More in this section
Forums / Developing with Sitefinity / Problem with custom Forms authentication for private sectionof site

Problem with custom Forms authentication for private sectionof site

The forums are in read-only mode. In case that you want to directly contact the Progress Sitefinity team use the support center. In our Google Plus group you can find more than one thousand Sitefinity developers discussing different topics. For the Stack Overflow threads don’t forget to use the “Sitefinity” tag.
2 posts, 0 answered
  1. Ed
    Ed avatar
    1 posts
    10 Aug 2011
    10 Aug 2011
    Link to this post
    I'm new to sitefinity, and I've got a test system set up to run the public/marketing sections of the site.

    However I want to setup a private "Members" section that is under custom forms authentication. The Members section, and users are not part of sitefinity.

    I've got the user database, and login set up. However when I call 
    FormsAuthentication.SetAuthCookie(username, false);

    It doesn't seem like this is working, the username is not available via HttpContext.Current.User.Identity.Name, and  HttpContext.Current.User.Identity.IsAuthenticated is always false. I'm copying this authentication code over from another project, so I know it works.

    I'm sure this is something simple I'm overlooking, but I didn't know if Sitefinity overruled any other custom Forms authentication from the web.config file.

    Here is what I have in my web.config
    <location path="Members">
          <!-- <allow users="*"/>-->
          <deny users="?" />
      <authentication mode="Forms">
        <forms name="Members" loginUrl="login.aspx" protection="All"  path="/" slidingExpiration="true" />
        <allow users="*" />
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    12 Sep 2017
    11 Aug 2011
    Link to this post
    Hello Ed,

    Please take a look at this post which explains how Sitefinity authentication works

    If the user is not authenticated, then you don't have a current principal and the username will be always null.

    Is standard ASP.NET scenario this could be done with the code below

    protected void Load(object sender, EventArgs e)
        if (!IsPostBack)
        this.Login1.LoggedIn += new EventHandler(Login1_LoggedIn);
        this.Login1.Authenticate += new AuthenticateEventHandler(Login1_Authenticate);
    void Login1_Authenticate(object sender, AuthenticateEventArgs e)
        e.Authenticated = Membership.ValidateUser(this.Login1.UserName, this.Login1.Password);
    void Login1_LoggedIn(object sender, EventArgs e)
        HttpCookie cookie = this.Response.Cookies[FormsAuthentication.FormsCookieName];
        FormsAuthentication.SetAuthCookie("username", false);

    Kind regards,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
2 posts, 0 answered