I'm working with an ASP.NET application. My page display content (images) from SharePoint Online.
Certainly if I want to display something from SharePoint, I must be authenticated first. So I wrote a script to check if user is logged in or not. If not, a window will open and navigate to SharePoint sign in page.
The question is how to close this sign in window after user do the authentication? I've tried the solution here Close window, after redirect but it only works with local site, with login page from different domain (SharePoint Online), it return "Access is denied" error due to Cross Frame scripting prevention.
So any other solution?
I think , When a user clicks Ok and authentication code runs and authenticate the user, you could run a code or javascriupt to close the window.
Correct me if i miss something
I've found the solution. Create an .aspx page on SharePoint, place JavaScript to close the window (window.close) in it.
Then from web application, if user not logged in SharePoint Online, open new window and navigate to the .aspx page above.
SharePoint then redirect you to Microsoft Online sign in address first. After authentication, it bring you back to where you come, the .aspx page, then the JavaScript execute and close the window.
Related
Background:
I have an installation of dynamics crm 2011 (IFD), and I have an ASP.net website in which I want to retrieve the logged-in user's details.
I followed the walkthrough to create a website which is configured as a relying party, and it seems to be working ok; I log on to crm, then browse to my website, and the user's credentials are available there as necessary.
The issue:
In some cases I want to open one of my web pages as a modal dialog from within the CRM website (meaning- a user logs on to the CRM website, presses a button, and a modal dialog displaying one of my pages appears).
In that case, my web page doesn't display anything at all- the address bar indicates that it's loading the sts server's signon page, but nothing actually happens and the window is frozen.
looking at the ADFS trace I can see 2 warning log entries, as follows:
Ignoring Invalid entry 'signoutCleanup;https%3a%2f%2fMyCrm.dev.com%3a4444%2f&walkthrough&https%3a%2f%2fMyCrm.dev.com%3a4444%2fdefault.aspx&https%3a%2f%2fMyCrm.dev.com%3a4444%2fdefault.aspx' in signout cookie.
Ignoring Invalid entry 'signoutCleanup;https%3a%2f%2fMyCrm.dev.com%3a444%2f&CRM+IFD+Relying+Party&https%3a%2f%2fauth.dev.com%3a444%2f&https%3a%2f%2fauth.dev.com%3a444%2f' in signout cookie.
Now the strange thing is that if I browse via a non-modal window to one of my webpages, and then open that same modal dialog again- it works fine.
Looking at the ADFS logs for browsing the non-modal dialog I can see one warning- the latter from before:
Ignoring Invalid entry 'signoutCleanup;https%3a%2f%2fMyCrm.dev.com%3a444%2f&CRM+IFD+Relying+Party&https%3a%2f%2fauth.dev.com%3a444%2f&https%3a%2f%2fauth.dev.com%3a444%2f' in signout cookie.
after that, any browsing (be it modal or non modal) to my web page works fine, without warnings on ADFS.
Can anyone shed any light on this behaviour?
I have login/logout links in the main layout of my application, in the manner described by David Leedy in this video: http://notesin9.com/index.php/2012/03/09/notesin9-049-xpages-login-and-logout/
Everything works fine, except for the logout link. The code for the link is:
facesContext.getExternalContext().getRequest().getContextPath() + "?Logout&redirectTo=" + facesContext.getExternalContext().getRequest().getContextPath()
When it is clicked, then I get logged out and returned to the homepage, which is fine. But then if I refresh, or click onto another page, I am immediately logged back in without a password prompt. Is this because there is a session saved on the server which is not being cleared? How can I change this so that after logging out, someone would have to go through the full login process again before being logged in?
It depends if your server is setup to use basic or session based authentication. There is no logout mechanism for basic authentication, you are logged out when you close the browser.
The above code will only work for session based which is configured on your domino server through domino admin.
here are some instructions:
http://www-12.lotus.com/ldd/doc/domino_notes/7.0/help7_admin.nsf/b3266a3c17f9bb7085256b870069c0a9/1e4058257e426e5e8525706f0065d97a?OpenDocument
I have an unusual scenario in which only one page of our SP 2007 site is throwing this error "You are not authorized to view this page".
Here are some details:
SP 2007 Enterprise
The page in question uses SmartPart to display custom usercontrol.
We have 50+ pages that also use custom user controls in SmartPart, and none of them generate this error.
The page in question has several functions, and it initially loads just fine. First time it loads, user selects a customer from a dropdown, then enters a search query and clicks the search button. That all works, and the page then returns some search results. That works as well. The the user can click on a Modify link for each item. It's clicking on this Modify link that generates the page error. All of these things are done one this one page, it just refreshes accordingly. The Modify link is just a standard asp:commandline field that causes the page to load the line item in editable mode.
Here's the other strange thing. If I login as the SP Administrator account, and go to this page, it all works properly, no errors...and, then all other users can go in and use the page properly, without errors as well. It's as if whatever the security issue is, is being resolved temporarily as a result of the Admin using the page first. But after a code publish, or IISRESET, etc, the page goes back to not working for any general users.
Any ideas on what I should look for in trying to resolve this issue? I can also provide code if anyone thinks that may be relevant.
Thanks!
use SPSecurity.RunWithElevatedPrivileges for running your code with anonymous access user:
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(web.Site.ID))
{
// implementation details omitted
}
});
I am using MOSS with ADS. I want to display Terms of Use page before the user can login into SharePoint with two button i.e. "Accept","Decline". If user select "Accept" he will be directed to sharepoint site, if not to our companies intranet front page. This will be applicable for the current session. ie. If the user has signed off, then it should prompt the terms of use again when user hits the MOSS site but once accepted user should not get this page again until he/she signs off.
Please advise.
Thank you
You can follow one of the Approach below based on your requirement & Flexibility.
If you have AD Configured with the FBA, Make a copy of Login.aspx and save it as MyLogin.aspx & Edit the Login Control and insert your Terms & Conditions there,keep in a check box AND enable the login button only if I agree is checked.
Next is to have a control that is deployed to the Master Page, this control will not have a UI but it will check in the session to see if the user has agreed the Terms and condition if yes it will redirect to the welcome page or the page user has requested else will navigate him to the Terms page until accepts.On Accept flag that information in session.
If you are using SharePoint 2010 you could use the Dialog framework to show a popup & get this done.
You could create a custom page in /_layouts which has your terms and conditions, along with the buttons for accept/decline.
Hitting the accept button will create a cookie for keeping track of whether or not the user has accepted the conditions for the current session.
Then, you could create a HttpModule which intercepts all requests to the SharePoint site. If the cookie is present, do nothing (ie let the user access the requested page), otherwise redirect the browser to the custom accept/decline page.
You should be able to do this fairly easily. If you dont care about them accepting or denying it, then just use this redirect module http://httpcode.s3.amazonaws.com/httpcode.Redirect.wsp to redirect them once to the page. You can tell this module to do it once. If you need to verify that they accept/decline, you will need to add all the people to a new group, and then on accepting, remove them from that group. That way they will always be directed to the new page.
Hope this helps
I'm facing an extrange behavior in my Sharepoint 2077 farm:
We have configured windows integrated authentication with NTLM, and all clients authenticates correctly to the portal.
When they proceeds to "login as" diferent user, it seems to be all fine (appears user name in top of page) , but internally the page user is the old user. I know this because I have a customized web page that reads page user name and print it to the page.
after some refresh or waiting some time, the current user is applied "internally" too.
Do you know is there is any configuration option for avoid this delay?
Many thanks in advance,
any help would be appreciated.
solved there:
http://support.microsoft.com/default.aspx/kb/970814