search

nguyentientoan / socialauth-net

Automatically exported from code.google.com/p/socialauth-net
0 stars 0 forks source link

Importing Contacts set the user automatically authenticated in our website #157

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Create an web application with two pages. one for everyone (Page1), one for 
authenticated users (Page2)
2. Try to access Page2. You won't be able
3. Import Contacts from any provider
4. Try to access Page2. You will be able.

What is the expected output? What do you see instead?
I would expect this API not to mess around with my Authentication process. I 
set it up following your instructions but it's not working

What version of the product are you using? On what operating system?
Latest from Nuget as of January 2013. ASP.NET MVC 3

Please provide any additional information below.

You should not modify anything in the IPrincipal or HttpContext if i desire to 
use your API exclusively to import an individual's contacts.

This is a HUGE BUG you should've fixed (i notified it almost a year ago) and 
it's still around.

Original issue reported on code.google.com by ppcu...@gmail.com on 14 Jan 2013 at 7:07

GoogleCodeExporter commented 8 years ago 
SocialAuth.NET was originally designed to provide a full-fledged primary 
authentication system. It is more of a preferred design than a bug from our 
design goals. However, what you have come up with is another use-case scenario 
and we appreciate that you highlighted it.

We're analyzing a solution to introduce a new boolean config  value, which if 
explicitly set, skips any to modification to UserIdentity. This would likely 
resolve your issue. Wel'll update you very soon on this.

thanks
Deepak

Original comment by deepak.a...@3pillarglobal.com on 15 Jan 2013 at 9:07

GoogleCodeExporter commented 8 years ago 
I have to give you all the credit for outstanding follow up on issues. I can 
see your point and you are right. I should take back HUGE BUG. 

I personally think adding that feature will expand your market enormously. 

Thanks

Original comment by ppcu...@gmail.com on 15 Jan 2013 at 10:03

GoogleCodeExporter commented 8 years ago 
This is fixed in 2.3.1
Set AllowModificationToUserIdentity="false" in authentication section of 
SocialAuth and  it will not modify UserIdentity in any way.

Deepak

Original comment by deepak.a...@3pillarglobal.com on 29 Jan 2013 at 1:28