1-888-365-2779
+1-888-365-2779
Try Now
More in this section

Forums / Developing with Sitefinity / Store personal information

Store personal information

7 posts, 0 answered
  1. Daniel Plomp
    Daniel Plomp avatar
    952 posts
    Registered:
    18 Feb 2004
    28 Aug 2007
    Link to this post
    Hello telerik,

    I've a question about if it is possible to store extra information about users? I want users to login inside my webpage and allow them to add/update some personal information.

    They don't have to have access to the Sitefinity Admin, just storing some information.

    Is this possible in an easy way?

    Thanks,
    Daniel
  2. Yasen
    Yasen avatar
    121 posts
    Registered:
    18 May 2013
    29 Aug 2007
    Link to this post
    Hello Daniel,

    Sure it is quite possible to store extra information for users. In fact, it can be achieved easily using the extensible profile feature of ASP.NET 2.0. Sitefinity is taking advantage of this model so you can extend the default user information (first name, last name) following the steps described in the User Manual.

    A little more complicated is to separate your public users from administrators as you have to add some login controls to allow public users to authenticate. Actually, for your convenience in Sitefinity 3.1 such login controls will be added to the toolbox and the steps for adding extra fields for the user profile will be quite reduced.

    However, it still remains your responsibility to decide how to present this profile information to the public users and how to allow them modify it (probably single user control will be enough).

    If this is not the answer you expected, please feel free to contact us again.

    Best wishes,

    Yasen
    the Telerik team


    Instantly find answers to your questions at the new Telerik Support Center
  3. bnye
    bnye avatar
    332 posts
    Registered:
    22 Sep 2005
    07 Sep 2007
    Link to this post
    I realize that there are some big changes coming with regard to membership, so this is more of an informational on what the new "public user" controls will entail.

    We are working on a secure area of a project and would like to keep everything not directly related to Sitefinity isolated from the Sitefinity database, but displayed in Sitefinity pages.

    1. If we want to use a custom membership provider to work along side of the existing membership provider, but not replace the Sitefinity membership, is there a way to secure individual pages or groups of pages by tying our custom membership into the Sitefinity security. We can't very well add web.configs to dynamic folders.

    2. While not ideal, it would not be the end of the world to use the Sitefinity membership to secure these pages. However, even after creating a user with no privileges, that user can still login to the Sitefinity back end, even though they cannot edit anything. Will this be replaced.

    Can you provide more detail as to how the next release will address this issue? If it's not really addressed can you provide some insight into how to secure Sitefinity pages in our custom module?

    Sincerely,

    Ben
  4. Yasen
    Yasen avatar
    121 posts
    Registered:
    18 May 2013
    10 Sep 2007
    Link to this post
    Hello bnye,

    The following information will be true for version 3.1 of Sitefinity:

    1. There aren't any problems to use two membership providers with a single role provider. This way you have two groups of users that share same roles, if you give a role the rights to view a page users in this role will be able to view it whatever membership provider they come from. To do that, you'll have to deny anonymous access to the page and allow "view" permission for the role.

    2. If you use the Sitefinity membership provider, users will be able to log in to the admin part using only the Sitefinity login form (which uses the Sitefinity membership provider) , so users that logged in using other login controls won't be able to enter the admin part. If you don't want users to login to the admin part, maybe a better choice would be to use different membership providers.

    Also, a deeper look at these security issues will be provided in the developer's manual.

    About the permissions for your modules you can check this forum thread.

    Hope this helps.

    Greetings,
    Yasen
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  5. bnye
    bnye avatar
    332 posts
    Registered:
    22 Sep 2005
    11 Sep 2007
    Link to this post
    I see. Is there a simple way to extend the existing Sitefinity membership to deny access to the Sitefinity Admin. Like a new Role called "Public Users" that would work with a new page permission called "public view"? Where a page can be set to deny anonymous access in the properties and then logged in "Public Users" can view that page, but not have access to the Sitefinity Admin area. I hope that makes sense. Perhaps I am being too detailed about this, but I did not want public users to have the opportunity to see the Sitefinity Admin area. 

    It almost seems like the best case would be a Public Membership Provider with it's own rolls and users. that is separate from the Sitefinity Membership provider.

    Also, if we create a new Membership provider, will it be difficult to tie it into the Sitefinity Workflow. It seems there are a few moving parts that would make it difficult to set up a new membership provider and have Sitefinity still function smoothly. Do you foresee any problems with this?

    Sincerely,

    Ben
  6. Yasen
    Yasen avatar
    121 posts
    Registered:
    18 May 2013
    12 Sep 2007
    Link to this post
    Hi bnye,

    If I understand right, you want to have public users in the same Sitefinity membership provider. These users should be able to visit some pages that anonymous users can't and they shouldn't have permission to view the admin part.

    In Sitefinity 3.1 we will provide another global permission, for example  "SeeAdminPart" so that only roles that have this permission will have access to the administrative back end. This way you can add a "PublicUsers" role and grant permissions to view some pages, but deny the "SeeAdminPart" permission. This way you can have public users as well as admin users.

    The scenario with multiple membership providers should not cause any problems in 3.1. You will be able to manage users in the admin part (you can choose the provider from a dropdown menu to see its users). For now I don't believe you will encounter any serious difficulties with it.

    Best wishes,
    Yasen
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  7. bnye
    bnye avatar
    332 posts
    Registered:
    22 Sep 2005
    12 Sep 2007
    Link to this post
    "In Sitefinity 3.1 we will provide another global permission, for example  "SeeAdminPart""

    That is exactly what I was hoping...great to hear.

    Sincerely,

    Ben
Register for webinar
7 posts, 0 answered