Hi Roel,

The WHMCS addon is managing the users and hosting spaces in SolidCP this way:

• You need first to define a communication way to the SolidCP enterprise server with serveradmin or a peer user of serveradmin. With these credentials WHMCS is communication thru the module via the enterprise server API. In this way the module can perform tasks like password changing of users in SolidCP, etc.
• If a new hosting product is ordered in WHMCS, it will create automatically a new user in SolidCP with a custom username and password and assign a hosting space to this user. The custom username and password is stored in the WHMCS database.
• The clientarea.tpl, which Trevor mentioned, put the stored username and password into a POST request and create a button with these details. The user can login from WHMCS to SolidCP.

If the user change his password via the WHMCS module, it's working fine, because the change is stored in the WHMCS DB and the module is passing the new password via API to SolidCP. But there is still a possibility for the user to change the password in SolidCP. Because there is no way to read the password via API (because of security purposes), it can't be updated in WHMCS and the "One click login" gets broken in this case.

Currently there is also no possibility in SolidCP to block the changing password feature for some users, because it's hardcoded.

I havent't tested it, but I think it couldn't be possible to drop the dbo.Users table from SolidCP and create a view on it, because the table also have some defined constraints, which are not available for views (i think). Even if I'm wrong and this could work, you would also run in a problem, that SolidCP would know the users, but there won't be any hosting spaces assigned to these users, which should throw an error if the user login in SolidCP.

Right now there is unfortunately no SSO possibility in SolidCP. I would love to see OAuth 2.0 implemented anytime, but right now there is no plan on that.

In your case, I think the best solution is to create a script, which communicates via API to the SolidCP Enterprise server and creates a user and hosting space with the credentials from your database (similar way to the WHMCS module). If you worry, that a customer could change the password in SolidCP, you can create a daily cron job, which just set the password of all users back to the one from your database and inform your customers not to use the password change function in SolidCP. You can take a look at the code of the WHMCS module and if you have any questions about the API communication, feel free to ask here.

If you want to communicate with the enterprise server from other scripts or PoweShell, I would recommend to do it inside a management network or via VPN and not to expose the enterprise server to the internet because of security reasons

Best regards

Bogdan

Thanks Trevor!

So I can just generate a simple HTML forum from my ASP, PHP or any other CMS code..  Which looks like this:

<form action="{$SolidCP_url}/default.aspx?pid=Login" method="POST" target="_blank">
<input type="hidden" value="{$username}" name="user">
<input type="hidden" value="{$password}" name="password">
<input type="submit" value="{$LANG.SolidCP_clientarea_oneclicklogin}">
</form>

Where:
{$SolidCP_url} = Server Url, like: http://192.168.x.x or http://cp.mydomain.com
{$username} = Username
{$password} = Password
{$LANG.SolidCP_clientarea_oneclicklogin} = "Login" or any other text for the button

Now, I first need to query the Username and Password from the SQL database before I can generate the above HTML forum.  I do the key-linking on Username or on Customer Number.  Now, When I get the password, it is encrypted.  So I need to unencrypt it with the "Enterprise Cipher/Key".

I found the Key in: E:SolidCPEnterprise ServerbinSolidCP.SchedulerService.exe.config or E:SolidCPEnterprise ServerWeb.config
In there is a line: <add key="SolidCP.CryptoKey" value="xxxxxxxx" />
(In my case, both files had the same key)

With what algorithm is it encrypted?  (not just a ASP.NET function) but I want to know the functional algorithm or name.  So I can find a similiar PHP, VBScript or Perl function.  Or maybe even do it directly inline in SQL-Server when I Select the password from the table.

I couln't find anything about How it is done.. ?

Hi Roel,

the password encryption is made here (i think):  https://git.key4ce.com/SolidCP/v2/blob/master/SolidCP.Installer/Sources/SolidCP.Setup/Common/Utils.cs#L113

The secret key is in the web.config file, which you've already found.

If you want to do it this way, you can get only already existing customers to have a login automation, but you can't add new customers and hosting spaces to SolidCP automatically.

Best regards

Bogdan