I'm running in an intranet, with IIS set up for integrated authentication, so I'm using the auth_user server variable for the login and domain information. We've got a db that contains basically a dump of our Active Directory data, so we're pulling the user information from that instead of directly pulling from AD. As a result of that, I've got a class that I use for the database checks, and I've set up our external authentication as a separate project. I've got it working for doing the match ups & I think I'm building the cookie correctly, but when I do the returnURL, ontime displays the login screen again.

Does the external authentication page need to be in the ontime portal directory for it to work correctly? I've got my own settings for web.config, and I don't want to worry about stomping on ontime's code.

I used both the example in the admin guide as well as the active directory example posted a few weeks ago, and the return url isn't set to anything in the book example, but it's set to default.aspx for the 2nd one. I'm thinking that with the authentication code being a separate project, I need to set it to the ontimeportal directory, default.aspx. Does that sound right?

If I've already built the cookie before it goes to the default page - as in pulling up the external authentication project in the browser first, then the login page shouldn't come up, right?  Does this part only work if I embed the portal in another page as an Iframe?

Brenda

Hi Brenda,

The external auth page doesn't need to be in the same directory as Customer Portal, but it would have to be on the same domain, so it can set a cookie that the Portal would be able to see. 

The Return URL will default to the base url for portal, so unless you want to direct a user somewhere specific (which you shouldn't need to do), you shouldn't need to set it....

The way it's supposed to work, is you browse to the portal home page, and the login control is there. When you click "login", it posts the user-supplied credentials to the url you specify (myserver/myauthpage.aspx), and that page is supposed to redirect you back to the ReturnURL supplied in the querystring...is that similar to your setup?

Thanks!

Jonas 

Jonas,

I need to do it as a passthru, as we have client authentication cards with pins, and our passwords are scrambled, so the users don't have an account or password to enter. Based on us using integrated windows authentication, and the client certificate having to be validated by iis before they get to the login page, I'm pretty sure the user is who they are supposed to be. I need to be able to take the auth_user variable, look it up in the database, create the cookie, and then go back to ontime's portal. I thought I'd gotten it all set up, but every time I get sent back to the login page. I've run tests in the app that's doing the validation, and it is pulling the right data from the database, etc.

If I leave the ReturnUrl empty, I get a runtime error, so I wasn't sure if there was pathing getting in the way. The authenication project is on the same server, in the same parent website as the portal is, and all the users and the servers are in the same AD tree.

Is there a way to test what the cookie is set to?

I've opened up a support ticket on this, and I'll post the code I've written for the project there, if you want.

Brenda