Forums

Skip Navigation LinksHome / Developer Network / Forums / Sitefinity Older Versions (3.x): Security > Seperate authentication from CMS

Seperate authentication from CMS

Feed from this thread
  • al avatar

    Posted on Mar 22, 2011 (permalink)

    We're using SiteFinity for managing our CMS content and creating the pages etc, and all pages are public. When users login via our a custom provider (Twitter/Facebook provided by Janrain) some of our controls will change their behaviour.

    The two login mechanisms need to be totally seperate, so that someone logging into our public site has no rights at all within the /Sitefinity folder.

    How would I go about configuring Sitefinity for this use case?

    Thanks,

    Al Priest.

    Reply

  • Ivan Dimitrov Ivan Dimitrov admin's avatar

    Posted on Mar 22, 2011 (permalink)

    Hi al,

    One of the option is having several public and several backend roles. When you go to Administration >> Permissions you can set CmsAccess permission to the roles you want to access the backend. Roles that does not have this right will be able to access only the frontend after you grant needed permission over your pages.

    Another option is using the same configuration but with two or more membership and role providers.

    All the best,
    Ivan Dimitrov
    the Telerik team
    Vote for the 7 Telerik products at the 2011 Great Indian Developer Awards!

    Reply

  • al avatar

    Posted on Mar 23, 2011 (permalink)

    Hmm, I've gone into the CMS and chosen Administration | Permissions, then when I change the "Select Role" dropdown the page postback is fired and I lose the entire dropdown and checkbox section. (This happens in both Chrome, IE and Firefox).

    Assuming I could change this so that my new "public" role, didn't have access, how do I set this role when I authenticate my user?

    I currently have FormsAuthentication.SetAuthCookie(emailAddress, true) but there is no mention of Roles in this.

    Thanks

    Reply

  • Ivan Dimitrov Ivan Dimitrov admin's avatar

    Posted on Mar 28, 2011 (permalink)

    Hi al,

    The user should be assigned to a role before that. You cannot authenticate a user that does not belong to a given role as a principal of this role.

    Greetings,
    Ivan Dimitrov
    the Telerik team
    Vote for the 7 Telerik products at the 2011 Great Indian Developer Awards!

    Reply

    • Register for webinar
Skip Navigation LinksHome / Developer Network / Forums / Sitefinity Older Versions (3.x): Security > Seperate authentication from CMS