Post data from one page to another page

Hi Naresh,

Kentico is built on ASP.NET, and the Kentico site you are referencing is build usign either the portal engine or ASPX templates meaning it's using WebForms. The error is correct, you can only have a single form in ASP.NET WebForms application. You should not really attempt to modify the form action in this way. If your data is simple, have you though about using the query string rather than a form?

In terms of what you are trying ot post to another page, it ould be helpful if you could describe the user journey that you want to create so that alternate solutions can be proposed. There are a number of waays of capturing a moving data about in Kentico and the specific scenario will help you shose which one to use.

Thanks Matt Nield

I don't want to use querystring because i'm carrying the user data to the page of current site domain alias to log the user in all domains.

Hope you understand my scenario and please guide me.

It seems like you are looking to do single sign-on.

Hi Suneel Jhangiani

I had seen that, but the API method GetUserAuthenticationUrl add user guid as querystring parameter string url = AuthenticationHelper.GetUserAuthenticationUrl(userInfo, "/default.aspx");

Like this "http://demo.com/autologin?authenticationguid=c98549d7-dbec-4367-b764-e4941ded0be8"

I think this is not safe to pass sensible information in query parameters.

The AuthenticationGuid that is being passed in the querystring is a temporary value created by the GetUserAuthenticationUrl method and is stored in the User.UserAuthenticationGUID field. This field should get cleared once the user is authenticated on redirection and hence should not pose any risk to sensitive information and a minimal risk to an attacker compromising the system due to the low lifetime of the temporary value.

Hi, inline with Suneel: the authentication GUID gets reset once used, thus reducing the risk o it being used maliciously. So you should beable to use that just fine.

Thankyou for giving clarity on this, and one small doubt i have that where this temporary GUID stored and how it is going to expire.

        Guid gid = new Guid("c98549d7-dbec-4367-b764-e4941ded0be8");
        UserInfo us = UserInfoProvider.GetUserInfoByGUID(gid);

so if i use that generated guid to get userinfo in autologin page or any other method to expire the guid.

I think this is the last query i have.

ThankYou

Hi Naresh,

You should not need to generate the GUID yourself. Kentico will do this for you using the AuthenticationHelper. You can read more about Configuring single sign-on in the Kentico docs.

The key art you're looking for is : string userName = "testuser";

// Gets the user with the specified user name
UserInfo userInfo = UserInfoProvider.GetUserInfo(userName);

// Gets the authentication URL for a specified user and target URL
string url = AuthenticationHelper.GetUserAuthenticationUrl(userInfo, "/default.aspx");

From memory, once it has been used to login, the GUID is automatically replaced with a new one, so that link will no longer work.

Sorry for not replying to this thread sooner, I missed the email notification.

The temporary ID is stored in the UserAuthenticationGUID field of the CMS_User table and can be accessed via the UserAuthenticationGUID property of the User object using the API.

I also believe that once it is entered it remains there until the user authenticates using it in at which time it is removed and the field will either be null or an empty guid.

This should satisfy your requirement, since it would be generated in code and then the user is immediately transferred to a page which will authenticate it and remove it, so the entry should only exist for a small fraction of time.