1-888-365-2779
+1-888-365-2779
Try Now
More in this section

Forums / Developing with Sitefinity / Anyone else Localize using Mode DomainName?

Anyone else Localize using Mode DomainName?

7 posts, 0 answered
  1. Phill Hodgkinson
    Phill Hodgkinson avatar
    362 posts
    Registered:
    10 Nov 2004
    25 Feb 2010
    Link to this post
    I'm wondering if anyone else that's using Sitefinity has a multilingual site using persistenceMode="DomainName".

    Support helped me get past the first major issue where if pages were cached the language wouldn't change after setting the culture. Now I have two more serious bugs I need help with and support hasn't been much support (yet, but I can't wait as site is already live).  

    1. When I hit www.domain.com/sitefinity/ normally this would send me to login.aspx page to login. However as soon as persistenceMode="DomainName" it sends the app into an endless loop. it doesn't matter if domain.com is the eng or fr language domain, same issue no matter what. The only work around is to go directly to the login page domain.com/sitefinity/login.aspx. This might be ok except the client has gotten used to not having to enter login and an endless loop is never a good thing so I'd rather have a fix than a work around.

    2. When editing content in admin using either language domain. As soon as I click on the other language to administer that language I get logged out. Naturally this is because the domain name changes and authentication is no longer valid. Naturally this isn't acceptable behaviour (can't believe the this bug wasn't caught before). Support gave me a number of links about Authentication Across domains but they either didn't apply to this situation or were not help. 

    So I'm hoping that I can't possibly be the only Sitefinity user that's using the system with two (or more) languages with domains for each language. If someone out there has run into these issues and found solutions I would greatly appreciate if you could share. I will continue to hound Support but they don't seem to have immediate answers so I'm hoping posting here as well might accelerate.

    Thanks in advance!
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    01 Mar 2010
    Link to this post
    Hello Phill Hodgkinson,

    1. I am not able to reproduce any problem with DomainName PathPrefix property. There are not any endless loops that we do in our code as written in the previous post.

    2. Authentication issue - here is what MSDN says, and this was in  one of the links, to which I pointed you in the previous reply.

    forms Element for authentication (ASP.NET Settings Schema)

    domain

    Optional attribute.

    Specifies an optional domain to set on outgoing forms-authentication cookies. This setting takes precedence over the domain that is used in the httpCookies element.

    This attribute is new in the .NET Framework version 2.0.

    The default is an empty string ("").

    When using cookie-based authentication tickets, this setting specifies the cookie’s domain value. The default value is an empty string, which causes the browser to use the domain from which it was issued (such as www.yourdomain.com). In this case, the cookie will not be sent when making requests to subdomains, such as admin.yourdomain.com. If you want the cookie to be passed to all subdomains you need to customize the domain attribute setting it to “yourdomain.com”.



    Best wishes,
    Ivan Dimitrov
    the Telerik team

    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
  3. Martin Meixger
    Martin Meixger avatar
    7 posts
    Registered:
    27 Sep 2009
    16 Mar 2010
    Link to this post
    Hello Phill,

    to 2:

    i had the same problem, and implemented a custom single sign on.
    Its impossible to share a cookie between two different domains.

    martin
  4. Phill Hodgkinson
    Phill Hodgkinson avatar
    362 posts
    Registered:
    10 Nov 2004
    16 Mar 2010
    Link to this post
    Hi Martin,

    Is there anyway you could share code or approach? I tried so many different samples I started to code myself in a never ending (and non-working) circle. The wall I hit was all samples I found always assumed the single sign on was for two sites/applications (therefor two different authentication cookies) where of course in this situation both domains are on the same web application and both use the same cookie.

    Any help would be greatly appreciated, maybe even some of the hair I pulled out might grow back!!

    Regards,
    Phill
  5. Martin Meixger
    Martin Meixger avatar
    7 posts
    Registered:
    27 Sep 2009
    16 Mar 2010
    Link to this post
    A very simple solution would be auto-login based on IP address.

    You could hack this into \Sitefinity\Login.aspx.cs:
    protected void Page_Load(object sender, EventArgs e)
    {
        TryAutoLogin();
        if (!IsPostBack)
        ....
    }
    void TryAutoLogin(){
        if(IsIpTrusted) { // is the IP in Request["REMOTE_ADDR"] allowed ?
       //we get the cookie for user "admin"
            var cookie = FormsAuthentication.GetAuthCookie("admin", true);
            cookie.Expires = DateTime.Now.AddDays(1);
            Response.Cookies.Add(cookie);

       //the login "happens" here:
            UserManager.Default.SetAuthenticationCookie(cookie); //the login 
      
       //remaining code copied from Login1_LoggedIn()
            string redirectUrl = Request.QueryString["ReturnUrl"];
      
            if (string.IsNullOrEmpty(redirectUrl))
            {
                string loggedInUser = ((TextBox) Login1.FindControl("UserName")).Text;
      
                redirectUrl = PersonalizationManager.DefaultInstance.GetGlobalValue<string>(loggedInUser, GlobalSettingConstants.StartPage);
      
                if (string.IsNullOrEmpty(redirectUrl))
                {
                    redirectUrl = this.Login1.DestinationPageUrl;
                }
            }
            else
            {
                redirectUrl = HttpUtility.UrlDecode(redirectUrl);
            }
      
            this.Page.Response.Redirect(redirectUrl, true);
        }
    }


    martin
  6. Phill Hodgkinson
    Phill Hodgkinson avatar
    362 posts
    Registered:
    10 Nov 2004
    16 Mar 2010
    Link to this post
    Hi Martin,

    Thanks for the help unfortunately this is either way beyond my comprehension or it just wasn't meant to be. Your sample solution is limited to "admin" user and controlling access by single dedicated IP. I have multiple users that can be added and removed by the client and the IPs are also multiple and unknown. So that leaves me back to where I started. As soon as I try to edit a page in another language I have no way of knowing who was previously logged in and if they should stay logged in. 

    One of the samples at stackoverflow you provided was the same that Ivan had provided to me. Their solution, redirect back to the master domain but of course this isn't an option when it's the domain in the url that's controlling what language is to be displayed. Other samples seem to use a similar approach where you redirect on login to the other domain (i.e. french.com/sso.aspx) and authenticate there and then redirect back. The problem with this is it only works if you have two different applications and as a result two different authentication ticket cookies. I could be wrong here but just can't seem to find a work around for it.

    Any other ideas?

    Thanks again for your help!
    Phill
  7. Martin Meixger
    Martin Meixger avatar
    7 posts
    Registered:
    27 Sep 2009
    16 Mar 2010
    Link to this post
    Hi Phil,

    hmm...to tell the thruth, i started with sso but eventually gave up because essentially i don't needed it:

    I have separate branches per language in my content tree.
    This allows me to have fully localized urls and page names, witch i think is a must for SEO.
    In web.config i map in <cms><urlMappings> each domain to a branch in the content tree.

    My editors don't need to switch domains anymore, because they edit all content on the primary domain
    So i realy don't need a cross domain authentication / sso anymore.
    The hardcoded admin / ip login is only for convenience within the company network.

    But it should definitively be possible to pass the ReturnUrl to the SSO domain and then redirect back to the other domain. You could pass the url in another querystring variable! So you are not limited to two applications.

    Martin
Register for webinar
7 posts, 0 answered