How to run YAF in a virtual directory under SharePoint with Integrated...

Welcome Guest! To enable all features please Login or Register

Tuff
52.4% (Neutral)
YAF Forumling Topic Starter

14 years ago

I saw other posts about running YAF under SharePoint and took some of their ideas along with a few others to come up with my implementation.

Project Goals:

- Run YAF as a virtual directory under SharePoint.

- Configure YAF to use Integrated Windows Authentication.

- Automatically register new users within the system. This will be handled by forcing users to login and disabling registration. Any users not already in the system will get routed to a custom page to verify information. Upon submission, account will be created and redirected back to forum where they will be automatically logged on using Integrated Windows Authentication.

- File and Image uploads will be disabled. These artifacts will be kept in SharePoint. This is very important due since I believe that YAF stores the information on the file system. If you have multiple WFE’s, you would need to recode the files to point to a Network for DFS Share. We chose SharePoint so that people can manage their own artifacts and security. In SharePoint these items are stored in the database where they are more secure.

Environment Description:

- Currently running MOSS 2007 SP2 on WS03 R2 with IIS6 so the instructions will be tailored for that environment.

- The environment is also configured for internal use within our domain.

- MOSS is already configured to run custom .net applications using jQuery AJAX, .Net Web Services, and support JSON.

- MOSS Environment consists of 3 Tiers: 2 Web Front Ends, 1 Central Admin, with the Database on a clustered shared SQL environment.

Thought I'd share for those seeking assistance.

Here's the steps I took:

- Initially installed YAF normally to get my core install and database created. Of course you could have done this later but didn't want to deal with the extra issues regarding configuration.

- Configure Integrated Windows Authentication by doing the following steps:

- Create your account using the following pattern <>\<>. This is very important or you will not gain access after you configure the site for windows auth. Make sure you grant yourself Admin and Host Admin rights.

- Open your web.config and rem out the section below and add a new line as follows:

- Go into IIS and set the directory security of the site to use Integrated Windows Authentication and remove the check mark on the "enable anonymous access" section.

- Perform an IISReset and browse to your forum to ensure it’s working. Just make sure that you can login automatically since there are more configurations to be done.

- If all is working you should be logged in as <>\<>.

- Once you get logged in, copy the entire directory structure to your SharePoint environment. Because of the way SharePoint manages security, you’ll need to copy it directly under InetPub.

Ex. C:\Inetpub\wwwroot\wss\VirtualDirectories\<>\Forums

- For my deployment, I reserved the managed path of “Forums” and copied all my files there.

- Open up the web.config of your YAF application and comment out any references that may have already been loaded by SharePoint’s root web.config.

- For mine I had to comment out the following items:

- Under system.web  compilation assemblies:

- Under system.web  pages  controls:

- Now open up SharePoint’s root web.config. This should be one level up from your existing directory.

- Add the following under system.web httpHandlers:

- Make sure you save both files and go back to IIS Manager.

- Within IIS Manager, browse to your new directory and view properties.

- Click on the Create application button.

- Set the Execute permissions to Scripts and Executables.

- For the application pool, I created a new one and used the same ID as the MOSS AppPool which is a domain account.

- Since this is a virtual directory under your SharePoint environment and you’re using Active Directory Integration, then the directory security should automatically be set to use Integrated Windows Authentication.

- If you have uploaded Avatars, you will need to set the directory security for the /Images/Avatars folder to Anonymous. Since this is running under SharePoint, you will also need to grant the user running as Anonymous to have NTFS Read rights to the /Images/Avatars folder.

- You should now be able to browse to your Forum using the host header that SharePoint is running under.

- Now we need to futher lock down the registration as well as provide a way to automatically create the user accounts in YAF.

- In YAF, browse to Admin  Host Administration  Host Settings  Host Settings Tab.

- Go to the Login/Registration Settings section and set the following:

- Disable New Registrations: “Checked”

- Custom Login Redirect URL: “./NewUserReg/NewUser.aspx” ** We’ll create this page later.

- Require User Login: “Checked”

- Go back to Explorer and open up your app.config file.

- Find the section for “AllowLoginAndLogoff”. Move the end comment tag “ - - >” above the line so that the following line is enabled:

- That’s all the Forum changes. Now we need to create the new user registration page.

- Open up your solution in visual studio.

- Create a folder under the root called “NewUserReg”

- Add a new C# web Form to that folder called “NewUser.aspx”.

- Paste the following code:

using System;

using System.Collections.Generic;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Data;

using System.Data.SqlClient;

using System.DirectoryServices;

using System.Security.Principal;

using Microsoft.SharePoint;

using System.Configuration;

using YAF.Providers;

using YAF.Classes.Core;

using YAF.Classes.Utils;

using YAF.Classes.Data;

public class User

{

public string UserID { get; set; }

public string DisplayName { get; set; }

public string Email { get; set; }

public string HomePage { get; set; }

public string Location { get; set; }

}

public partial class NewUser : System.Web.UI.Page

{

protected void Page_Load(object sender, EventArgs e)

{

if ((Request.Form["UserID"] != null))

{

string _appName = "YetAnotherForum";

string _username = !string.IsNullOrEmpty(Request.Form["UserID"].ToString()) ? Request.Form["UserID"].ToString() : string.Empty;

string _displayName = !string.IsNullOrEmpty(Request.Form["DisplayName"].ToString()) ? Request.Form["DisplayName"].ToString() : string.Empty;

string _password = "Password2";

string _passwordSalt = "zorgBpCN0TLvnRY1VSmwDxCEiE0=";

int _passwordFormat = 1;

string _email = !string.IsNullOrEmpty(Request.Form["Email"].ToString()) ? Request.Form["Email"].ToString() : string.Empty;

bool _isApproved = true;

int _boardid = 1;

YafContext.Current.Cache.Clear() ;

//Check to see if user exists in Provider table.

Object userKey = YAF.Providers.Profile.DB.Current.GetProviderUserKey(_appName, _username ) ;

//Add user to yaf_prov_Membership table

YAF.Providers.Membership.DB.Current.CreateUser(_appName, _username, _password, "", _passwordFormat, _email, "", "", _isApproved, userKey ) ;

YAF.Providers.Roles.DB.Current.AddUserToRole(_appName, _username, "Registered" ) ;

// create the user in the YAF DB so profile can ge created...

System.Web.Security.MembershipUser user = UserMembershipHelper.GetUser(_username ) ;

int? userId = RoleMembershipHelper.CreateForumUser(user,_displayName,_boardid ) ;

Response.Redirect("~" ) ;

}

public void BuildUserInfo()

{

User myUser = GetUserData();

if (!myUser.UserID.Equals(@"NTAuthority\Anonymous" ) )

{

Response.Write(@"

" ) ;

Response.Write("

" ) ;

Response.Write(string.Format(@"

", myUser.UserID, "UserID" ) + Environment.NewLine ) ;

Response.Write("

" ) ;

Response.Write("

" ) ;

Response.Write(string.Format(@"

", myUser.DisplayName, "DisplayName" ) + Environment.NewLine ) ;

Response.Write("

" ) ;

Response.Write("

" ) ;

Response.Write(string.Format(@"

", myUser.Email, "Email" ) + Environment.NewLine ) ;

Response.Write("

" ) ;

Response.Write("

" ) ;

Response.Write(string.Format(@"

", myUser.HomePage, "HomePage" ) + Environment.NewLine ) ;

Response.Write("

" ) ;

Response.Write("

UserID :
Display Name :
Email :
Home Page:

" ) ;

}

else

{

Response.Write("This site requires your browser to be configured with Windows Integrated Authentication.
" ) ;

Response.Write("Please follow the instructions using the following link: " ) ;

Response.Write(@"

" ) ; //This section is optional, but the browser settings were not fully managed by Group Policy in our environment thus needing this.

}

public User GetUserData()

{

User currentUser = new User();

currentUser.UserID = HttpContext.Current.User.Identity.Name.ToString() ;

if (!currentUser.UserID.Equals(@"NTAuthority\Anonymous" ) )

{

int subIndex = currentUser.UserID.IndexOf("\\" ) ;

string sAMAccountName = currentUser.UserID.Substring(subIndex + 1 ) ;

SPSecurity.RunWithElevatedPrivileges(delegate()

{

string appid = WindowsIdentity.GetCurrent().Name;

DirectoryEntry dirEntry = new DirectoryEntry("LDAP://CONTOSO.MICROSOFT.COM" ) ; //BE SURE TO UPDATE THIS WITH YOUR DOMAIN NAME

DirectorySearcher dirSearcher = new DirectorySearcher(dirEntry ) ;

SearchResultCollection src = null;

//THIS QUERY CHECKS TO MAKE SURE THE ACCOUNT IS NOT DISABLED.

dirSearcher.Filter = string.Format("(&(anr={0})(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)) ) " , sAMAccountName);

dirSearcher.PageSize = 50;

src = dirSearcher.FindAll() ;

if (src != null)

{

SearchResult sr = src[0];

DirectoryEntry dirUser = sr.GetDirectoryEntry() ;

string PreferredName = ((dirUser.Properties["cn"].Value != null) ? dirUser.Properties["cn"].Value.ToString() : "" ) ;

string firstName = ((dirUser.Properties["givenName"].Value != null) ? dirUser.Properties["givenName"].Value.ToString() : "" ) ;

string lastName = ((dirUser.Properties["sn"].Value != null) ? dirUser.Properties["sn"].Value.ToString() : "" ) ;

if (firstName != "" && lastName != "" )

{

currentUser.DisplayName = lastName + ", " + firstName;

}

else

{

currentUser.DisplayName = PreferredName;

}

currentUser.Email = (dirUser.Properties["mail"].Value != null) ? dirUser.Properties["mail"].Value.ToString() : "";

currentUser.HomePage = (dirUser.Properties["wwwHomePage"].Value != null) ? dirUser.Properties["wwwHomePage"].Value.ToString() : "";

currentUser.Location = (dirUser.Properties["physicalDeliveryOfficeName"].Value != null) ? dirUser.Properties["physicalDeliveryOfficeName"].Value.ToString() : "";

}

} ) ;

}

return currentUser;

}

You will need to create the proper controls on the NewUser.aspx page as well as follows:

head runat="server">

SharePoint Forums - New User

New User Registration

<% BuildUserInfo(); %>

Please verify the information and click "Continue".

Upon clicking on "Continue", a profile will be created within the forum.

Regards,

Client & Collab Design

I used jQuery to validate my form as well as perform the submit. I’ll leave you to be as creative as you want to do this.

Have someone test it out that is not currently in the forum. When they browse to the root, they should automatically get routed to your new registration page and with their information pre-populated. Once they hit Continue, they should be logged into your forum and showing their DisplayName in the Logged on section.

Enjoy!!!

Wanna join the discussion?! Login to your YAF.NET Support Forum forum account or Register a new forum account

Sponsor

New User Registration

Important Information: