Home » Support » Telligent Evolution Platform » Telligent Evolution Platform and Applications Documentation » Forms authentication

Forms authentication

Open Support Ticket

Call Support:
Direct: (214) 420-1337
Toll Free: (877) 522-6334

Monday through Friday
8 a.m. to 6 p.m. Central (GMT-6)

Documentation
Options
Page Details

Forms authentication

Telligent Evolution Platform and Applications Documentation

We recommend using forms authentication if you are configuring Telligent Evolution in an environment where members of the community are already authenticating against an existing application that uses Microsoft ASP.NET. Your members can then access your Telligent Evolution community without explicitly creating a registered account and logging in.

If your current system uses email addresses as usernames, using forms SSO will make users' email addresses publicly accessible in the Telligent Evolution platform. If this is the case, you should instead use cookie authentication, configuring the usernames to be the user IDs from your current system. Telligent strongly recommends that you consider carefully before using sensitive information (email addresses, phone numbers, social security numbers, etc.) in username fields.

To familiarize yourself with forms authentication, you can read about it in the Microsoft MSDN library.

Telligent Evolution supports only cookie-based forms authentication, not cookieless authentication.

To enable forms authentication so that users are automatically logged in when accessing your community and so that all registration, login and logout requests are redirected to your other application:

Install the forms authentication extension

  1. Configure how Telligent Evolution should manage users who previously authenticated. While there are options, the default values should be sufficient for most uses.

    By default in forms authentication, users will automatically be registered (through a single sign-on). To change this, open communityserver.config in the \Web directory.
  2. Locate the <extensionModules> section and find the FormsAuthentication entry. The configuration settings with default values are already entered, as shown below.

  3. Set <extensionModules enabled="false"> to "true".

  4. Open the web.config file found in the \Web directory of the Telligent Evolution installation.
  5. Verify the <authentication> section reads as follows, setting mode="forms" for forms authentication.

  6. To enable Telligent Evolution to automatically register users, it is necessary for Telligent Evolution to access the users' email addresses. To do this, you must configure your existing application to write a user's email address to a cookie when he/she is authenticated.

    The name of the cookie should be the same as the "userEmailAddressCookie" option from step 3. The email address can also be encrypted for tighter security.
  7. To direct login, logout, and registration requests to the appropriate pages in the parent application, open \Web\SiteUrls.config. In the <urls> section, add the navigateUrl attribute for each of the URLs that need to be redirected to your parent application. The most important keys include:

    • login
    • login_clean
    • logout
    • user_Register
    • user_Register-clean
    After you're done changing the attributes, they should resemble this: 
    <url name="user_Register_clean" location="user" path="CreateUser.aspx" navigateUrl="http://yourapp/YourUserRegistrationPage.aspx" />
  8. If your authentication application exists in a different IIS application from Telligent Evolution (for example, if your login page is at www.yourdomain.com/login.aspx, and Telligent Evolution is at www.yourdomain.com/TE), you'll need to perform additional steps to allow Telligent Evolution to read the authentication ticket generated by your existing application. 
    1. Manually generate validation and decryption keys. (See Microsoft KB article #312906, "How to create keys by using Visual C# .NET for use in forms authentication.")
    2. Ensure that the machineKey elements exist in the web.config files for both your existing application and Telligent Evolution, and ensure that they are identical. They should resemble this: 
      <system.web>
           <machineKey validationKey="Your_Generated_Validation_Key_Goes_Here" decryptionKey="Your_Generated_Decryption_Key_Goes_Here"
      validation="SHA1" />
           <!-- Other system.web elements -->
      </system.web>
    3. Make sure that all of the attributes of the <forms> element in the authentication section of the web.config files for both applications are identical.
    4. You  might have to restart IIS for your changes to take effect. (But this is not necessarily the case.)

Forms authentication extension configuration options

All configurable options can be set in the communityserver.config file found in the \Web directory of your installation.

  • allowAutoUserRegistration - Controls whether the forums will support auto-registration of users in the system. Default: true.
  • userProfileCookie - Identifies the name of the cookie that should contain the user's profile settings. This cookie is a key/value pair with the key matching any property on the User object within Telligent Evolution or the Profile object within ASP.NET Membership system. The primary key that is required for operation is the "Email" entry, which must contain the user's email address. This email address must be unique. Default: CSUserProfile
  • useEncryptedCookie - This option controls whether or not the cookie storing the user's profile attributes is encrypted. It is necessary to know whether it is encrypted or not when reading it register a user. For an example of how encrypted cookies work, see the formsauthtest.aspx file. Default: false.
Comments
  • Andrew Fry
    Wed, May 12 2010 7:31 AM

    use communityserver_override.config with this setting:

    <Override xpath="/CommunityServer/Core/extensionModules" mode="change" name="enabled" value="true" />