diff --git a/Security/SamlCallback.aspx b/Security/SamlCallback.aspx deleted file mode 100644 index dbc33fb..0000000 --- a/Security/SamlCallback.aspx +++ /dev/null @@ -1,13 +0,0 @@ -<%@ Page Language="VB" AutoEventWireup="true" CodeFile="SamlCallback.aspx.vb" Inherits="Security.SamlCallback" %> - - - - - SAML Authentication - - -
-
-
- - \ No newline at end of file diff --git a/Security/SamlCallback.aspx.vb b/Security/SamlCallback.aspx.vb deleted file mode 100644 index 509c8a5..0000000 --- a/Security/SamlCallback.aspx.vb +++ /dev/null @@ -1,121 +0,0 @@ -Imports System.Web -Imports System.Web.UI -Imports BaseClasses -Imports BaseClasses.Configuration -Imports BaseClasses.Utils - -Namespace Security - Partial Public Class SamlCallback - Inherits System.Web.UI.Page - - Protected Sub Page_Load(sender As Object, e As EventArgs) - Dim samlResponse = Request.Form("SAMLResponse") - If String.IsNullOrEmpty(samlResponse) Then - RedirectToSignInWithError("No SAML Response received") - Return - End If - - ' Certificate for validating SAML response - Dim cert As String = _ - "-----BEGIN CERTIFICATE-----" & vbCrLf & _ - "MIIE6DCCAtCgAwIBAgIQOQaY6KUdPItB52hpOsIBvjANBgkqhkiG9w0BAQsFADAw" & vbCrLf & _ - "MS4wLAYDVQQDEyVBREZTIFNpZ25pbmcgLSBzc28uc2F0aXRtLmNodWxhLmFjLnRo" & vbCrLf & _ - "MB4XDTI1MDQwNjEyNTQxNFoXDTI2MDQwNjEyNTQxNFowMDEuMCwGA1UEAxMlQURG" & vbCrLf & _ - "UyBTaWduaW5nIC0gc3NvLnNhdGl0bS5jaHVsYS5hYy50aDCCAiIwDQYJKoZIhvcN" & vbCrLf & _ - "AQEBBQADggIPADCCAgoCggIBAMlu6kjF9Ghsr9Z6+AIYRjHTx4OL6fROrCzq26/h" & vbCrLf & _ - "YBfsrsL5QeJlWtYhRsbrW3wAFaQukNYal5LRJx8BXXlngIDIfoIEixT62BqFC2XO" & vbCrLf & _ - "Ju7Rq+p1ei2WZb06V0It8ohmZVPqsDPzygjBblta27DBGQ8qQ4upGVTwOIBRisMj" & vbCrLf & _ - "Ixxx90p6DeB2ZCiGOYCYMYPdFWwz8QCZv64WbWRw3WhRKla05nyiV352aaC53XL0" & vbCrLf & _ - "ZZlRFV8jj6YiKsbKEzkxKpDVxEaH28NGVptBJyfkU5VOpqkmZZtqhSCrrIprfa+j" & vbCrLf & _ - "Dl6De9Siq8/CUDoZhkhRoNUqmhaiu0ZbV3AF0iN+XLtmeP/GJREz5m3gOoAGH8Rl" & vbCrLf & _ - "g5pyca6vmSnJHKnTsu8Elc4pVvO6jH1hqdBLVFa4uftqqBY2B/ZuUXj7764eHsMZ" & vbCrLf & _ - "kHZC6SXOxAP2BPbRbslbd4CRErnuE5rgMRQAYQVWcrDvagUdvm2T1+wJN7GmwBg9" & vbCrLf & _ - "GGhTA3r9howvIj2RFLxCZbpy2QlWKMb1zjyvtCHrM7g8/aGuvJfY5cmfww5aib4a" & vbCrLf & _ - "QpJq+ZyCPZpW8iXZTnxVuyV57WFTOmCvy/9dfK/IQXEqG5FIikwaB2nyL/D5FXIP" & vbCrLf & _ - "xH+OzLeLdLlKe2zpOJgx2p1M6rJ29AJRASKs+ikqlSV/i5t+1sw2qinFKJ8ZegsN" & vbCrLf & _ - "HDgBAgMBAAEwDQYJKoZIhvcNAQELBQADggIBABzrTEbbzMHbq0mIV1w3TL6IVOv8" & vbCrLf & _ - "BeXoYznSI7P/MhJwBXMbrYNNbpSkv5jWhtSAWQWrDrN0IUqvKwIYYRlRtgvma6Mk" & vbCrLf & _ - "PFXRvzkVhpuqm/bp1HAH2yoJUXNuWInzdJeMnPaQymU/hSvSJ8f66pwlPrAYTSBk" & vbCrLf & _ - "YIbcEdLJ3OmcnjOjj4W+s70J0s0HTnNQboAzjue3SmpsPVVetP+cwaoIASz2M6Fr" & vbCrLf & _ - "wfqFaUUiSAxcUzfELOyN8d1dnRFQVkrNyayz0fHH2Kje5GnGLMNaZTKZ88nVbmoq" & vbCrLf & _ - "Cbow7ofjEb74jNwWhmRhntuEE0I1W55LnU3Srjptjnfkd604W60DbqiWBKM6rTTb" & vbCrLf & _ - "ilCJsW3umI26/eFZAfZIA2n7/FKDcDXFCJOM1UV+09pZ12p0TAaA3nyA2TbdI+PM" & vbCrLf & _ - "GtvvEK2PU+tdU64uAlOOaldk52dIuR7kOVBk53Gf3K2wY2U/oovLrlXLHb8NJD49" & vbCrLf & _ - "Po6XT3w6WL+okyr7FgdmAHTNpTnthXG0pyN4KUFEAK9HWXdGRWUgFX4yBOjmPN1N" & vbCrLf & _ - "Vx7G3klMd+ccQUU80lxDKQUbjhcWLloWNlg6w2SKk4Ku7/f8HmPkqppvFow+ytWm" & vbCrLf & _ - "0abcCjptoUrFR1BCM86CIDCo9bEWIyWv+SHr2AvlQ8D0Z8aQRr6M73NN1PNWruPf" & vbCrLf & _ - "bpD2ekhB2vZ9R2ij" & vbCrLf & _ - "-----END CERTIFICATE-----" - - Try - Dim resp = New SamlHelper.Response(cert, samlResponse) - If resp.IsValid() Then - ' Extract user information from SAML response - Dim email = resp.GetEmail() - Dim firstName = resp.GetFirstName() - Dim lastName = resp.GetLastName() - - ' Authenticate user in the application - If AuthenticateSamlUser(email, firstName, lastName) Then - ' Redirect to success page or back to original requested page - RedirectOnSuccess() - Else - RedirectToSignInWithError("User authentication failed") - End If - Else - RedirectToSignInWithError("Invalid SAML Response") - End If - Catch ex As Exception - RedirectToSignInWithError("Error processing SAML response: " & ex.Message) - End Try - End Sub - - Private Function AuthenticateSamlUser(email As String, firstName As String, lastName As String) As Boolean - Try - ' Create a base application page to access security methods - Dim basePage As BaseApplicationPage = DirectCast(Me.Page, BaseApplicationPage) - Dim errMessage As String = "" - - ' Use email as username for authentication - ' This assumes your user table uses email as the primary identifier - Dim success As Boolean = basePage.CurrentSecurity.SetLoginInfo(email, "", errMessage) - - If success Then - ' User authenticated successfully - Return True - Else - ' Log the authentication failure - System.Diagnostics.Debug.WriteLine("SAML Authentication failed: " & errMessage) - Return False - End If - Catch ex As Exception - System.Diagnostics.Debug.WriteLine("SAML Authentication error: " & ex.Message) - Return False - End Try - End Function - - Private Sub RedirectOnSuccess() - ' Check if there's a return URL in session or query string - Dim returnUrl As String = Request.QueryString("ReturnUrl") - If String.IsNullOrEmpty(returnUrl) Then - returnUrl = ApplicationSettings.Current.DefaultPageUrl() - End If - - If String.IsNullOrEmpty(returnUrl) Then - returnUrl = "~/Default.aspx" - End If - - Response.Redirect(returnUrl) - End Sub - - Private Sub RedirectToSignInWithError(message As String) - Dim signInUrl As String = ApplicationSettings.Current.SignInPageUrl() - If String.IsNullOrEmpty(signInUrl) Then - signInUrl = "~/Security/SignIn.aspx" - End If - - signInUrl &= "?message=" & Server.UrlEncode(message) - Response.Redirect(signInUrl) - End Sub - End Class -End Namespace \ No newline at end of file diff --git a/Security/SignIn.aspx b/Security/SignIn.aspx index 18c74ee..86f25a4 100644 --- a/Security/SignIn.aspx +++ b/Security/SignIn.aspx @@ -6,27 +6,15 @@ <%@ Register Tagprefix="BaseClasses" Namespace="BaseClasses.Web.UI.WebControls" Assembly="BaseClasses" %> -
+
+
-
<%= SystemUtils.GenerateEnterKeyCaptureBeginTag(FindControlRecursively("OKButton")) %>

This application uses Single Sign-On (SSO) authentication through ADFS.

-

Click the button below to authenticate with your organizational credentials.

- - - - - - - - - - - - - - -
-
+
<%= SystemUtils.GenerateEnterKeyCaptureBeginTag(FindControlRecursively("OKButton")) %>
+
+
+
+
 <%= SystemUtils.GenerateEnterKeyCaptureEndTag(FindControlRecursively("OKButton")) %>
diff --git a/Security/SignIn.aspx.vb b/Security/SignIn.aspx.vb index 7737060..1d83728 100644 --- a/Security/SignIn.aspx.vb +++ b/Security/SignIn.aspx.vb @@ -12,7 +12,6 @@ Imports System.Collections Imports System.Collections.Generic Imports System.ComponentModel -Imports System.Web Imports System.Web.UI Imports System.Web.UI.WebControls Imports BaseClasses @@ -245,16 +244,11 @@ Partial Public Class SignIn CancelButton_Click_Base(sender, args) ' NOTE: If the Base function redirects to another page, any code here will not be executed. End Sub - Public Sub OKButton_Click(ByVal sender As Object, ByVal args As EventArgs) + + Public Sub OKButton_Click(ByVal sender As Object, ByVal args As EventArgs) ' Click handler for OKButton. - ' Redirect to SAML authentication instead of traditional login - Try - Dim samlRequest As String = SamlHelper.CreateAuthRequest("https://cudreg.com", Request.Url.GetLeftPart(UriPartial.Authority) & "/Security/SamlCallback.aspx") - Dim redirectUrl As String = "https://sso.satitm.chula.ac.th/adfs/ls?SAMLRequest=" & HttpUtility.UrlEncode(samlRequest) - Response.Redirect(redirectUrl) - Catch ex As Exception - Me.ProcessLoginFailed("SAML Authentication Error: " & ex.Message, "") - End Try + ' Customize by adding code before the call or replace the call to the Base function with your own code. + OKButton_Click_Base(sender, args) ' NOTE: If the Base function redirects to another page, any code here will not be executed. End Sub diff --git a/Security/SignIn.xml b/Security/SignIn.xml index 4d4fb04..d16ce11 100644 --- a/Security/SignIn.xml +++ b/Security/SignIn.xml @@ -132,13 +132,16 @@ Button-CommandName Login - + + Button-Text - Login with ADFS + Btn:OK + ResourceReference Button-ToolTip - Login with ADFS Single Sign-On + Btn:OK + ResourceReference