+1-888-365-2779
Try Now
More in this section

Forums / Suggestions / Claims based login for resftul api

Claims based login for resftul api

8 posts, 1 answered
  1. Kristian
    Kristian avatar
    214 posts
    Registered:
    03 Jun 2010
    15 Mar 2012
    Link to this post
    I'd like to see an expansion on this post http://www.sitefinity.com/blogs/svetlayankova/posts/11-11-01/getting_started_with_restful_services_in_sitefinity.aspx using the new claims based authentication
  2. Svetla
    Svetla avatar
    36 posts
    Registered:
    07 Sep 2015
    20 Mar 2012
    Link to this post
    Hi Kristian,

    Thank you for your suggestion!

    We'll try to have this rolled out by the end of the week.

    All the best,
    Svetla
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
    Answered
  3. cli
    cli avatar
    50 posts
    Registered:
    21 May 2007
    08 Jun 2012
    Link to this post
    Any word on this information being released?  There is a similar thread that went unanswered as well.  Thanks.

    cli
  4. Svetla
    Svetla avatar
    36 posts
    Registered:
    07 Sep 2015
    12 Jun 2012
    Link to this post
    Hi Kristian and Charles,

    Attached is a code sample that accomplishes the task. 

    A quick run-through of the sample:
    • The Helpers folder contains wrappers for both authentication modes (forms and claims) illustrating login, logout and different other htttp requests. 
    • The Model folder contains automatically generated classes for the different objects in Sitefinity. I generate these classes using json2csharp from the json that Sitefinity itself passes to the services. I do simple inspection through Fiddler, Firebug or Chrome tools to check the payload and the different headers of each request that I want to replicate.
    • The UI is simply tied to this functionality, in this particular sample I fetch the orders and create a product programatically. The dropdown toggles between authentication modes.

    My idea is to create a universal and shippable wrapper library for .NET based RESTful clients and as such this sample can mature a lot more. Any feedback is highly appreciated!

    All the best,
    Svetla
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  5. cli
    cli avatar
    50 posts
    Registered:
    21 May 2007
    14 Jun 2012
    Link to this post
    Thank you for the detailed response!  I know a lot of other people will find this extremely helpful as well.  I think this should be part of the official documentation in some form whether it's the exact sample or an outline of the necessary steps.  It's essential to fully leverage the restful api services.

    I'm integrating the code now and will report my findings.  Thanks again.
  6. cli
    cli avatar
    50 posts
    Registered:
    21 May 2007
    14 Jun 2012
    Link to this post
    Again, this is a great start.  However, it does not provide a mechanism to log yourself out if you're logged in a different session.  This happens to me often while testing different browsers if I forget to log off.  There isn't sample code in the forums on how to do this programmatically server side.  You can use sitefinity's own self sign out page but many people want to do this automatically to bypass it.  My current workaround is to edit the database table directly which I know is not recommended.  Can this even be done with the provided restful api?
  7. Boe
    Boe avatar
    8 posts
    Registered:
    17 Nov 2011
    14 Jun 2012
    Link to this post
    I have a code snippet that automatically logs the user out, then logs the user in. I think this solution can be modified to assist you with the functionality you are looking for.

    var currentUser = SecurityManager.AuthenticateUser(System.Web.Security.Membership.Provider.Name, username, pwd, rememberMe);
    if (currentUser == UserLoggingReason.UserAlreadyLoggedIn)
    {
        SecurityManager.Logout();
        currentUser = SecurityManager.AuthenticateUser(Membership.Provider.Name, username, pwd, rememberMe);
    }
  8. Paul
    Paul avatar
    6 posts
    Registered:
    04 Sep 2012
    04 Sep 2012
    Link to this post
    I'm trying to get this working with 5.1 and the same application suffers the same fate as my homegrown solution.  Both are able to authenticate and get a token but then they fail to authorize on subsequent calls.  

    When I run this sample against my 5.1 installation it gets logged in, but upon clicking "List Data" the call to the SF API gets a 401.

    How does one correctly create an HTTP GET with the token provided?

    EDIT: I've found that the token was UrlEncoded 2x, so decoding it once left me with a valid token.  I'm using HttpClient in my example.
8 posts, 1 answered