Hi,
I am trying to make single sign on for mysite.domain.com and mynopsite.domain.com.
I added following lines in each sites. Authantication Cookies created from mysite.domain.com
but nopcommersite didnt use this cookie and didnt authenticated.
How can I fix this? Regards
<authentication mode="Forms">
<forms name="NOPCOMMERCE.AUTH" loginUrl="~/login" protection="All" timeout="43200" path="/" requireSSL="false" slidingExpiration="true" ticketCompatibilityMode="Framework40" />
</authentication>
<machineKey validationKey="xx" decryptionKey="xx" validation="SHA1" decryption="AES" />
Single Sign On
- 1
- 2
- 89
- 535
- 7/10/2009
- United States
Have you come up with a solution yet? In that web.config line have you tried putting the domain=".yourdomain.com"?
There are also some guest nopcustomer cookie being created and destroys other cookies...I'm also going down this path and getting frustrated.
Also, there was another question about external authentication: https://www.nopcommerce.com/boards/t/43154/external-authentication.aspx not directly related but hoping someone else has come across a solution.
There are also some guest nopcustomer cookie being created and destroys other cookies...I'm also going down this path and getting frustrated.
Also, there was another question about external authentication: https://www.nopcommerce.com/boards/t/43154/external-authentication.aspx not directly related but hoping someone else has come across a solution.
Certified Developer
- 87
- 843
- 2/16/2016
- Czech Republic
I delivered similar solution recently. We built an external authentication provider which popped up a form on the main website. User provided credentials there ad authenticated cookie was stored. Then the user were redirected to nopCommerce with session token. The token is used to request user's claims, e.g. email, name, etc., from the main site.
I'd suggest to read http://predicatet.blogspot.cz/2014/01/nopcommerce-how-to-code-my-own.html as a starting point.
You can also take a look to IdentityServer4 (https://github.com/IdentityServer/IdentityServer4) if nopCommerce is not the only one application to support Single Sign-On. Or may be even Azure Active Directory if you are running in the Cloud.
I'd suggest to read http://predicatet.blogspot.cz/2014/01/nopcommerce-how-to-code-my-own.html as a starting point.
You can also take a look to IdentityServer4 (https://github.com/IdentityServer/IdentityServer4) if nopCommerce is not the only one application to support Single Sign-On. Or may be even Azure Active Directory if you are running in the Cloud.
- 89
- 535
- 7/10/2009
- United States
ilich_x86 wrote:
Could you tell us a bit more about this part? I'm really having trouble following the cookies.
...authenticated cookie was stored. Then the user were redirected to nopCommerce with session token. The token is used to request user's claims, e.g. email, name, etc., from the main site.
Could you tell us a bit more about this part? I'm really having trouble following the cookies.
Certified Developer
- 87
- 843
- 2/16/2016
- Czech Republic
Well, you should not deal with cookies.
I think you need to implement something similar to OAuth2 protocol. In nopCommerce external authentication plugin you redirect user to https://site.com/login?callback=https://nop.site.com/auth. If everything good, your authentication server sends the client back to https://nop.site.com/auth?token=ABC. In OAuth2 you will use the token to access protected resources, but you do not need it. You can pass user information in the token to simplify develop.
Make sure that your token:
1. Encrypted and signed with site.com secret key. I'd suggest to use symmetric cryptography here for simplification.
2. Token has a timestamp, e.g. 5 minutes time to live.
Make sure that your communication are over HTTPS protocol.
I'd suggest you to read https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2 and https://blog.varonis.com/introduction-to-oauth/ articles. I think they are quite useful.
You can use Facebook external authentication plugin as an example how to build this
I think you need to implement something similar to OAuth2 protocol. In nopCommerce external authentication plugin you redirect user to https://site.com/login?callback=https://nop.site.com/auth. If everything good, your authentication server sends the client back to https://nop.site.com/auth?token=ABC. In OAuth2 you will use the token to access protected resources, but you do not need it. You can pass user information in the token to simplify develop.
Make sure that your token:
1. Encrypted and signed with site.com secret key. I'd suggest to use symmetric cryptography here for simplification.
2. Token has a timestamp, e.g. 5 minutes time to live.
Make sure that your communication are over HTTPS protocol.
I'd suggest you to read https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2 and https://blog.varonis.com/introduction-to-oauth/ articles. I think they are quite useful.
You can use Facebook external authentication plugin as an example how to build this
- 13
- 65
- 3/20/2017
- United States
ilich_x86 wrote:
Hello, thank you for helping in advance, i want to do something similar, i just have to integrate SSO (Indentity Server) already implemented across organization just want to authenticate user on shop through sso and than share session, do i have to create customer record in nopcommerce database for syncing between how should i start can you please help?
I delivered similar solution recently. We built an external authentication provider which popped up a form on the main website. User provided credentials there ad authenticated cookie was stored. Then the user were redirected to nopCommerce with session token. The token is used to request user's claims, e.g. email, name, etc., from the main site.
I'd suggest to read http://predicatet.blogspot.cz/2014/01/nopcommerce-how-to-code-my-own.html as a starting point.
You can also take a look to IdentityServer4 (https://github.com/IdentityServer/IdentityServer4) if nopCommerce is not the only one application to support Single Sign-On. Or may be even Azure Active Directory if you are running in the Cloud.
I'd suggest to read http://predicatet.blogspot.cz/2014/01/nopcommerce-how-to-code-my-own.html as a starting point.
You can also take a look to IdentityServer4 (https://github.com/IdentityServer/IdentityServer4) if nopCommerce is not the only one application to support Single Sign-On. Or may be even Azure Active Directory if you are running in the Cloud.
Hello, thank you for helping in advance, i want to do something similar, i just have to integrate SSO (Indentity Server) already implemented across organization just want to authenticate user on shop through sso and than share session, do i have to create customer record in nopcommerce database for syncing between how should i start can you please help?
Certified Developer
- 87
- 843
- 2/16/2016
- Czech Republic
You should be an external authentication plugin. You may take a look to https://github.com/nopSolutions/nopCommerce/tree/develop/src/Plugins/Nop.Plugin.ExternalAuth.Facebook
- 1
- 2