Single SigOn with NopCommerce?

Hello, i want to to use NopCommerce in an second web application, which calls the admin content in an IFrame.
In the external web application there is a page Shopredirect.aspx, which calls a customized Login Page of the Nop admin content, to send the credentials for the login.  At the NopCommerce side i get this values (Email, Password) and call the

 if (Membership.ValidateUser(username, password))
Response.Redirect("SecurePage.aspx");

So the validation completes, but i come always to the Login.aspx page because there is no NopContext set for the user(Admin). What must i do to get access from the external application, for NopCommerce to navigate through the admin content?

When i debug the BaseNopAdministrationPage.cs in the following function the User Context is not set and it is null:

 protected virtual bool ValidateAdministratorSecurity()
        {
            if (NopContext.Current == null ||
                NopContext.Current.User == null ||
                NopContext.Current.User.IsGuest)
                return false;

            return NopContext.Current.User.IsAdmin;
        }

When is the current.user context set?

Hi, i just created a MyLogin.aspx Page which gets the Credentials for NopCommerce Login:

 protected void Page_Load(object sender, EventArgs e)
        {
            if (Request.Headers["pwd"] != null && Request.Headers["user"] != null)
            {
                string username = Request.Headers["user"];
                string password = Request.Headers["pwd"];
                
                if (Membership.ValidateUser(username, password))
                {
                    FormsAuthentication.RedirectFromLoginPage(username, true);
                    //Response.Redirect("http://localhost/nop/Administration/Orders.aspx");
                }
                else
                {
                    Response.Write("Invalid UserID and Password");
                }
            }
        }

So when i call from my webapplication the requested URL MyLogin.aspx, whith the credentials, i get logged in !!!
The FormsAuthentication.RedirectFromLoginPage()  function redirects me to the default page.

But when i want to navigate through the web (logged in) then gets redirected to the Login.aspx Page :-(
Is there a cookies problem between the two web applications??

Please see http://forums.asp.net/p/1023838/1390821.aspx or google ASP.NET Single Sign On.

There are a few things you need to do to ensure the authentication cookie is shared by your applications.

Hello, i have a question, when i logged in over my website to NopCommerce, there is created in Temporary Internet Files a Cookie (.ASPXANONYMOUS), but without  "NOPCOMMERCE.AUTH" from the web.config.
But when i logged in manually over the login.aspx page, then it creates a cookie with the specifiic name.

Whats the different??

Can i create a cookie with the function from the CommonHelper class?

CommonHelper.SetCookie()

primts wrote:

You should set both authentication cookies to the same name. You do this in web.config setting the name property for forms authentication see - http://msdn.microsoft.com/en-us/library/1d3t3c61.aspx.

I'm pretty much doing the same thing, but I'm getting an "Object reference not set to an instance of an object" on "CustomerManager.UsernamesEnabled"  

Any ideas?

   at NopSolutions.NopCommerce.DataAccess.DBProviderManager`1.Initialize() in C:\Users\Justin\Desktop\nopcommerce\Libraries\Nop.DataAccess\DBProviderManager.cs:line 54
   at NopSolutions.NopCommerce.DataAccess.DBProviderManager`1.get_Provider() in C:\Users\Justin\Desktop\nopcommerce\Libraries\Nop.DataAccess\DBProviderManager.cs:line 145
   at NopSolutions.NopCommerce.BusinessLogic.Configuration.Settings.SettingManager.GetAllSettings() in C:\Users\Justin\Desktop\nopcommerce\Libraries\Nop.BusinessLogic\Configuration\Settings\SettingManager.cs:line 111
   at NopSolutions.NopCommerce.BusinessLogic.Configuration.Settings.SettingManager.GetSettingByName(String Name) in C:\Users\Justin\Desktop\nopcommerce\Libraries\Nop.BusinessLogic\Configuration\Settings\SettingManager.cs:line 338
   at NopSolutions.NopCommerce.BusinessLogic.Configuration.Settings.SettingManager.GetSettingValue(String Name) in C:\Users\Justin\Desktop\nopcommerce\Libraries\Nop.BusinessLogic\Configuration\Settings\SettingManager.cs:line 306
   at NopSolutions.NopCommerce.BusinessLogic.Configuration.Settings.SettingManager.GetSettingValueBoolean(String Name, Boolean DefaultValue) in C:\Users\Justin\Desktop\nopcommerce\Libraries\Nop.BusinessLogic\Configuration\Settings\SettingManager.cs:line 239
   at NopSolutions.NopCommerce.BusinessLogic.Configuration.Settings.SettingManager.GetSettingValueBoolean(String Name) in C:\Users\Justin\Desktop\nopcommerce\Libraries\Nop.BusinessLogic\Configuration\Settings\SettingManager.cs:line 228
   at NopSolutions.NopCommerce.BusinessLogic.CustomerManagement.CustomerManager.get_UsernamesEnabled() in C:\Users\Justin\Desktop\nopcommerce\Libraries\Nop.BusinessLogic\Customer\CustomerManager.cs:line 2066
   at NopSolutions.NopCommerce.BusinessLogic.Profile.StoreMembershipProvider.ValidateUser(String username, String password) in C:\Users\Justin\Desktop\nopcommerce\Libraries\Nop.BusinessLogic\Profile\StoreMembershipProvider.cs:line 387
   at System.Web.UI.WebControls.Login.AuthenticateUsingMembershipProvider(AuthenticateEventArgs e)
   at System.Web.UI.WebControls.Login.OnAuthenticate(AuthenticateEventArgs e)
   at System.Web.UI.WebControls.Login.AttemptLogin()
   at System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e)
   at System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args)
   at System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e)
   at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
   at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

*bump*

Anyone know what the possible issue could be?  This happens when I sign on with another web application.  I added a reference to Nop.BusinessLogic and referenced that in the membership section of the web.config.  When I login I get that error.

Any insight would be appreciated.

EDIT...

I believe I got it working, at least on the dev side.  I was missing the <configSections> and so on in my web.config in my webapp config.  Seems to be working now.

can you please share the steps you have taken to achieve this ?

i am trynng to do the same thing (i think). i need to have multiple sites authenticate against one db (or a main site).

i need this to
1 -have users logged in one site to be automatically logged in to the others as well.
2 - share the users db across all sites.

i have run into some other issues like  - i had to remove some tables rlationships but that messed up some data retrieval , cart persistence ...

ay suggestions would be apreciated.

tia.

I had to take the settings from the web.config.  

<configSections>
    <section name="NopConfig" type="NopSolutions.NopCommerce.BusinessLogic.Configuration.NopConfig, Nop.BusinessLogic" requirePermission="false"/>
    <sectionGroup name="nopDataProviders">
</configSections>

Then add the actual sections below...

Then I had to add references to Nop.BusinessLogic, Nop.DataAccess, Nop.SqlDataAccess

Then setup your membership

<authentication mode="Forms">
      <forms
        name="YOUR.AUTH"
        domain=".website.com"
        loginUrl="~/Login.aspx"
        protection="All"
        timeout="43200"
        path="/"
        requireSSL="false"
        slidingExpiration="true"
        defaultUrl="~/default.aspx"
        enableCrossAppRedirects="true"/>
    </authentication>

    <membership defaultProvider="NopMembershipSqlProvider" userIsOnlineTimeWindow="15">
      <providers>
        <add name="NopMembershipSqlProvider" type="NopSolutions.NopCommerce.BusinessLogic.Profile.StoreMembershipProvider, Nop.BusinessLogic" connectionStringName="YourConnection" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="NopCommerce" requiresUniqueEmail="true" enablePasswordRetrieval="true"/>
      </providers>
    </membership>
    <roleManager enabled="true" cacheRolesInCookie="false" defaultProvider="NopRoleManagerSqlProvider" cookieName=".NopCommerceRoles" cookiePath="/" cookieTimeout="30" cookieRequireSSL="false" cookieSlidingExpiration="true" createPersistentCookie="false" cookieProtection="All">
      <providers>
        <add name="NopRoleManagerSqlProvider" type="NopSolutions.NopCommerce.BusinessLogic.Profile.StoreRoleProvider, Nop.BusinessLogic" connectionStringName="YourConnection" applicationName="NopCommerce"/>
      </providers>
    </roleManager>

Pure authentication seems simple enough but what if you need to pass currentcustomer (customerID) to another application.

Scenario 1: Have a separate application called "admin" which does a bunch of stuff not related to nopcommerce but I would like to use the customer Login feature from NOP as a SSO feature. How do I get the customerID into my "Admin" application?