How does MemNet integrate with DNN?

The integration between MemNet and DNN happens in 3 parts:

1. MemNet Authentication Provider

Once installed, this is configured and enabled under admin / Extensions with your MemNet URL, these settings should NOT be changed. This replaces the default DNN Authentication provider that DNN uses out of the box when someone logs in. What this means is that the authentication against MemNet happens from the normal DNN login screen, whether it is in the pop up window or as a module on a page.

The MemNet Authentication Provider uses the existing DNN login functionality to authenticate the username and password entered - this also allows Passwords to be managed by DNN - if the username and password entered are correct, a call is made to MemNet to check if MemNet is configured to allow the person to login. 

This is based on the person/username existing in MemNet and belonging to a membership that is active (unless inactive members are allowed to login) with a member type that is allowed to login. If the call to MemNet fails or returns that the member is not allowed to login, then the user is not logged in and a message to that effect displayed to them. If the call to MemNet is successful MemNet returns the members details to DNN which populates their DNN website profile, this includes a number of roles (see below). If the user logging is in the Administrators role the call to MemNet is not made and they are logged in if the username and password are correct.

The Authentication provider adds the DNN user to a number of roles when they login. If any of the roles do not exist, it is smart enough to create them first, so it is completely self sufficient. All existing roles get removed before the following roles are added. The roles that get created for each user are:

• Registered User (Standard DNN Role)
• Subscriber (Standard DNN Role)
• MainPerson if they are the main person on the membership.
• Inactive if the members status is inactive and MemNet is configured to allow inactive members to login. This role can be used to restrict access to content.
• A role equivalent to their Member type within MemNet
• One role for each Website Role Attribute assigned to the person within MemNet.

These allow you to control access to member content by any of these roles in the usual way within DNN, that is you can allow or deny each role at a page or module level.

2. MemNet Registration module

This is used to replace the default DNN Register form and should be accessible in all the same places. This form takes the persons member number, first name, last name, postcode (Can be hidden) and the preferred username (can be hidden) and passes this to MemNet. MemNet then does the following checks, returning an error if any of them fail:

• All of the details supplied match to a person within the MemNet database.
• The member belongs to a membership that is active
• That member belongs to a membership with a member type that is allowed to login.
• That the member has an email address recorded within MemNet.

If all these tests are successful the user account is created within DNN and a set password link emailed to the user at the email address held within MemNet. New administration users need to be created via the admin / user accounts page and the new user assigned to the administrators role so they can bypass the call to MemNet on login.

3. MemNet My Membership

This is the module you see on the My Membership page. This module has a load of configuration options under settings but it's job is to allow the member to access their data within the MemNet database. This can be done by a button, or series of buttons to different database functions, as an automatic redirect or in an iframe (Preferred Option). Like any module this can be added to multiple pages (or multiple instances on the same page) each with a different configuration. If the module can not find the member in MemNet either because they are an administrator and do not exist in MemNet or it is accessible outside the login it will say that the functionality is not available. This does not mean that the process is not working, just that it can not find the desired target.

Clicking the button(s) opens modified MemNet pages in a pop up window, there is limited branding we can do to these pages which we are happy to do if required. We use an encrypted token generated from the Module to securely verify the user within MemNet. 

See also:

• How to register for a self service account.
• Understanding role based access on your DNN site.
• How to configure page permissions on your DNN site.
• How to configure module permissions on your DNN site