locked
different login pages for the same application RRS feed

  • Question

  • User254753143 posted

    ASP .Net Web Forms App

    Hello bit of a novice, reverse engineering a solution for my work.
    We have an existing web app that serves multiple clients.
    Web.config has a redirect to SignIn.apx where users sign in and our authenticated via membershipprovider.validateuser.

    There is a new client that is onboarding with us and they want us to create a SP Initated SSO page for them to authenticate their users against their IDP via SAML.

    I've built a test IDP and a test SP and have authentication working.

    Now I'm ready to create the new SSO page in my existing service provider project / application.
    The problem is, I can't hit this page.  when i lauch serviceprovider.com/SSOSignIn.aspx it redirects me to the broader serviceprovider.com/SignIn.aspx because of the web.config:

    <authentication mode="Forms">

          <forms loginUrl="Authentication/SignIn.aspx" timeout="121" slidingExpiration="true" cookieless="UseCookies" />

        </authentication>

    What would be the easiest solution?  I don't want to modify SignIn.aspx cosmetically, where the user has to click if there part of this org and redirect from there.

    Can I modify the main SignIn.aspx and include some sort of query string logic to X url?

    I was thinking of creating a subdomain.serviceprovider.com that re-directs to serviceprovider.com/?param=client1
    then in my SignIn.aspx implement some logic to say if querystring=client1 redirect to here.  Though I don't know that will work or if that's a terrible solution for an easier resolution.

    Any advice is greatly appreciated,

    Thx,
    Boyd

    Tuesday, June 26, 2018 4:20 PM

All replies

  • User283571144 posted

    Hi boyd98,

     

    What would be the easiest solution?  I don't want to modify SignIn.aspx cosmetically, where the user has to click if there part of this org and redirect from there.

    Can I modify the main SignIn.aspx and include some sort of query string logic to X url?

    I was thinking of creating a subdomain.serviceprovider.com that re-directs to serviceprovider.com/?param=client1
    then in my SignIn.aspx implement some logic to say if querystring=client1 redirect to here.  Though I don't know that will work or if that's a terrible solution for an easier resolution.

    In my opinion, the most easily way to achieve your requirement is create a new page to let the user choose which way he wants to login in.

    Notice: You should replace the forms loginUrl to the new login page.

    In the new login page, you could write the two link to let user choose which way he wants to login.

    One link is redirect to the SSO, another link redirect to the old login page.

    Notice: If you want to use the new provider to login user, you should make sure it will generate the right token and store the token in the client cookie for the application.

    Best Regards,

    Brando

    Wednesday, June 27, 2018 3:03 AM