Products

Solutions

Resources

Partners

Community

About

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationDNN 6.2 - new login methods - directionDNN 6.2 - new login methods - direction
Previous
 
Next
New Post
7/16/2012 10:30 PM
 

There seems to be surprisingly little discussion on what seems to me an important topic and one which, IMHO, is being implemented in a manner that seems to me way off the mark. An apology if this is a topic that is already on the forum, however I have not found an existing discussion. If there is one perhaps someone can point me at it in a reply and I will contribute there instead.

I am referring to the addition of new login providers with the advent of DNN 6.2. The only posts I have found about it is this:  http://www.dotnetnuke.com/Resources/F...

And this

http://www.dotnetnuke.com/Resources/F...        

There are two aspects which concern me about how this is being approached by the developers at the moment:

  • 1.      The implication that each login provider (twitter, Facebook, Google ) etc. creates its own user identity in the system when used to register
  • 2.      The inability to upgrade an existing site to 6.2+ and allow the use of an alternative login provider for existing users.

Why does this concern me? Simple, because not only does it not help with what is, to me, the biggest single issue with using DNN in the real world, it actually makes things worse. What is the biggest real-world issue? Once again simple, the fact that ordinary people (not us nerdy-type system administrators) CANNOT remember their username and password. That’s it, full stop. I’ll repeat: The biggest issue any my customers have with their DNN sites is that their end-users consistently fail to login as they don’t remember their user name. 

Visualise it from the end-users’ point-of-view: they arrive at the login page and have to think “is my login on this site my first name, my surname plus initials, my email, something else?”  Now think what happens if they get there and now there’s a Facebook option, Google option and so on. Not unreasonably, they would expect each of these options to be useable and lead to the same result –they get logged on as the same person. And this is not what has been implemented– instead they are going to have to remember not only a username but also which method they used to register – which is why I say this makes things worse not better. Most of them will inevitably finish up with multiple accounts on the site only one of which will be the ‘real’ one and have the correct security roles.

My heart lept with joy when I found the ‘use email address as username’ setting on my first DNN 6.2 test site.  “At long last”, I thought, an answer. Wrong. I turned it on, went to login (in a separate browser, I’m not daft! :) ) typed in the email for my admin account and got rejected. I had to type in the username instead, not the email. So then I registered a new user – and sure enough I was only offered email and was only able to login that user using email. A quick glance at the Users table revealed why – all accounts before the setting change had a username and an email – any account created after had only a username (in email format) copied from the email address.  

Here’s how, IMHO, it should work. A user account should be identified by a single primary key – the UserID. Each of the available login methods (and any new ones you add) should have a column (or columns if necessary) in this table that records the details for that method for that user. The profile should have the ability to have associated with it the login details for each login provider implemented on the site. The username column just becomes another provider’s login details column, not a key field in its own right as it seems to be at present. Regardless of which login method a user chooses they get the same account.

I believe it is absolutely essential that this or a very similar approach be implemented ASAP, otherwise we are just going to finish up with a dog’s breakfast solution.

Comments please – and if this is not the right stage how do I present this view to the development team?

 

 
New Post
7/19/2012 3:27 AM
 

I'm a little surprised you haven't received a response to this... I just went in to try out the new social networking features on here and to connect up my site to my facebook app stuff and came into the same issues...... I tried connect with facebook and it returned me back to the login screen saying "email address already registered" ok fine then connect that FB account to that email address.   I've finished up a FB provider for my DNN site that basically does that but I was hoping to just use the twitter/g+/etc....  and then it would all just sync up to a single account. It's disheartening to see that's not what it does :-/

But maybe I'm just doing something wrong

 
New Post
7/19/2012 6:16 AM
 

Well I am both surprised and seriously disappointed. You'd have thought someone from the core team would at least had the decency to comment - even if only to mount an argument that I am completely wrong, what they are doing is right on track and the reasons why they think that. The deafening silence is very disturbing. Does NO-ONE form the DNN development community have any interest in this????

 And no, I don't believe you are doing anything wrong. I think they mean it to work like that. 

 
New Post
7/19/2012 9:26 AM
 
Being able to bind social network accounts to an existing DNN account would definitely be a plus for me.
 
New Post
7/19/2012 11:02 AM
 
My apologies gents. I've been slammed at work this week and I'm the main contact for this forum. I'll get someone from the development team or at least someone who knows more about the new authentication providers than I do to take a look at this thread and reply to you.
 
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationDNN 6.2 - new login methods - directionDNN 6.2 - new login methods - direction


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out