ASP.NET Authentication – Multiple Domains w/ Same Application

B03B0021

In our series about ASP.NET authentication so far we’ve covered all the rather normal cases where you’d want to have the ability to log into different domains attached to the same application.  There are a few additional hurdles you’ll need to overcome to make this work correctly.

The first is, how do I let each domain have its own unique set of logins?

You see, while you can use the same database for multiple domains spread across different applications, the usernames are application specific so that if you log in with domain1.com and domain2.com both pointing to the same domain, either will work.  Normally, this is what we want to have happen.

But if those two domains really represent two different web sites and we are just using the same core code, things get a little trickier.

The easiest way to deal with this problem is to make the usernames unique prior to registering and prior to authenticating.  This will mean you’ll need to trap some events.

To create a new user and make the username unique, trap the CreatingUser event on the new user wizard.

At this point, there are a couple choices.  You can just change the username.  I suggest pre-pending the username with the domain.  Or you can call the registration APIs directly.

To change the username use this code.

m_createUserWizard.UserName =
    "domain.com_" + m_createUserWizard.UserName;

If you want to just call the APIs, you’ll want to call CreateUser();

MembershipCreateStatus status;
Membership.CreateUser(m_createUserWizard.UserName,
    m_createUserWizard.Password,
    m_createUserWizard.Email,
    m_createUserWizard.Question,
    m_createUserWizard.Answer,
    true,out status);
e.Cancel = true;
if (status == MembershipCreateStatus.Success)
     e.Cancel = true;
else
{
    // display errors.
}

To login you’ll need to trap the LoggingIn event and the LoginError event.

In the LoggingIn event, change the username

m_login.UserName = "domain.com_" + m_login.UserName;

In the LoginError, you’ll want to change it back so that it displays correctly if there is an error.

m_login.UserName = m_login.UserName
    .Replace("domain.com_", string.Empty);

or something equally as effective.

Related Post

  • Determine The Role of a User in ASP.NETDetermine The Role of a User in ASP.NET There are several controls that allow you to display content based on the role a user is in, including: - LoginView - LoginStatus And the web.config file allows us to control which pages can ...
  • DotNetNuke Modules – Creating Base ModulesDotNetNuke Modules – Creating Base Modules Now that we have DotNetNuke installed into Visual Studio we can go ahead and create our first modules. Actually, creating the modules is pretty simple. But it is even easier to do it wrong, which...
  • Authentication – Assigning Permissions to RolesAuthentication – Assigning Permissions to Roles Now that we’ve assigned roles to our users, we need to assign permissions to the roles. The easiest way to do this is through the web.config file, which will allow us to control which pages the...
  • Forms Authentication – Manual AuthenticationForms Authentication – Manual Authentication I’ve had several occasions in the past where I’ve needed to do my own authentication or I’ve needed to add some additional methods to the authentication process. As easy as Microsoft has made t...
  • ASP.NET Assigning a Role to a UserASP.NET Assigning a Role to a User Another function that is not supplied by one of the existing controls in ASP.NET is the ability to assign a user to a role.  For this, we will need to resort to using the APIs. Since we ca...
  • Pingback: Dew Drop – November 10, 2009 | Alvin Ashcraft's Morning Dew

  • http://www.bubriski.com John Bubriski

    Wouldn’t it be easier to override the membership provider base class? Override each method with your custom handling for usernames, and you will never have to worry about it again. If you do it this way, you will have to modify the code in every single place you use the username.

    • Dave

      It is at least worth considering.