ASP.NET Authentication – Multiple Domains w/ Same Application
November 9th, 2009 | 
Author: 
In our series about ASP.NET authentication so far we’ve covered all the rather normal cases where you’d want to have the ability to log into different domains attached to the same application. There are a few additional hurdles you’ll need to overcome to make this work correctly.
The first is, how do I let each domain have its own unique set of logins?
You see, while you can use the same database for multiple domains spread across different applications, the usernames are application specific so that if you log in with domain1.com and domain2.com both pointing to the same domain, either will work. Normally, this is what we want to have happen.
But if those two domains really represent two different web sites and we are just using the same core code, things get a little trickier.
The easiest way to deal with this problem is to make the usernames unique prior to registering and prior to authenticating. This will mean you’ll need to trap some events.
To create a new user and make the username unique, trap the CreatingUser event on the new user wizard.
At this point, there are a couple choices. You can just change the username. I suggest pre-pending the username with the domain. Or you can call the registration APIs directly.
To change the username use this code.
m_createUserWizard.UserName =
"domain.com_" + m_createUserWizard.UserName;
If you want to just call the APIs, you’ll want to call CreateUser();
MembershipCreateStatus status;
Membership.CreateUser(m_createUserWizard.UserName,
m_createUserWizard.Password,
m_createUserWizard.Email,
m_createUserWizard.Question,
m_createUserWizard.Answer,
true,out status);
e.Cancel = true;
if (status == MembershipCreateStatus.Success)
e.Cancel = true;
else
{
// display errors.
}
To login you’ll need to trap the LoggingIn event and the LoginError event.
In the LoggingIn event, change the username
m_login.UserName = "domain.com_" + m_login.UserName;
In the LoginError, you’ll want to change it back so that it displays correctly if there is an error.
m_login.UserName = m_login.UserName
.Replace("domain.com_", string.Empty);
or something equally as effective.
Related Post
Determine The Role of a User in ASP.NET
There are several controls that allow you to display content based on the role a user is in, including: - LoginView - LoginStatus And the web.config file allows us to control which pages can ...
DotNetNuke Modules – Creating Base Modules
Now that we have DotNetNuke installed into Visual Studio we can go ahead and create our first modules. Actually, creating the modules is pretty simple. But it is even easier to do it wrong, which...
Authentication – Assigning Permissions to Roles
Now that we’ve assigned roles to our users, we need to assign permissions to the roles. The easiest way to do this is through the web.config file, which will allow us to control which pages the...
Forms Authentication – Manual Authentication
I’ve had several occasions in the past where I’ve needed to do my own authentication or I’ve needed to add some additional methods to the authentication process. As easy as Microsoft has made t...
ASP.NET Assigning a Role to a User
Another function that is not supplied by one of the existing controls in ASP.NET is the ability to assign a user to a role. For this, we will need to resort to using the APIs. Since we ca...
Posted in none | 
Tags: applications, asp.net, authentication, CreateUser, csharp, domains, Membership, Portals
One Pingback/Trackback
- 10 November 2009 at 7:11am
- Dew Drop – November 10, 2009 | Alvin Ashcraft's Morning Dew
[...] ASP.NET Authentication – Multiple Domains w/ Same Application (Dave M. Bush) ...
Pingback: Dew Drop – November 10, 2009 | Alvin Ashcraft's Morning Dew