•  uticket
  • 57.8% (Neutral)
  • YAF Forumling Topic Starter
Thanks for your message and code on the integration.
After following your instruction, my users could log into forum database in my ASP.NET application.

However, the users still have to log in agian when visiting forum. Same thing happens to darchele( http://forum.yetanotherf....aspx?g=posts&t=3572 )

So would you please give us more details on the integration. I do not understand what are the "two user tables".

Anyway, how can the forum knows and remembers this user has logged in? I guess the SessionID and UserID in Yat_Active table are very important.

Thanks a lot!
i am not sure what your specific error is but this article might help you to understand what going on.
hope it helps.
uticket wrote:

I do not understand what are the "two user tables".

YAF has it's own user table. If your using ASPNETDB to handle login, that DB holds the user tables and other to hold user details and other data. Merging YAF means you need to get the same data into two tables and make sure they stay syncronised. Especially usernames and passwords!!

Zeee has created an extremely good integration proceedure located HERE .

My approach is a tad different. Since I know my own apps far better than YAF, I merge my apps into YAF (instead of YAF into my apps). YAF has a very good structure overall, good place to build a site that requires a forum! :)


.....the man in black fled across the desert..........and the gunslinger followed.....
The article referenced http://blogs.neudesic.com/blogs/michael_morozov/archive/2006/03/17/72.aspx 

solved the problem I was having between a 1.1 and 2.0 application. The decyrption methods are different and the article explains the 2.0 backward compatibility setting that needs to be turned on.

I had the same problems, I found a solution.

The reason the user must login twice is because the authentication tickets for your asp.net app and the forum are different and do not match.

ASP.net sets the authentication with a username of xxxxx while forum is expecting the forms authentication username to be in the form uid;board;xxxxx.

classes/IFormUser.cs checks the form authentication and sets isauthenticated:

string userName = HttpContext.Current.User.Identity.Name;

string[] parts = userName.Split(';');
if (parts.Length == 3)
m_userID = int.Parse(parts[0]);
m_boardID = int.Parse(parts[1]);
m_userName = parts[2];
m_isAuthenticated = true;

I have the forum sitting in a subfolder of my existing asp.net application. The main reason for doing this was so I could use the same master page for the forum as I use for the rest of my site.

my aspnet login creates the forum account if it doesn't exist and handles any password changes.
On the LoggingIn event of my login control I set a session variable to hold login Info:

Dim userID As String = Login1.UserName
Dim pass As String = lOGIN1.Password

Dim sPassword As String = FormsAuthentication.HashPasswordForStoringInConfigFile(pass, "md5")
Dim yuserID As Object = yaf.DB.user_login(1, userID, sPassword)

If yuserID Is DBNull.Value Then

Dim yadmPage As new yaf.AdminPage
yuserID = yaf.DB.user_register(yadmPage, 1, userID, pass, email, "", "", "-300", False, name)

Dim idName As String = String.Format("{0};{1};{2}", yuserID, 1, userID)
Session("forumUser") = idName
Dim idName As String = String.Format("{0};{1};{2}", yuserID, 1, userID)

Session("forumUser") = idName
End If

In the FormsUser method of IForumUser.cs I pull out this session variable

public FormsUser()

string userName = HttpContext.Current.User.Identity.Name;

System.Security.Principal.IIdentity ident = HttpContext.Current.User.Identity;

string userData = (string)HttpContext.Current.Session["forumUser"];

if (HttpContext.Current.User.Identity.IsAuthenticated)
if (userData != "")
string[] parts = userData.Split(';');
if (parts.Length == 3)
m_userID = int.Parse(parts[0]);
m_boardID = int.Parse(parts[1]);
m_userName = userName;
m_isAuthenticated = true;
string[] parts = userName.Split(';');
if (parts.Length == 3)
m_userID = int.Parse(parts[0]);
m_boardID = int.Parse(parts[1]);
m_userName = parts[2];
m_isAuthenticated = true;

m_userName = "";
m_userID = 0;
m_boardID = 0;
m_isAuthenticated = false;

In Login.ascx.cs i modified the ForumLogin_Click to be like:

protected void ForumLogin_Click( object sender, System.EventArgs e )
string sPassword = FormsAuthentication.HashPasswordForStoringInConfigFile( Password.Text, "md5" );
object userID = DB.user_login( PageBoardID, UserName.Text, sPassword );

if ( userID != DBNull.Value )
string idName = string.Format( "{0};{1};{2}", userID, PageBoardID, UserName.Text );

if ( Request.QueryString ["ReturnUrl"] != null )
FormsAuthentication.RedirectFromLoginPage(UserName.Text, AutoLogin.Checked);
FormsAuthentication.SetAuthCookie(UserName.Text, AutoLogin.Checked);
Forum.Redirect( Pages.forum );
AddLoadMessage( GetText( "password_error" ) );
I'm struggling with SSO as well, and I'm hoping someone can help.

I have a .Net 1.1 application of my own. When a user is registered there, I insert them into yaf_user. When they login on my app, I create an auth cookie and leave it there for YAF to pick up later. To keep integration as seemless as possible, I'm using a Global.asax event that I added to YAF. When the user clicks over to the forum, I want it to automatically pick up that cookie and log them in.

protected void Application_BeginRequest(object sender, EventArgs e)

string cookieName = "vtac";
HttpCookie MyCookie = Context.Request.Cookies[cookieName];

if (MyCookie != null)
FormsAuthenticationTicket AuthTicket;
AuthTicket = FormsAuthentication.Decrypt(MyCookie.Value);
FormsIdentity FormsID = new FormsIdentity(AuthTicket);
string idName = string.Format("{0};{1};{2}", FormsID.Name, 1, AuthTicket.UserData);


FYI, FormsID.Name is the numeric ID and AuthTicket.UserData is their text-based name. So the idName might be something like: 17;1;TestDummy7

Unfortunately, whenever this code fires, I get the following error: User 'TestDummy7' isn't registered.

I've checked yaf_user and the guy is indeed on that table. I can even login as him directly through YAF, so I know the ID is setup right. I've also verified all of my decryption stuff is right, and confirmed that YAF is getting good data back out of the incoming cookie.

What am I doing wrong?

Thanks in advance for any help! Getting a good .Net forum setup with SSO has been a long and frustrating process.
Never mind! I got it working! I now have a single sign-on running, using my own .Net 1.1 site as the login/registration source.
I've been trying to merge YAF into another application and have been have trouble getting Single sign on to work for both my main app and YAF. I cam across this post relating to getting this to work with the issues regarding the '2;1;Username' ID that Yaf looks for but I couldn’t quite get it to work.

Initially my YAF forum was running as a sub application to my main application.. But now I’ve effectively merged the 2 into one.. I still have a separate folder for the forum but its no longer a separate app in IIS ( I did this as t looked to me like that is what needed to be done from this post!!)

I then tried to follow the suggestions =here but got confused

My site is geared up to login from my main applications login which uses the standard asp.net login control. So the ForumLogin_Click event never gets called as the login is always from my main app.

Basically I am able top get a user to authenticate either on my main app or on my YAF forum but neither at the same time!

I tried adding the amendments to the ForumLogin_Click event, recommended here, into the LoggingIn event of my main app login process and the main app authenticates ok but YAF is still set to 'Guest'.

Does any of the above make any sense and if so I would be eternally grateful!!

It is imperative that you make sure the <forms> tags in both web.config files are the same if you installed into a sub directory / virtual app.
Many thanks to dsmaage for all his hard work in posting, however I am more than a little embarassed :cry: to say that I am not able to find any file named IForumUser.cs, or any method named FormsUser in any class in the project. I used Visual Studio search on the project, solution, all to no avail. What am I missing, anyone?
I believe they are talking about an older version of YAF. The posts are from 2007. The current version is 1.9.3 released just this year.
KASL Technologies  - Specializing in Custom Web Application Development
JoeOuts wrote:

I believe they are talking about an older version of YAF. The posts are from 2007. The current version is 1.9.3 released just this year.

I thought that also but there is this WIKI post: see here  that is from Sunday and references the same pieces.
It doesn't specify the version. I checked my latest version cade and did not find that code either. So I can only assume that wiki is also talking about an older version.
KASL Technologies  - Specializing in Custom Web Application Development
  •  Mek
  • 100% (Exalted)
  • YAF Developer
Those instructions are for 1.918 or below. 1.93 Users Membership, so you just use the same membership settings on both apps.


"It's a case of RTFM.. the only problem being we don't have a manual!"

When I post FP:Mek in a topic, I'm leaving my footprint there so I can track it once I get into coding/supporting. (Yes I stole this off Ederon 🙂 )
Hi every body ,

I a new to yet another forum would you guys give me some help . i am trying to integrate my application with the forum but i got error when i used the following code

" System.Web.UI.WebControls.Login loginControl = (System.Web.UI.WebControls.Login)sender;

String password = FormsAuthentication.HashPasswordForStoringInConfigFile(loginControl.Password, "SHA1");

Object userID = new Object();

userID = YAF.Classes.Data.DB.user_login(1,loginControl.UserName , loginControl.Password);

if (userID == DBNull.Value)


YAF.Classes.Base.AdminPage adminPage = new YAF.Classes.Base.AdminPage();

userID = YAF.Classes.Data.DB.user_register(adminPage, 1, loginControl.UserName,

password, Membership.GetUser(loginControl.UserName).Email, "", "", "-300", false);


string idName = string.Format("{0};{1};{2}", userID, 1, txtUserName.Text);

FormsAuthentication.SetAuthCookie(idName, loginControl.RememberMeSet);


the error happen in this line : userID = YAF.Classes.Data.DB.user_login(1,loginControl.UserName , loginControl.Password);

The Error Is Like this :

"" System.NullReferenceException was unhandled by user code

Message="Object reference not set to an instance of an object."



at YAF.Classes.Config.get_ConnectionString()

at YAF.Classes.Data.YafDBConnManager.InitConnection()

at YAF.Classes.Data.YafDBConnManager..ctor()

at YAF.Classes.Data.DBAccess.ExecuteScalar(SqlCommand cmd, Boolean transaction)

at YAF.Classes.Data.DBAccess.ExecuteScalar(SqlCommand cmd)

at YAF.Classes.Data.DB.user_login(Object boardID, Object name, Object password)

at MemberLoginModuleControl.login1_LoggedIn(Object sender, EventArgs e) in c:\fi\mahmoud\Projects\TestIntegration\UAETTP\CMS\UAETTP\Website\Modules\MemberLogin\MemberLogin.ascx.cs:line 144

at System.Web.UI.WebControls.Login.OnLoggedIn(EventArgs e)

at System.Web.UI.WebControls.Login.AttemptLogin()

at System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e)

at System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args)

at System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e)

at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)

at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)

at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)

at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)

at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)



please help me guys i need ur help as soon as possible

thank you in advance
File Attachment(s):
MyApplicationweb.config (14kb) downloaded 41 time(s).
Forumweb.config (11kb) downloaded 38 time(s).
MemberLogin.ascx.cs (8kb) downloaded 48 time(s).

About Us

The YAF.NET is an open source .NET forum project. YAF.NET is supported by an team of international developers who are build community by building community software.

Powered by Resharper Donate with PayPal button

Project Twitter Updates

Copyright © YetAnotherForum.NET & Ingo Herbote. All rights reserved