It should be noted that if you install YAF into a subdirectory, you need to make sure the <forms> tag in both web.config files match. It took me a while to figure that one out πŸ™‚
Vaxination, did you find out where validationKey and decryptionKey are? I cannot find them either...
2007-10-24T07:56:35Z , which says it is in machine.config and can be overridden in web.config. But I don't see it... :?:
  •  Jaben
  • 100% (Exalted)
  • YAF Developer
Okay... machineKey goes in web.config section:

decryption="Auto" />

Most all settings are in the system.web section of web.config.
OK before I start tackling this zeee and others, I have a question.

Myself and 2 others have been building a website in our spare time now for almost a year specifically for online gamers, we have a boat load of tools for gamers to use outside of their game or games of choice.

We have built all of the tools on the site based around the default security provider that ASP.Net 2.0 with MS SQL 2005 db back end has built in.

The site is damn near pure data driven so everything is very dynamic in its manor.

We have made big time use of that wonderfull little line of code.


This pushes and pulls likely 99% of our data from the database.

Now we started to undertake the process of building our General Community Forums, and of course since it's theme is based around the online gaming community we are going to offer Private Clan Forum Hosting to our members. But, building a forum is, well.... A pile of work, and I have been looking at YAF for several weeks now and I really want to use it on our site.

So the big question is, with the information provided in this post will I be able to add YAF to our current site successfully. And with code behind take the currrent means of membership registration (ASP.Net 2.0 drag and drop control) and duplicate that users infomation into the YAF membership provider.

The idea is once registered with our site, the user is granted the ability to make full use of the Community forums, but thier security also travels with them as a registered visitor status to all other forums hosted on our site.

If this can be done successfully then users could post on the community forums, still make use of the User.Identity.Name for all of the other site tools, and everything would be just peachy.

The next bit of code to tackle would be the auto creation of additional YAF forums via registered users who want to have their clan forums hosted on our site.

It would be real nice to show the gaming community that there are options out there other then PhPbb :cheesy:
So I started work on this, and everything seems to be progressing ok, but I have a slight problem.

I set up YAF as an integration into my site in a sub folder. So I am not working with 2 web.config files, only one.

I set up the machinekey properly, inserted the code (thank you zeee) confirmed it is working and capturing the login name and password, however once I navigate to the default.aspx page in my Forums folder it does not bring my login credentials with me. It shows welcome guest and wants me to login again.

Any suggestions or recommendations?
Rivelyn, here is my quick but incomplete answer to your question. I am just learning about machineKey. But I suspected the problem you ran into if one copies Jaben's machineKey straight. Jaben, correct me if I am wrong.

On the link on my last post, the article says:
IsolateApps means that a different key will be generated for every application. We can’t have that. In order for the cookie to be encrypted and decrypted with the same key in all applications either remove the IsolateApps option or better yet, add the same concrete key to the web.config of all applications using SSO:
<machineKey validationKey="F9D1A2D3E1D3E2F7B3D9F90FF3965ABDAC304902" decryptionKey="F9D1A2D3E1D3E2F7B3D9F90FF3965ABDAC304902F8D923AC" validation="SHA1" />

I need to do a little research on the above manually generated key values. I believe the machineKey should be added to web.config in YAF and the other application which does the login.

Rivelyn, which version of YAF do you use?
Hey neubee,

I am using a concrete key, and only one web.cofig for the entire site.  from the wiki.

I am using the latest release available just downloaded it from sourceForge yesterday, I think it's, yea that sounds correct.
Good inform from the wiki. Keep me posted when you find a solution. Thanks!
I think ultimately my fix will be the version 1.9.3 on the horizon. I would like to download it and compile it myself from SVN, but I am not sure from all of the files located there what I need to download.
Hey Eveyone,

So Mek has been very helpfull with his tips about 1.9.3 but I do not want to eat up resouces and take away from the development of 1.9.3 so I am re-thinking my website integration.

Since my site has not gone public yet and is still sitting on my development server I am thinking that it might be easier and more effecient to change from integrating YAF into my site to integrating my site into YAF so to speak.

All of our user tools push and pull info to the database using the T-SQL filter by "User.Identity.Name"
I am unsertain if I can still use this line code once I have set up the YAF Membership, Roles and Profiles to be my site default security provider, I think that line of code is specific to the ASP.Net default security provider.

Can someone confirm this, and if this is the case is there code that does the same to pull the logged in UserName from the YAF security provider, on pages that are not part of the YAF forums but still part of the same web applicaiton.
Is there code in the yaf classes to programatically extract the current loged in users RankName on pages outside of the yaf forums.

ASP.Net roles can be extracted using this type of code.

If User.IsInRole("Admin") = True Then
blah blah blah
End If

Is there an equivilent to this line of code in Yaf classes?
Rivelyn, I am not sure if I understood your question right. In ForumPage.cs, there are these functions:
- IsAdmin()
- IsModerator()
- etc.

Also, after your user logs in, do you set a cookie? This is how I did it. I set userID in the cookie. Then in my YAF page, I check with the cookie. πŸ™‚

About Us

The YAF.NET is an open source .NET forum project. YAF.NET is supported by an team of international developers who are build community by building community software.

Powered by Resharper Donate with PayPal button

Project Twitter Updates

Copyright © YetAnotherForum.NET & Ingo Herbote. All rights reserved