Development

Customer Portal – switching authentication from LiveId to Forms

I got a requirement from one of my clients to create a customer portal. It was my first experience with portals, so I decided not to build a custom website but to install and configure Customer Portal. I won’t explain how to install and configure this solution – it is well described. Once it was configured, I had a phone conference with my client. The first requirement and main challenge for me was to remove the LiveId authentication and replace it with another authentication.

I googled and found the following article that described how to solve the same issue for CRM 4.0, written by MVP fellow Dylan Haskins (Thanks a lot, I owe you a beer.). Here are the steps to replacing LiveId authentication with Forms authentication (I assume that you’ve already configured the Customer Portal):

1. Open web.config file and find the following text:

Replace it with:

2. Open Pages/login.aspx file and replace the content of the page with the following markup:

3. Open Pages/login.aspx.cs file and replace the whole code with following:

4. In the Page folder create a Logout.aspx page. Open codebehind – Logout.aspx.cs and insert the following code:

5. Open the MasterPages/Default.master and find the following markup:

Replace it with the following markup:

6. Clean and build your website.

7. For test purposes, create a contact in CRM:

8. Open the Customer Portal and try to log in:

 

25 Comments on “Customer Portal – switching authentication from LiveId to Forms

  1. Честно говоря, недолюбливаю Customer Portal с момента его появления, возможно, что сейчас его сильно переписали.

    Хочу несколько дополнить приведённое решение.

    Возможно, что вместо

    var redirectUrl = !string.IsNullOrEmpty(Request.QueryString["ReturnUrl"])
    ? Request["ReturnUrl"]
    : !string.IsNullOrEmpty(Request.QueryString["URL"])
    ? Request["URL"]
    : "/";

    можно использовать:

    string targetPath = FormsAuthentication.GetRedirectUrl(String.Empty, false);

    можно также использовать такой метод для редиректа на ReturnUrl (не понадобиться даже отдельно извлекать ReturnUrl):

    FormsAuthentication.RedirectFromLoginPage(UserName, false);

    Не очень хорошо передавать логин и пароль в открытом виде в URL'е. Это делается тут:

    string redirectURL = page.Adx_PartialUrl + "?UserName=" + Server.UrlEncode(Login1.UserName) +
    "&Password=" + Server.UrlEncode(Login1.Password);
    Response.Redirect(redirectURL);

    Тогда уж надо всё взаимодействие с сервером пускать по TLS-каналу.

    Также является плохим тоном хранение пароля в открытом виде. Как минимум его надо хэшировать (ещё лучше вместе с каким-то другим секретным значением, например, так: http://crrm.ru/articles/2010/03/secure-pass-storing-in-mscrm).

    В идеале, я бы порекомендовал написать собственный Membership-провайдер (а если требуется, то и Role-провайдер). Это не очень сложно, но позволяет использовать всю мощь провайдеров в ASP.NET (быстрое встраивание, встроенный механизм восстановления паролей).

  2. Переписать можно всё 😉 Вопрос в необходимости и в том заплатят за это или нет. Насчёт хранения пароля в открытом виде не спорю, безспорно лучше использовать хеш вместо самого пароля, но на это опять таки необходимо время и переработка кода и не мне вам объяснять то, что донести новые сроки и стоимость до бизнеса зачастую является тяжёлой, кропотливой, а зачастую и напрасной задачей.

  3. HI,
    I have followed your blog and deployed the customer portal. While giving user name and password in the login page it is again redirecting to the same page and unable to access other pages. But it successfully authenticated and I can see last logon time in the CRM contact page.

    But it is not redirecting to other pages. Please help us to get the solution in this issue.

  4. Hi, i managed now to add the missing field, but I still not able to Login.
    The webpage gives out this message:
    [NullReferenceException: Object reference not set to an instance of an object.]
    Site.Pages.Login.Login1_Authenticate(Object sender, AuthenticateEventArgs e) in D:AlleCustomerPortalWebPagesLogin.aspx.cs:65
    System.Web.UI.WebControls.Login.AttemptLogin() +159
    System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +90
    System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +51
    System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3553

    Can you help me? 🙁

  5. Hello Hendrik,

    The best way as for me is to attach with VS to your customer portal put breakpoint and get an answer why solution doesn't work.

    Kind regards,
    Andrii.

  6. Hi ,

    As per blog i'm followed all the points , now the portal is working fine . i have some doubts

    1.I need to replace contoso logo .
    2.when i'm clicking on some links it shows the messages "like You do not have sufficient permissions to view this page"
    3.i can't able to create a invition code in crm

    cheers
    Dhamodharan

  7. Hello Andrii,

    unfortunately VS displays no error or something else.
    I used the portal files from your ZIP-archive, but when trying to log in, I get the error.
    I hope you can help me – I'm pretty frustrated because I did not find the error 🙁

    Kind regards,
    Hendrik

  8. Hello Hendrik,

    VS can detect compile-time errors but not run-time. To solve your issue you will have to using VS attach to IIS process (w3wp.exe) and put breakpoint to method Login1_Authenticate. Then you should try to authenticate and breakpoint should be reached. Then you will have to go line by line with debugger to find the reason of error you are getting.

    Kind regards,
    Andrii.

  9. Hi !

    I'm trying to install my first Dynamics install but i've got a ridiculous problem : How to build the custom package to impot it into Dynamics ?

    Thanks for your help

  10. Hi !
    Thanks for your help.

    I'm a rookie in Dynamics CRM 2011 and just use the system as simple as possible, on-premise version (we use Action Pack licences).
    I try to install the Customer Portal but i need that the authentication to use the "contacts" instead of on Windows LiveID or AD.
    i import the Customer Portal solution in my Dynamics Organisation and modifiy the web files with your instructions.
    Now i try to activate this web site by use the "websitecopy" application, the copy is ok but i don't know how to access the website…

    I think i've got this problems:
    – i think the installation of the Customer Portal solution in Dynamis must be made AFTER rebuild the package with your modifications, but i don't know how
    – i don't now what i must do to deploy correctly the customer portal website
    – i really need your help 🙂

    I hope that my problems are clearly explain…

    Thanks in advance.

  11. Thanks for your help ! You've got it !

    The wesite correctly appear in Internet Explorer but now; i got a login problem :

    Server Error in '/' Application.
    ——————————————————————————–

    Value cannot be null.
    Parameter name: entity
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.ArgumentNullException: Value cannot be null.
    Parameter name: entity

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace:

    [ArgumentNullException: Value cannot be null.
    Parameter name: entity]
    Microsoft.Xrm.Sdk.Client.OrganizationServiceContext.Detach(Entity entity) +91
    Site.Pages.Login.get_LoginContact() in C:ProjectsPoltev SergeyCustomerPortalWebPagesLogin.aspx.cs:30
    Site.Pages.Login.Login1_Authenticate(Object sender, AuthenticateEventArgs e) in C:ProjectsPoltev SergeyCustomerPortalWebPagesLogin.aspx.cs:51
    System.Web.UI.WebControls.Login.AttemptLogin() +166
    System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +93
    System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +52
    System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3707

    A last idea for this last problem ? 🙂

    Thank you very much
    Regards

  12. Sorry, don't take care about my last post, i use the wrong sources for the website.
    i'm trying with the good ones…

    Best Regards

  13. It seems that you've found error in the code 😉 I'm not ideal and I already fixed that issue on the customer's portal. I will update portal and provide updated version.

    Kind regards,
    Andrii.

  14. OK… you know what ?… i've got a problem yet…hum… sorry.

    When i try to access the login page, i've got this message :

    Server Error in '/' Application.
    ——————————————————————————–

    Compilation Error
    Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.

    Compiler Error Message: CS1061: 'ASP.pages_login_aspx' does not contain a definition for 'Login1_Authenticate' and no extension method 'Login1_Authenticate' accepting a first argument of type 'ASP.pages_login_aspx' could be found (are you missing a using directive or an assembly reference?)

    Source Error:

    Line 2:
    Line 3:
    Line 4:
    Line 6:

    Source File: c:WebPagesLogin.aspx Line: 4

    Any Idea ?

    Thanks a lot
    Best Regards

Leave a Reply

Your email address will not be published. Required fields are marked *