Products

Solutions

Resources

Partners

Community

About

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

The Community Blog is a personal opinion of community members and by no means the official standpoint of DNN Corp or DNN Platform. This is a place to express personal thoughts about DNNPlatform, the community and its ecosystem. Do you have useful information that you would like to share with the DNN Community in a featured article or blog? If so, please contact .

The use of the Community Blog is covered by our Community Blog Guidelines - please read before commenting or posting.


Enabling CAPTCHA for logins

We're currently working on January's monthly release of DotNetNuke (05.02.02 - roadmap can be seen at http://support.dotnetnuke.com/Project/Project.aspx?Tab=Roadmap&PROJID=2), and one of the issues I was looking at was a bug in the DotNetNuke Captcha control. This control generates a challenge-response image that can be used to try and validate that an actions is being done by a human and not an automated process  (see http://en.wikipedia.org/wiki/CAPTCHA for more background on Captchas).

Usually when fixing a bug in a distinct area of code, I scan our issue log (http://support.dotnetnuke.com) to see if there are any other issues in that area of code that can be resolved. We'll be fixing a few other minor items such as missing ALT text on the image (necessary for XHTML compliance), but I did notice an issue that was raised a few times where a community member reported that the Captcha wasn't working on login.  I've tested and it does in fact work on login, and in fact what's happening is a misconfiguration by site admins. There were a few other forum posts and issues about this, so I thought it would be worth blogging about it to help anyone confused.

Historically when the Captcha control was added  DotNetNuke only supported Forms Authentication as a login model (and also had windows authentication as an optional free module), so the setting in Admin->User Accounts->User settings enabled or disabled Captcha for login. However, we overhauled the authentication area meaning that additional authentication providers can be easily added (there are core provided openid, liveid and cardspace providers) or created . As many of these require authenticating away from the website, and implement their own Captcha's, it makes no sense to enable duplicate Captchas at the login control level as before.

Instead now, Captchas are enabled at the authentication provider level for each portal. To enable Captcha for login, login as host (or portal admin) and go to Admin->Extensions, select the provider and then check the "Use captcha?" checkbox.

 

The "original" setting in Admin->user accounts->user settings, is still needed and valid, as it controls whether or not a user needs to provide a Captcha when associating an external provider (such as liveid, openid, cardspace) with their site account. We've updated the title and helptext to hopefully make this clearer.

Comments

Comment Form

Only registered users may post comments.

NewsArchives


Aderson Oliveira (22)
Alec Whittington (11)
Alessandra Daniels (3)
Alex Shirley (10)
Andrew Hoefling (3)
Andrew Nurse (30)
Andy Tryba (1)
Anthony Glenwright (5)
Antonio Chagoury (28)
Ash Prasad (37)
Ben Schmidt (1)
Benjamin Hermann (25)
Benoit Sarton (9)
Beth Firebaugh (12)
Bill Walker (36)
Bob Kruger (5)
Bogdan Litescu (1)
Brian Dukes (2)
Brice Snow (1)
Bruce Chapman (20)
Bryan Andrews (1)
cathal connolly (55)
Charles Nurse (163)
Chris Hammond (213)
Chris Paterra (55)
Clint Patterson (108)
Cuong Dang (21)
Daniel Bartholomew (2)
Daniel Mettler (181)
Daniel Valadas (48)
Dave Buckner (2)
David Poindexter (12)
David Rodriguez (3)
Dennis Shiao (1)
Doug Howell (11)
Erik van Ballegoij (30)
Ernst Peter Tamminga (80)
Francisco Perez Andres (17)
Geoff Barlow (12)
George Alatrash (12)
Gifford Watkins (3)
Gilles Le Pigocher (3)
Ian Robinson (7)
Israel Martinez (17)
Jan Blomquist (2)
Jan Jonas (3)
Jaspreet Bhatia (1)
Jenni Merrifield (6)
Joe Brinkman (274)
John Mitchell (1)
Jon Henning (14)
Jonathan Sheely (4)
Jordan Coopersmith (1)
Joseph Craig (2)
Kan Ma (1)
Keivan Beigi (3)
Kelly Ford (4)
Ken Grierson (10)
Kevin Schreiner (6)
Leigh Pointer (31)
Lorraine Young (60)
Malik Khan (1)
Matt Rutledge (2)
Matthias Schlomann (16)
Mauricio Márquez (5)
Michael Doxsey (7)
Michael Tobisch (3)
Michael Washington (202)
Miguel Gatmaytan (3)
Mike Horton (19)
Mitchel Sellers (40)
Nathan Rover (3)
Navin V Nagiah (14)
Néstor Sánchez (31)
Nik Kalyani (14)
Oliver Hine (1)
Patricio F. Salinas (1)
Patrick Ryan (1)
Peter Donker (54)
Philip Beadle (135)
Philipp Becker (4)
Richard Dumas (22)
Robert J Collins (5)
Roger Selwyn (8)
Ruben Lopez (1)
Ryan Martinez (1)
Sacha Trauwaen (1)
Salar Golestanian (4)
Sanjay Mehrotra (9)
Scott McCulloch (1)
Scott Schlesier (11)
Scott Wilkinson (3)
Scott Willhite (97)
Sebastian Leupold (80)
Shaun Walker (237)
Shawn Mehaffie (17)
Stefan Cullmann (12)
Stefan Kamphuis (12)
Steve Fabian (31)
Steven Fisher (1)
Tony Henrich (3)
Torsten Weggen (3)
Tycho de Waard (4)
Vicenç Masanas (27)
Vincent Nguyen (3)
Vitaly Kozadayev (6)
Will Morgenweck (40)
Will Strohl (180)
William Severance (5)
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out