SSO ASP Method

Sample code demonstrating how to use omNovia's Single Sign On with ASP
omNovia Technologies Inc.
Latest modifications: November 11, 2008

Single Sign On (SSO) is an API that allows you to send your members, once authenticated, from your site, to the omNovia Secure Conference login page. By passing their identification and other security parameters, they do not need to enter yet another password to access your Secure Conference room.

<%@ Page Language="C#" %>

<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Collections" %>
<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Web" %>
<%@ Import Namespace="System.Web.Security" %>
<%@ Import Namespace="System.Web.UI" %>

Include the script tag tp 'runat' server Note: Remove the ' from the tag after copying the code

<script runat="server">

NOTE: * * $companyUsername is a unique identifier needed by omNovia. * In most cases, this is the email address of the user. * You must replace the @ sign with _ (underscore) * * PLEASE ENSURE YOUR SERVER TIME IS GMT ******* THIS IS CRITICAL!

private static readonly MD5 Md5 = MD5.Create();
public static string GetMd5Sum(string inputString)
  {
   byte[] input = Encoding.UTF8.GetBytes(inputString);
   byte[] result = Md5.ComputeHash(input);
   return Convert.ToBase64String(result);
  }

This is the PHP equivilent function

public string GetPHPMd5Sum(string inputString)
  {
    MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
    UTF8Encoding encoder = new UTF8Encoding();
    Byte[] result;

    result = encoder.GetBytes(inputString);
    result = md5.ComputeHash(result);

    string _output = string.Empty;
    foreach (byte b in result)
  {
    _output += String.Format("{0:x2}", b);
  }

    return _output;  
  } 

    protected void Page_Load(object sender, EventArgs e)
  {

IMPORTANT This determines how the hash is verified

string _version = "1.3";

string _companyID = "0";        // supplied by omNovia Support
string _companyPass = "password";    // supplied by omNovia Support
string _roomID = "0";              // supplied by omNovia Support

Construct Company Username
You must do one of the following and comment the other one!
Example 1 : with Email address
PHP

$companyUsername =    str_replace("@", "_", "joe@smith.com");
string _companyUsername = GetLogin(HttpContext.Current.Request.ServerVariables["LOGON_USER"]);
string _firstName = _companyUsername;
string _lastName = "test";

Build email

_companyUsername += "_company.com";

Example 2: with username
PHP

$companyUsername = "joemartin";  // must come from your database. No spaces or special characters.

This is a unique identifier of the person in your database It does not have to be an email address but can be. It could be the username they use to log in to your site You have to replace the @ sign with _

Construct Time Stamp in GMT with 10 min Expiration
This is a very important parameter! If it is too large, they may bookmark the login page and access the
room without going through your site
If it is too little, they might not have enough time to access the room. We suggest you between 5 and 30 minutes
Please also note that your server time (even in GMT) might differ from the omNovia time by a few minutes.

int _link_duration = 30;

duration in number of minutes between the time they leave your site and the time they can actually access the room

TimeSpan _ts = (DateTime.UtcNow.AddMinutes(_link_duration) - new DateTime(1970, 1, 1, 0, 0, 0));
double _unixTime = _ts.TotalSeconds;

Whether the user is an attendee or presenter / moderator

int _isPresenter = 0;   // 0 for attendees.  1 for presenter or moderator

/*** Whether you want the user to first go to an omNovia login page or directly access the room ***/

int _directAccess = 0;

// If $directAccess is 0 it first takes the users to an omNovia login page which would test their Flash install and provide other info // THIS IS RECOMMENDED

If $directAccess is 1, they would access the room directly . Not Recommended.

 int _openInSeparateWindow = 0;  // ONLY if you set $directAccess = 1;

you might want to open the room in a separate window. The advantage is // the room will have a bigger interface as you can remove the navigation buttons and other menus on top of // a newly opened browser. You cannot do so on an already open browser.

string _inquiry = (_directAccess == 1 ? "&inquiry=login" : string.Empty);

/*** Create a md5 hash - IT MUST BE IN THIS ORDER***/

string _md5 = GetPHPMd5Sum(_companyID + _companyPass + _roomID + _firstName + _lastName +
_isPresenter + _version + _companyUsername + _unixTime.ToString());

/*** Construct the link ***/

string _base_omnovia_link = (@"https://www.omnovia.com/pages/sc2/roomlogin?");

string _room_link = "companyID=" + _companyID + "&isPresenter=" + _isPresenter +
 "&loginType=2&roomID=" + _roomID + _inquiry + "&firstName=" + Server.UrlEncode(_firstName) +
 "&lastName=" + Server.UrlEncode(_lastName) + "&companyUsername=" + _companyUsername +
 "&_ts=" + _unixTime + "&_t=" + _md5 + "&_v=" + _version;

/*** Construct the full link ***/

_room_link = _base_omnovia_link + _room_link;
 string _linkTest = "Launch";
        
if (_openInSeparateWindow == 1)
  {
    lnkSiteLink.HRef = _room_link;
    lnkSiteLink.Target = "_blank";
    lnkSiteLink.Title = _linkTest;
    lnkSiteLink.InnerText = _linkTest;
  }
else
  {
    lnkSiteLink.HRef = _room_link;
    lnkSiteLink.Title = _linkTest;
    lnkSiteLink.InnerText = _linkTest;
  }    
 }

No opportunity of NullReferenceExcpetion and conforms MS coding guidelines about treating empty and null string equally

public  string GetDomain(string s)
   {
        int idx = s.IndexOf("\\");
        return (idx > -1) ? s.Substring(0, idx + 1) : null;
   }

    public  string GetLogin(string s)
   {
        int idx = s.IndexOf("\\");
        return (idx > -1) ? s.Substring(idx + 1, s.Length - idx - 1) : null;
   }

Close the script with the </script> tag and then add the HTML

</script>
<html xmlns="http://www.w3.org/1999/xhtml">

<head runat="server">

</head>

<body>

  <form id="form1" runat="server">

  <div style="text-align:center"><br /><p><span style="font-size:14pt;">
  Welcome to the Investor Presentation launch page.
  </span>
  <br />
  <br />

  Please click on the link below to view the presentation.</p>

  <br />

  <p>

  <a id="lnkSiteLink" runat="server" style="height:26px;width:80px;background:#f0f0f0;
         color: navy; border: 1px outset navy;margin:4px;padding: 6px 5px 0px 5px;
         text-decoration: none;display: block;"></a>

  <br />

  </p>

  </div>
  </form>

</body>

</html>

THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESSED OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

@category Web Services
@copyright omNovia Technologies
@version 1.3

Back to List

View Original Layout