Single login

[bobwolfson]

Our company has a portal for our customers.  It's hosted on IIS and built in Dot Net Nuke (DNN).

DNN provides basic login features, and each of our customers has account credentials.  I would like to iframe HFS within the site to provide a logged-in customer with upload/download access to files on a server separate from the web host.

This is easily done, except that HFS requires its own login.  I'd like to avoid that since by the time the user gets to the iframed HFS interface, he'll already have been authenticated.

Is there a way to arrange this?  E.g. is there a way to pass some sort of account-identifying parameter/token to HFS on the URL in order to auto-login without challenging the user with a login prompt?

[bmartino1]

http://www.winhost.com/apps/dotnetnuke.aspx

it looks like you are trying to migrate form a web hosting service, HFS is not able to "sync" old contacts

You will have to manually enter the database in HFS to get that up and working...

I'm neither capable of programming this, nor know if HFS can even do this properly... sorry

I would recommend apache/ISS... if you still want HFS, then Iframe hfs to a ISS/apache website using html

http://www.w3schools.com/tags/tag_iframe.asp

[bobwolfson]

No, I am not trying to migrate from a hosting service.  And this doesn't have anything to do with contacts.  I don't know where you got either of those ideas.

The portal is hosted at Rackspace.  HFS will run on a file server here in the Atlanta office. 

I'll have no trouble creating a page within the portal that contains an iframe that refers to the HFS host here in Atlanta.

But, if that's all I do, then when a portal user - who has already logged into the portal - surfs to the page containing the iframe, he will see the HFS login challenge.  This will (rightly) annoy him!  He has already logged into the portal, why should he have to log in again?

I have no issue with creating accounts within HFS to exactly mirror the accounts in the portal.  I have no issue with setting permissions on all these accounts to see the appropriate files/folders in the VFS.

I just want to be able to have the portal somehow "pass a parameter" to HFS to tell it who the currently-logged-in portal user is (e.g. in the iframe's URL), and then have HFS react by silently logging that user in and respecting their permissions. 

Maybe it would entail composing the iframe URL something like:

http://hfs.mycompany.com:1234?user=fred

to tell HFS to connect to the "fred" account.  This need not compromise security; I can arrange it that only calls coming from the portal's IP can connect through the Atlanta firewall to the HFS server.  Thus I can be sure that calls are only made on behalf of already-authenticated portal users.

If there is no existing feature to let me get into HFS with a previously authenticated user name, can anyone advise me as to what it would take to add such a feature?  What technologies and development resources does it take to (re)program HFS?  It's open-source and we have programmers, but alternatively, would anyone care to undertake this enhancement for a fee?

[bmartino1]

DNN provides basic login features, and each of our customers has account credentials.

you didn't specify if the frame would be on the website with DNN or on HFS, for account credentials, i think of a possibility, but will not be easy to termante it...

in hfs ther is include passwords in URL, that can be used to authenticat it in an iframe, while still having passwords portected on HFS...

[LeoNeeson]

Did you tried something like this?...

Code: [Select]

<iframe src="http://username123:password456@hfs.mycompany.com:1234/"></iframe>
In this example, you have to have an HFS User called: "username123" with the Pass: "password456". I haven't tried it, but it should work fine.

The important part here is this code...

Code: [Select]

http://username123:password456@hfs.mycompany.com:1234/
Change "username123:password456" for your own "user:pass"