreateUser();
MembershipCreateStatus status;
Membership.CreateUser(m_createUserWizard.UserName,
m_createUserWizard.Password,
m_createUserWizard.Email,
m_createUserWizard.Question,
m_createUserWizard.Answer,
true,out status);
e.Cancel = true;
if (status == MembershipCreateStatus.Success)
e.Cancel = true;
else
{
// display errors.
}
To login you’ll need to trap the LoggingIn event and the LoginError event.
In the LoggingIn event, change the username
m_login.UserName = "domain.com_" + m_login.UserName;
In the LoginError, you’ll want to change it back so that it displays correctly if there is an error.
m_login.UserName = m_login.UserName
.Replace("domain.com_", string.Empty);
or something equally as effective.
Other Related Items:
Pro ASP.NET MVC 2 Framework, Second Edition (Expert's Voice in .NET)Author Steven Sanderson has seen the ASP.NET MVC Framework mature from the start, so his experience, combined with comprehensive coverage of all th... Read More >
Learning PHP, MySQL, and JavaScript: A Step-By-Step Guide to Creating Dynamic Websites (Animal Guide)If you know HTML, this guide will have you building interactive websites quickly. You'll learn how to create responsive, data-driven websites with PHP... Read More >
Icon Domain II/Airframe Pro Shield Faceshield SilverIcon Domain II/Airframe Pro Shield Faceshield Silver
Related Post
Posted in none | 
Tags: applications, asp.net, authentication, CreateUser, csharp, domains, Membership, Portals
3 Responses to “ASP.NET Authentication – Multiple Domains w/ Same Application”
[...] ASP.NET Authentication – Multiple Domains w/ Same Application (Dave M. Bush) [...]
Wouldn’t it be easier to override the membership provider base class? Override each method with your custom handling for usernames, and you will never have to worry about it again. If you do it this way, you will have to modify the code in every single place you use the username.
It is at least worth considering.