Back To: DotNetNuke : A Single Sign on Solution (C#)

using System;
using System.Web;
using System.Collections;
using System.Web.Services;
using System.Web.Services.Protocols;
using System.Data.SqlClient;
using System.Web.Configuration;
using System.Configuration;
using System.Data;
 
 
/// <summary>
/// SingleSignOn Webservice
/// </summary>
[WebService(Namespace = "http://DotNetNuke.com/SingleSignOn/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class WebService : System.Web.Services.WebService {
 
    public WebService () {
 
    }
 
    [WebMethod]
    public bool SetAuthendication(string tmpMasterPassword, String username, string password) 
    {
        bool isSuccess = false;
        string MasterPassword;
        string strSQL = "";
        MasterPassword = WebConfigurationManager.AppSettings["MasterPassword"];
 
        if (tmpMasterPassword == MasterPassword)
        {
            bool boolUserExists = UserExists(username);
 
            if (boolUserExists)
            {
                strSQL = "Update SingleSignOnUsers set password = @password where username = @username";
            }
            else
            {
                strSQL = "Insert into SingleSignOnUsers ([username],[password]) values (@username, @password) ";
            }
 
            SqlCommand cmd = new SqlCommand(strSQL, new SqlConnection(GetConnectionString()));
            cmd.CommandType = CommandType.Text;
 
            cmd.Parameters.Add(new SqlParameter("@password", password));
            cmd.Parameters.Add(new SqlParameter("@username", username));
 
            cmd.Connection.Open();
            cmd.ExecuteNonQuery();
            cmd.Connection.Close();
            
            isSuccess = true;
        }
 
        return isSuccess;
    }
 
    private bool UserExists(string username)
    {
        bool boolUserExists = false;
 
            string strSQL = "Select * from SingleSignOnUsers where [username] = @username";
 
            SqlCommand cmd = new SqlCommand(strSQL, new SqlConnection(GetConnectionString()));
            cmd.CommandType = CommandType.Text;
            cmd.Parameters.Add(new SqlParameter("@username", username));
            cmd.Connection.Open();
 
            SqlDataReader dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
            while (dr.Read())
            {
                boolUserExists = true;
            }
 
            dr.Close();
                    
        return boolUserExists;
    }
 
    private static string GetConnectionString()
    {
        return ConfigurationManager.ConnectionStrings["SingleSignOnDB"].ConnectionString;
    }
 
    
}