I use my credential provider for RDP login on server windows.
I customize UpdateRemoteCredential to transport login data like as username and password. and I can login successfully by the user and pass:
pcpcsOut->ulAuthenticationPackage = pcpcsIn->ulAuthenticationPackage;
pcpcsOut->cbSerialization = pcpcsIn->cbSerialization;
pcpcsOut->rgbSerialization = pcpcsIn->rgbSerialization;
pcpcsOut->clsidCredentialProvider = CLSID_CSamanV2Provider;
if (pcpcsOut->cbSerialization > 0 && (pcpcsOut->rgbSerialization = static_cast<BYTE*>(CoTaskMemAlloc(pcpcsIn->cbSerialization))) != nullptr)
{
CopyMemory(pcpcsOut->rgbSerialization, pcpcsIn->rgbSerialization, pcpcsIn->cbSerialization);
return S_OK;
}
After do this, I create a new Initialize function to create a new tile and login auto.
_rgpCredentials[0]->Initialize(_cpus, s_rgCredProvFieldDescriptors, s_rgFieldStateNormalPairs, _dwCredUIFlags, wszDomain, wszUsername, wszPassword);
like above picture, the tile's title is "other user". How can I change this to user name that logon by rdp?
So, my question is:
If any way to create the new tile for a user (not Other User) on my scenario? or If any way to change the Other User big title on the my tile?
Related
I need to validate user credentials from external service, therefore I'm using the VirtualUser authentication.
BuildVirtualUser, checking for the roles to set to him, saving the user Profile and then login with that name.
I'm facing a problem, that everyday that i login, with the same credentials Sitecore creates a new user in Experience Profile.
What i need to change in my code to assure that, with virtual user login, Sitecore gets the old experience profile of the user?
I was thinking in creating the user in sitecore with same generic password. Instead of using the virtual user, and authenticate directly with sitecore. Is that correct?
Here's my code:
Sitecore.Security.Accounts.User user = Sitecore.Security.Authentication.AuthenticationManager.BuildVirtualUser(sitecoreUser, true);
string roleName = #"newRole\User";
Sitecore.Security.Accounts.Role demoRole = Sitecore.Security.Accounts.Role.FromName(roleName);
if (Sitecore.Security.Accounts.Role.Exists(roleName) && !demoRole.IsMember(user, true, false))
{
user.Roles.Add(Sitecore.Security.Accounts.Role.FromName(roleName));
}
user.Profile.Name = name;
user.Profile.Email = email;
user.Profile.FullName = fullname;
user.Profile.Save();
Sitecore.Security.Authentication.AuthenticationManager.Login(user.Name);
Tracker.Initialize();
Code looks fine, but you miss one important thing: to identify your user/contact.
You need to add next line of code:
Tracker.Current.Session.Identify(email);
Please check next link to find more information about how to identify contacts:
https://doc.sitecore.net/sitecore_experience_platform/setting_up__maintaining/xdb/contacts/identifying_contacts
I am building a system using Sitecore 7.5 and I would like to figure out a way to require a Sitecore user to change their password on next login. We have a custom profile that all users have and I have added a checkbox called "Password Change Required". And I added the code below to the LoggingIn pipeline. That way when a user attempts to login I can just redirect them to the built in Sitecore change password page.
public class PasswordChange
{
public void Process(LoggingInArgs args)
{
var user = Sitecore.Security.Accounts.User.FromName(args.Username, true);
var myCustomUser = new CustomUser(user.Profile);
if (myCustomUser.PasswordChangeRequired)
{
HttpContext.Current.Response.Redirect("/sitecore/login/changepassword.aspx");
}
}
}
That works fine. If I go in to User Manager and check that checkbox for a given user, then the next time they try to login they are redirected to the built in Sitecore page for changing your password. However I can't seem to figure out when I can uncheck that checkbox in their user profile. Ideally I would like to have code that runs after the user has finished changing their password. That code should uncheck the checkbox so that the next time they login they are not required to change their password.
Does anyone know if it is possible to somehow tie in to the built in Sitecore change password page so that I can have some code run after the user successfully changes their password and uncheck that checkbox in their user profile?
Or is there a better way to accomplish this?
Thanks,
Corey
UPDATE: adding code that I used to solve the problem. I used the user:updated event as suggested by Anton below. I decided that if the user's password had been changed in the previous 30 seconds then that meant it was ok to uncheck the checkbox.
public class UserUpdatedHandler
{
protected void HandleUserUpdate(object sender, EventArgs args)
{
var user = (MembershipUserWrapper)Event.ExtractParameter(args, 0);
if (user != null)
{
// If this change was a password change and the Password Change Required checkbox is checked,
// then uncheck the Password Change Required checkbox
//First get a membership user object
var membershipUser = Membership.GetUser(user.UserName);
if (membershipUser != null)
{
//Now check the elapsed time since the last password change
var elapsedTimeSinceLastPasswordChange = DateTime.Now - membershipUser.LastPasswordChangedDate;
if (elapsedTimeSinceLastPasswordChange.TotalSeconds < 30)
{
//Get a Sitecore User
var sitecoreUser = User.FromName(user.UserName, true);
if (sitecoreUser != null)
{
//Create a custom user
var customUser = new CustomUser(sitecoreUser.Profile);
if (customUser.PasswordChangeRequired)
{
customUser.PasswordChangeRequired = false;
customUser.Save();
}
}
}
}
}
}
}
There is an event that should be triggered after user change(I believe that changing password will trigger this event): "user:updated". Within event handler you will be able to check "LastPasswordChangedDate" user property and determine was it password change or other change user action. If it is password change then you are able to uncheck that checkbox in user profile.
First step create a custom profile where you add a property named isFirstTime.
You add your own processor as a first processor of loggingin pipeline:
public void Process(LoggingInArgs args)
{
MembershipUser user = Membership.GetUser(args.Username);
if (user != null)
{
if (user.Profile["isFirstTime"].Equals("1"))
{
HttpContext.Current.Response.Redirect("/passwordchangepage");
}
}
}
This will redirect all the users that require password change to the /passwordchangepage url. On this page create a form for old password and new password and a submit button.
On submitting the form execute password change:
MembershipUser user = Membership.GetUser(username);
user.ChangePassword(oldPassword, newPassword);
user.Profile["isFirstTime"]=false;
I have created some Sitecore users who are not administrators and assigned them few roles. When these users access the Sitecore portal as default they are not shown hidden items and they have to go to view tab and configure it manually. Is there a way I can configure these users to view hidden items by default by doing some configurations to a user role shared between these users.
This information is retrieved by Sitecore.Shell.UserOptions.View.ShowHiddenItems property which gets this data from UserProfile (or from RegistryCache if the profile was already loaded).
User profile information is stored for every user separately and saved in database in binary column. There is no way of getting this option from user role.
Still you can write a script that will loop through all users in the role you mentioned and set the value in profile of those users:
public static void SetHiddenItemsValue(User user)
{
string key = "/Current_User/UserOptions.View.ShowHiddenItems";
string value = "true";
if (!(user != null))
return;
key = StringUtil.Left(key, 250);
key = key.Replace("Current_User", user.Name);
user.Profile[key] = value;
user.Profile.Save();
RegistryCache registryCache = CacheManager.GetRegistryCache(Sitecore.Context.Site);
if (registryCache == null)
return;
registryCache.Clear();
}
An alternative option from Maras is you could possibly hook into the security:loggedin event and set that value.
Your class needs to inherit from Sitecore.Pipelines.LoggedIn.LoggedInProcessor
That'll need to do something like the following:
public override void Process(LoggedInArgs args)
{
var user = Sitecore.Security.Accounts.User.FromName(args.Username, true);
var key = "/" + args.Username + "/UserOptions.View.ShowHiddenItems";
// if user needs to be in a specific role only, check that here
// if (user.IsInRole("yourrolename"))
if (String.IsNullOrEmpty(user.Profile[key]))
{
user.Profile[key] = "true";
user.Profile.Save();
}
}
I have a legacy system (sitecore 6.1) which is already have one profile provider in plave as default profile for admin section.
Now, i need to impelement another customised SQL profile provider (in a different table) for normal user.
But my question is How dose system know which profile provider to use in code?
Is there any thing I can do similar as :
System.Web.Security.Membership.Providers[providerString];
So that I can call customised profile provider in my code accordingly.
Or what would be the best practice in this case.
I've wasted like 1 hour try to go through sitecore docs, but not much available there.
Here's some code that I recently did to set up some custom profile stuff for a client using the Email Campaign Manager. Granted this code uses some classes specific to ECM, it creates a new user, initializes a profile class and then assigns that profile to the new user. Then it sets some custom properties for the user that was just created. It shows you how to call the profile based on the user as well as assigning a profile to use for that user. This might help or maybe help someone else.
public static void Process(List<Subscriber> userItems, Item targetAudienceDefinitionItem)
{
foreach (Subscriber user in userItems)
{
// you can also just pass it the id of the target audience as a string
Sitecore.Modules.EmailCampaign.TargetAudienceBase target = Sitecore.Modules.EmailCampaign.TargetAudience.FromItem(targetAudienceDefinitionItem);
string campaignname = target.ManagerRoot.Settings.CommonDomain;
string realUsername = campaignname + "\\" + user.UserName;
using (new SecurityDisabler())
{
User newUser;
if (!Sitecore.Security.Accounts.User.Exists(realUsername))
{
// create a new user and assign it to the email domain specified in the manager root item
newUser = Sitecore.Security.Accounts.User.Create(campaignname + "\\" + user.UserName, System.Web.Security.Membership.GeneratePassword(8,1));
}
else
// get back the existing user
newUser = User.FromName(realUsername, false);
// get back the current user profile
UserProfile subscriber = newUser.Profile;
// reset the profile to be the profile specified in the manager root
subscriber.ProfileItemId = target.ManagerRoot.Settings.SubscriberProfile;
subscriber.Save();
// built in properties are set like this
subscriber.Email = user.Email;
// set custom property value
subscriber["Address"] = user.Address;
// or long method
subscriber.SetCustomProperty("Address", user.Address);
subscriber.Save();
// now subscribe the user to the target audience subscriber list
target.Subscribe(Contact.FromName(newUser.Name));
}
}
}
For one of our FBA enabled SharePoint site, we need to access various web services. I know that we need to invoke Authentication.asmx before we make any other SP web service call.
How do I get the currently logged in user's username & password to pass to the Authentication.asmx service?
Thanks.
Update: I tried Marek's solution with a known username and password and got a 401 for Authentication.asmx. So probably some settings are off. The admin is looking into it.
MembershipUser user = Membership.GetUser();
string username = user.UserName;
string password = user.GetPassword();
Authentication auth = new Authentication();
auth.CookieContainer = new CookieContainer();
LoginResult result = auth.Login(username, password);
if (result.ErrorCode == LoginErrorCode.NoError)
{
CookieCollection cookies = auth.CookieContainer.GetCookies(new Uri(auth.Url));
Cookie authCookie = cookies[result.CookieName];
Lists lists = new Lists();
lists.CookieContainer = new CookieContainer();
lists.CookieContainer.Add(authCookie);
lists.GetListCollection();
}
However, depending on the settings of the membership provider (is password stored in plain text, encrypted or hashed? is it required to pass the security answer to get the password?) retrieving the password may be more difficult or even impossible and you will need to ask the user for it.