1

I'm trying to achieve the following:

  • I'm building an MVC website that will help me to automatically logon to another site.
  • WebsiteA will call WebsiteB using HttpWebRequest.
  • WebsiteA will send the details of the user through headers (request.headers.add)
  • WebsiteB will handle all the user authentication and internally it will redirect to another page granting access to that user.

I've managed to achieve part of it but I'm stuck in displaying the redirection return. Anyone knows if this can be achieved?

Here is some code that gets called in the WebsiteA app:

        [HttpPost]
        [OutputCache(NoStore = true, Duration = 0, VaryByParam = "*")]
        public ActionResult LogIn(myModel model)
        {
            HttpWebRequest request = (HttpWebRequest)WebRequest.Create("http://websiteB/LogIn.aspx");
            request.AllowAutoRedirect = true;
            request.Method = "POST";
            request.Headers.Add("MyUserToLogon", model.User); //I'm sending my user through headers
            string postData = "This is a test";
            byte[] byteArray = Encoding.UTF8.GetBytes(postData);
            request.ContentType = "application/x-www-form-urlencoded";
            request.ContentLength = byteArray.Length;
            Stream dataStream = request.GetRequestStream();
            dataStream.Write(byteArray, 0, byteArray.Length);
            dataStream.Close();

            //Get the response from the Login Page
            HttpWebResponse response = (HttpWebResponse)request.GetResponse();

            // Display the status.
            Console.WriteLine(((HttpWebResponse)response).StatusDescription);
            dataStream = response.GetResponseStream();
            StreamReader reader = new StreamReader(dataStream);
            string responseFromServer = reader.ReadToEnd();
            Console.WriteLine(responseFromServer);

            reader.Close();
            dataStream.Close();
            response.Close();

            //What to do here? I want to go to the redirected page from WebSiteB/Page1.aspx
            //See code below for WebSiteB.

            return null;
        }

In WebSiteB I have the code that does the redirection when the user is successfully logged in:

        .......
        users = Request.QueryString["MyUserToLogon"];
        .......

        private void LogIn(string user)
        {
            GrantUser(user, Session.SessionID);

            HttpCookie mycookie = new HttpCookie("test");
            mycookie .Expires = DateTime.Now.AddMinutes(10);
            Response.Cookies.Add(mycookie);
            Response.AddHeader("mycookie ", mycookie .Value);

            Response.Redirect("WebsiteB/Page1.aspx");
        }

Any help would be really appreciated.

Jordi Corbilla
  • 561
  • 7
  • 16

1 Answers1

0

I had the same problem for my sites.

You can't use redirect because it is done by IIS and you will never receive all your authentication cookies back from WebSiteB.

In my case returning view instead of redirect worked. And then you redirect on WebSiteA after setting cookies

Also seems you need to add cookie container for your request to get cookies back.

Here is may code

Landing site 

 [HttpPost]
    public ActionResult Login(string accountId)
    {

        var url = "http://...."

        var request = (HttpWebRequest)WebRequest.Create(url + "/Account/WamLogin/");

        request.Headers.Add("user", accountId);
        request.CookieContainer = new CookieContainer();

        var response = (HttpWebResponse)request.GetResponse();

        foreach (Cookie cook in response.Cookies)
        {
            Response.Cookies.Add(new HttpCookie(cook.Name, cook.Value) { Expires = cook.Expires, HttpOnly = cook.HttpOnly, Domain = cook.Domain });
        }

        return new RedirectResult(url);
    }

Here is WebSiteB code

[AllowAnonymous]
public virtual ActionResult WamLogin(string returnUrl, string id)
{
    var accountId= Request.Headers["user"];

    .....

    return View(MVC.Account.Views.Login);
}

Hope this will help you

fly_ua
  • 1,034
  • 8
  • 12