.NET 3.5 Application/Sitefinity Integration

[joea84]

Hi,

I am trying to integrate Able Commerce 7.x into an existing .NET 3.5 application (Sitefinity 3.7 CMS), which has its own membership and role providers. I merged both applications into one website and I combined the Web.config files. I am having the following technical issues:

1. It appears that an HTTP Handler from AbleCommerce intercepts all login attempts from anywhere in the system.:

Code: Select all

<system.webServer>
		<validation validateIntegratedModeConfiguration="false"/>
		<modules>
			<!--AbleCommerce HTTP Module for security-->
			<!--<add name="AbleCommerceHttpModule" type="CommerceBuilder.Services.AbleCommerceHttpModule, CommerceBuilder.Services" preCondition="managedHandler"/>-->

How can I program this handler to only intercept attempts from the AbleCommerce website and not the Sitefinity one?

When I remove this handler and its associated membership provider in the Web.config, all of my logins for Sitefinity work fine. With this HTTP Handler and Membership Provider, users are authenticated twice; once for Sitefinity and once for AbleCommerce. If the same user name exists in both the AbleCommerce and Sitefinity database, then the user is authenticated. If not, then the user lacks permissions.

As a workaround, I tried creating the same user name in both the AbleCommerce and Sitefinity systems. While this allowed users to log in and out of Sitefinity, users were unable to log into the admin of AbleCommerce. Users were sent to the default Sitefinity login page where no user names or passwords would work.

2. Is there a way to change the default loginURL page, if the user is in the AbleCommerce website only? Here is what I mean:

Code: Select all

<forms name=".ASPNET" loginUrl="~/sitefinity/login.aspx" protection="All" timeout="1440" path="/" slidingExpiration="true"/>

When users lack permissions, they are sent back to my Sitefinity login page.

[mazhar]

How you will decided that this user is not in sitefinity database when some one is trying to login on AbleCommerce.

[joea84]

Hi,

The AbleCommerce logins work fine. Anyone can go to ~/login.aspx and ~/admin/login.aspx and only AbleCommerce user names and passwords will work. Those are separate from the SF database. I have a Sitefinity 3.7 community integration available, where both AbleCommerce and SF 3.7 are in the same project, if anyone wants to see.

[joea84]

Hi,

When I create a user in the AbleCommerce system, no user is created in Sitefinity. Both systems are using different membership providers. The user name and passwords are housed in different database tables.

[mazhar]

Well I am not sure but one thing AbleCommerce makes use of ASP.NET membership providers so this gives you the ability to write your own membership provider in which you can abstract away the underlying data source. It means that with a custom provider you may sum up with something that can help you share logins between these two systems. One other approach could be to update user information in both databases against any action on any one of them or may be from AbleCommerce side at least. You may put some code to update second database at location like registration page that could be triggered against successful signup.