ASP.NET to WordPress SSO with HttpWebRequest

I am attempting to create a single sign on experience between an asp.net site and a wordpress site using a simple form POST method. I have built a simple php page that uses the native wordpress functions wp_insert_user and wp_signon to create user account in the mysql db and sign them in. In my asp.net ‘create new user’ page code behind, I’m using the post method of an HttpWebRequest to send the required information to the php page.

It almost works! The new wordpress user is created in the mysql database, but they are not logged in. How can I get wordpress to log them in?

Read More

UPDATE 11/29/11. I’ve added the code I used to get this working. See below

Here is my HttpWebRequest

        Public Sub LoginToWordpress()
        'This enables single sign on between our asp.net site and wordpress.
        Try
            'get the values
            Dim uid As String = TxtLogin.Text
            Dim pwd As String = TxtPassword.Text

            'format and encode the input data
            Dim encoding As New ASCIIEncoding()
            Dim postData As String = ("&UserName=" & uid)
            postData += ("&Pwd=" & pwd)
            Dim data As Byte() = encoding.GetBytes(postData)
            Dim cc As New CookieContainer()

            'Prepare web request...
            Dim myRequest As HttpWebRequest = WebRequest.Create("http://www.mywebsite.com/speciallogin.php")
            myRequest.Method = WebRequestMethods.Http.Get
            myRequest.Method = "POST"
            myRequest.ContentType = "application/x-www-form-urlencoded"
            myRequest.ContentLength = data.Length
            myRequest.CookieContainer = cc
            Dim newStream As Stream = myRequest.GetRequestStream()

            'submit the php form for BuddyPress signup
            newStream.Write(data, 0, data.Length)
            newStream.Close()

            'Get the response
            Dim myResponse As HttpWebResponse = myRequest.GetResponse()
            Dim reader As New StreamReader(myResponse.GetResponseStream())

            'Look for cookies in the response
            If Not myResponse.Cookies.Count = 0 Then
                For Each c As Cookie In myResponse.Cookies

                    'Write the wordpress cookie to the browser
                    Dim cookiename As String = c.Name
                    Dim cCookie As New HttpCookie(cookiename)
                    cCookie.Value = c.Value
                    cCookie.Expires = c.Expires
                    cCookie.Domain = ".mywebsite.com"
                    cCookie.Path = "/"
                    Response.Cookies.Add(cCookie)
                Next
            End If
            myResponse.Close()

        Catch ex As Exception
            Response.Write(ex)
        End Try
    End Sub

Here is the php page (speciallogin.php)

    <?PHP
    include 'wp-load.php';

    require_once( ABSPATH . WPINC . '/user.php' );
    require_once( ABSPATH . WPINC . '/pluggable.php' );

    //get the variables from the post of another page
    $u_username = $_POST['UserName'];
    $u_password = $_POST['Pwd'];

    //build the array
    $creds = array();
    $creds['user_login'] = $u_username;
    $creds['user_password'] = $u_password;
    $creds['remember'] = true;

    //log the user in
    $user = wp_signon( $creds, false );
    if ( is_wp_error($user) )
       echo $user->get_error_message();

     //see what happened
       if ( is_user_logged_in() ) {
            echo'log in failed'.'<br>';
       } else {
            echo'login success!"<br>';
       }

       wp_get_cookie_login() ;

       print_r($_COOKIE);

    ?>

Related posts

Leave a Reply

1 comment

  1. From what I can see, your server side code is submitting the request to wp-load.php which is creating and logging the user in (in the session of the server side web request).

    I beleive that wordpress will send back a cookie on each page, so you would have to extract the cookies from the WebResponse, and send those cookies back from your asp.net page, along with a

    Response.Redirect("http://localhost:1350/wp/");

    I am unable to test this as I don’t have a WP install at the moment, and I don’t use VB.net but i guess it would go something like:

    Dim cookies As New CookieContainer()
    Dim myRequest As HttpWebRequest = WebRequest.Create("http://localhost:1350/wpComm/createWPaccount.php") 
    myRequest.Method = "POST" 
    myRequest.ContentType = "application/x-www-form-urlencoded" 
    myRequest.ContentLength = data.Length 
    myRequest.CookieContainer = cookies;    
    Dim newStream As Stream = myRequest.GetRequestStream() 
    
    newStream.Write(data, 0, data.Length) 
    newStream.Close() 
    
    For Each c As Cookie In cookies 
      Response.Cookies.Add(c)
    Next 
    
    Response.Redirect("http://localhost:1350/wp/")