Learn More





DNN Community Blog

The Community Blog is a personal opinion of community members and by no means the official standpoint of DNN Corp or DNN Platform. This is a place to express personal thoughts about DNNPlatform, the community and its ecosystem. Do you have useful information that you would like to share with the DNN Community in a featured article or blog? If so, please contact .

The use of the Community Blog is covered by our Community Blog Guidelines - please read before commenting or posting.

4.6.0 - A Sneak Peek

For the last few weeks, I have been working on a couple of enhancements for 4.6.0.

  • Alternate Authentication Systems
  • A new Extensible Installer for components

This blog will introduce the first of these features, a future blog will cover the new Installer. 

Over the last few months a number of new Authentication Systems have been introduced (or announced).  These include, for example, Cardspace (introduced as part of .NET 3.0), OpenID and LiveID (the Windows Live replacement of Passport).   DotNetNuke has supported alternate authentication systems since 3.x when the the Windows (or ACtive Directory) provider was introduced.  Unfortunately, this provider approach does not lend itself for use with these new authentication systems.  We have therefore decided to overhaul the "Authentication provider" approach used and provide new "providers" for Cardspace, OpenID and LiveID.

While we call the new Authentication Systems - "Providers" they are not providers in the sense that they follow the same provider pattern as used in the othe providers in DotNetNuke.  The main reason for this, is that the Authentication providers need to implement three UI components - Login, Settings and LogOff.  These are registered in the new Authentication Table (see below)

This table is fairly straightforward with columns for the Authntication type, an IsEnabled flag, and three columns for the control src for the Login. Settings and LogOff controls.  (The Business Layer in the core Frameowork provides a similar AuthenticationInfo class and AuthenticationController, as well as base classes for each of the Controls (AuthenticationLoginBase, AuthenticationSettingsBase and AuthenticationLogOffBase).


The image to the left shows the Login Control when 3 Login Providers are enabled - in this case the standard DNN provider, LiveID and OpenID.   The Image to the right shows the new Authentication Admin page (with 4 Login Providers enabled)

Both of these images illustrate the procedure used by these "providers".  The original controls (SignIn.ascx and Authentication.ascx) have been replaced by new container controls that inject the relevant subcontrols.  In the case of the Settings control, a settings control (that inherits for AuthenticationSettingsBase) is injected for any provider that is enabled in the Authentication table (DNN, Cardspace, LiveID and OpenID).  The settings are all persisted in the Module Settings for the Authentication Module - each provider using a unique Prefix for its settings.  In the example shown the Cardspace module is not enabled for this portal, and this is why the Login control only injects subcontrols for three of the providers.

So, How does the login work.  We will use the example of the OpenID Login.

I entered my OpenID ID (  When I click the "Login with OpenID" button I am redirected to the myopenid site to login to my OpenID account.

If the OpenID ID has been associated with a DotNetNuke account, when you sign in to your OpenID provider you will be redirected back to DotNetNuke and logged in.  The actual procedure is that the OpenID subcontrol calls a new method of UserController that checks if the OpenID token is associated with a UserID.  If it is, it fires a "UserAuthenticated" event passing the DotNetNuke user as a property of the EventArgs and the Parent control completes the log in and redirects the user to the appropriate page.

The associations are stored in a new table UserAuthentication.

So in this case the OpenID token is mapped to UserID=11, and I am logged in.

What happens if my alternate Authentication ID is not already associated with a DNN account?

I entered a different OpenID ID (  When I click the "Login with OpenID" button I am redirected to the claimid site to login to my OpenID account.

This time, when I click login, as this openID is not associated with a DotNetNuke account, the OpenID subcontrol fires the UserAuthenticated event but does not pass a user, so the parent control presents the user with a "Register/Associate" page.

 The top section of this page indicates the type of Authentication used and the Identity (User Token) used.  It then provides the user with two options.

  1. Associate this ID with an existing Account - by entering the UserID/Password
  2. Register (Create) a new DotNetNuke Account.

The figure above denonstrates another feature of some of the alternate authentication systems (Cardspace, OpenID) - the Registration fields are pre-populated from Profile Information passed by the Authentication Provider.

There is much more to the Authentication Providers than this Blog can describe, but hopefuly you get the idea of how this works. 


Comment Form

Only registered users may post comments.


2sic Daniel Mettler (124)
Aderson Oliveira (15)
Alec Whittington (11)
Alex Shirley (10)
Andrew Nurse (30)
Anthony Glenwright (5)
Antonio Chagoury (28)
Ash Prasad (21)
Ben Schmidt (1)
Benjamin Hermann (25)
Benoit Sarton (9)
Beth Firebaugh (12)
Bill Walker (36)
Bob Kruger (5)
Brian Dukes (2)
Brice Snow (1)
Bruce Chapman (20)
Bryan Andrews (1)
cathal connolly (55)
Charles Nurse (163)
Chris Hammond (203)
Chris Paterra (55)
Clinton Patterson (28)
Cuong Dang (21)
Daniel Bartholomew (2)
Dave Buckner (2)
David Poindexter (3)
David Rodriguez (2)
Doug Howell (11)
Erik van Ballegoij (30)
Ernst Peter Tamminga (74)
Geoff Barlow (6)
Gifford Watkins (3)
Gilles Le Pigocher (3)
Ian Robinson (7)
Israel Martinez (17)
Jan Blomquist (2)
Jan Jonas (3)
Jaspreet Bhatia (1)
Jenni Merrifield (6)
Joe Brinkman (269)
John Mitchell (1)
Jon Henning (14)
Jonathan Sheely (4)
Jordan Coopersmith (1)
Joseph Craig (2)
Kan Ma (1)
Keivan Beigi (3)
Ken Grierson (10)
Kevin Schreiner (6)
Leigh Pointer (31)
Lorraine Young (60)
Malik Khan (1)
Matthias Schlomann (15)
Mauricio Márquez (5)
Michael Doxsey (7)
Michael Tobisch (3)
Michael Washington (202)
Mike Horton (19)
Mitchel Sellers (28)
Nathan Rover (3)
Navin V Nagiah (14)
Néstor Sánchez (31)
Nik Kalyani (14)
Peter Donker (52)
Philip Beadle (135)
Philipp Becker (4)
Richard Dumas (22)
Robert J Collins (5)
Roger Selwyn (8)
Ruben Lopez (1)
Ryan Martinez (1)
Salar Golestanian (4)
Sanjay Mehrotra (9)
Scott McCulloch (1)
Scott S (11)
Scott Wilkinson (3)
Scott Willhite (97)
Sebastian Leupold (80)
Shaun Walker (237)
Shawn Mehaffie (17)
Stefan Cullmann (12)
Stefan Kamphuis (12)
Steve Fabian (31)
Timo Breumelhof (24)
Tony Henrich (3)
Torsten Weggen (2)
Vicenç Masanas (27)
Vincent Nguyen (3)
Vitaly Kozadayev (6)
Will Morgenweck (37)
Will Strohl (163)
William Severance (5)
Try Evoq
For Free
Start Free Trial
a Demo
See Evoq Live
Need More Information?