I am new to DotNetNuke, but I'm an experienced web admin and programmer.
I have an ASP .NET website / web application that I want to integrate into DNN 5 so I can easily add / modify content, etc. My existing site uses it's own login system to display user information. I have successfully placed (using iframes) all of my existing pages inside DNN pages.
The problem I am having is that I need to conditionally hide certain pages in the menu until a user is logged into my application. To be clear, my users are logging in using my existing authentication system, and will not actually login to DNN, so I can't simply grant permissions to those pages.
My question is this: is there some way (perhaps by modifying the DNN code) to conditionally hide menu items until certain requirements are met, such as authentication through my login system?
You can write your own DNN Authentication module that leverages your current system and code.
Our shop uses DNN, but hands off authentication to our university's centralized authentication system. I didn't write it, but I don't get the impression that it was too hard. Now when we create a portal, we install and enable our authentication module and then turn off DNN Authentication. Works like a charm.
We used DNN Garden menu for this (we do some thing sort of like that) the menu has a Node manipulator interface you can code against
http://www.dnngarden.com/
http://www.dnngarden.com/Menu-structure-manipulation.T104.aspx
we have had great success with this -
The other option which we have done as well is to write your own menu provider - not really that hard
Related
We are adding modern authentication (OAuth/OIDC) to an application that currently uses Windows integrated authentation for single sign on. The user signs into Windows workstation and those credentials can be used by many applications with authentication happening transparently over Kerberos.
Our app is a dot net web services based application and we have a client for users with browsers and a desktop client in WinForms. The browser scenario is no issue as the identity provider stores information in the browser that can be reused across applications in a similar way to WIA (IWA), but we are unsure the best way to handle the WinForms desktop application case. Currently the WinForms application opens a browser window to authenticate using the typical browser based method. The details from the identity provider are passed through the browser back to the WinForms app using a redirect and a custom protocol based URL.
This all works fine, but the user experience is not super tight and, for the case where the user is already logged in, requires them to press a button in the browser window as current Chromium based browsers seem unwilling to do a redirect without a recent user interaction.
Is there a better way?
The standard options according to RFC8252 are as you describe:
Log in via the system browser
Use either a loopback or private scheme based URL
I have a few blog posts about this and it is a tricky flow. The posts link to code examples you can run that explore the UX a little. You may find that a loopback URL avoids the need for a button click, though personally I think private scheme based URLs are cleaner.
There are UX things you can do, such as an interstitial web page to better control what happens in the disconnected browser. I have seen companies redirect to their own website after desktop logins, to make the UX better.
In the longer term I expect this to be replaced with API Driven OAuth Flows so that you never need to leave the app. For now you may have to live with some UX linitations, but it is the right flow from a security viewpoint.
I am currently in the research process of building my first application in angular2 and I have a question on how to restrict the client side javascript/content that a user will see based on the permissions they have in the application.
My application will have numerous permissions that will restrict users from seeing certain pages, along with the ability to do certain actions on a page. For a simplistic perspective, think of a configuration area for the tool/application that only someone with admin permission would be able to access. A non-privileged user would only see the main menu items and not the "Site Settings" which leads to the admin area and therefore hopefully none of the templates/components that encompass said area.
I came across this link (http://blog.mgechev.com/2015/12/30/angular2-router-dynamic-route-config-definition-creation/) and think this might be what I need, but was hoping for other people's thoughts who are more familiar with angular and other SPA type client-side javascript frameworks.
How do you setup an angular2 application so that only applicable templates and components are downloaded to the client based on the user's permissions? Does all of this get thrown out the window once you use a process that combines all the angular files to limit the number of js files the client browser needs to load? I realize the importance of securing the middle tier API, but don't see the point of having clients download a bunch of data/templates that they will never be able to access. Initial loads should be as fast as possible.
There is the UserController class that lets us access and save user data.
I think UserController was meant to be used from within the context of a DNN website application, since it somehow already knows the connection string and other DNN settings.
So I take it that DNN Controller classes can't be used outside the context of a DNN website application, thus I can't add/revoke roles, reset password, and other administrative actions from a desktop application, correct?
If it's possible, please let me know. Thank you.
That's not possible out of the box but some reference can be available here which does somewhat similar things: http://iweb.codeplex.com/
Most of what you are asking for are pretty simple DB operation. You could use Entity Framework to map tables into classes in your .Net App and then issue Update commands. However, these will be executed outside of DNN and may not impact a currently logged on user unless you clear the cache of DNN or restart app.
You could write custom WebAPI methods to do so as Hammond suggested above. You need to ensure that these methods are secure though and only Admin / Host can execute them.
Is it possible to disable a DNN portal, or an entire DNN installation to everyone except administrator / host users?
I need to update a DNN website and apply new themes to differant sections of the website, however this will take some time on the live website.
I'd like to achieve similar to this "Wordpress Maintenance Mode" module plugin.
I'm aware of using the APP_OFFLINE.html file to disable the entire website, however we need a couple of admins to go in and make changes whilst keeping everyone else off the website.
There isn't a maintenance mode in DNN. What I would do is the following.
Setup a new website in IIS, beta.mywebsite.com. Have that website point to your Existing DNN folder.
Point your current website to a new folder with the App_Offline.htm file/message in place. Then have your admins go to the beta.mywebsite.com URL instead of going to the www version of the URL.
That would probably be the most straightforward way to do this for DNN without writing a custom maintenance mode module for DNN.
I started working on an existing website that uses DNN. I am having difficulty understanding and accessing DNN in their staging/test environment. In IIS there are a few different websites. How can I figure out how to get to the main Admin DNN screen by looking at the information in IIS and exploring to files. Once there I need to apply new licenses for DNN.
Thanks in advance for any assistance.
In IIS, right click on the website and choose the Manage Bindings option, that will show you the various Host Names (URLS) that are configured.
Try those URLs, and then put ?CTL=login on the end of the URL to get DNN to load the login control. From there you can login with a HOST or ADMIN account, HOST/SuperUser account would be best, as you can then go to the Host/Portals (Site Management?) page and see how many different "sites" are configured within the DNN installation.