I'm trying to login a user to a dnn site from another application.

Basically, they go to my custom built site, login with credentials, and I check in DNN first that they can login to the DNN site, then I log them in.

I've already handled ensuring the users exist in both my site and DNN.

Here's the issue. I've created the web service to log them in and if you browse to it, it logs them in just fine. However, I'm just trying to call this from my application, log them in, and then should they happen to click on a link to the dnn site, they'd already be logged in. Like I said, browsing to the web service url does log the user in, but calling it from my other application does not. I'm assuming it's because browsing to it set's a cookie that just calling the service does not. Any ideas on how I can log the user in manually without them ever having to travel to the DNN site to log in? Here's my login code as of right now


//create the status object
DotNetNuke.Security.Membership.UserLoginStatus status = new DotNetNuke.Security.Membership.UserLoginStatus();

//set it to fail
status = UserLoginStatus.LOGIN_FAILURE;

//see if they are a valid user
var obj = UserController.ValidateUser(0, username, password, "DNN", PortalSettings.PortalName, hostIp, ref status);

if (status == UserLoginStatus.LOGIN_SUCCESS || status == UserLoginStatus.LOGIN_SUPERUSER)
{
//if they are, log them in and return true
UserController.UserLogin(0, obj, PortalSettings.PortalName, hostIp, false);

DotNetNuke.Services.Authentication.UserAuthenticatedEventArgs eventArgs = new DotNetNuke.Services.Authentication.UserAuthenticatedEventArgs(obj, username, status, "DNN");
eventArgs.Authenticated = true;
System.Web.Security.FormsAuthentication.SetAuthCookie(username, true);
return "true";
}
else
{
return "false";
}

Is the user actually logged in? IF it is logging them in but not setting the cookie, perhaps you have missed something in the login process.

Here's what I've tested. I created a dnn webservice. I go to the dnn site myDnnSite.com and I'm not logged in. In the same window, I go to myDnnSite.com/webservice/LogInUser?username=someUser&password=somepass

That web service just outputs true or false is the user is valid and it can log them it. I get a white page with true

Now, in that same window I go back to myDnnSite.com and I'm logged in as someUser

Now, I'm on another application, let's say custom.myDnnSite.com

From custom.myDnnSite.com I create a web request to myDnnSite.com/webservice/LogInUser?username=someUser&password=somepass in a manner like this

var url = "http://myDnnSite.com/webservice/LogInUser?username=someUser&password=somepass";

HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
HttpWebResponse response = (HttpWebResponse)req.GetResponse();
Stream stream = response.GetResponseStream();
StreamReader sr = new StreamReader(stream);
msg = (sr.ReadToEnd());

The message I get back is true, but if I go to myDnnSite.com I'm not logged in. I get it's because in the first scenario, I'm actually browsing to the dnn site, and the second one, I'm just making a call. However, I'm trying to figure out a way to set all the cookies I'd need to, to log them in from another application. I really don't want to have to redirect a user to that page, even if it sends them back to my site, because I don't want them seeing the url that get's passed.