More in this section

Forums / Developing with Sitefinity / Problem with custom Forms authentication for private sectionof site

Problem with custom Forms authentication for private sectionof site

2 posts, 0 answered
  1. Ed
    Ed avatar
    1 posts
    Registered:
    10 Aug 2011
    10 Aug 2011
    Link to this post
    I'm new to sitefinity, and I've got a test system set up to run the public/marketing sections of the site.

    However I want to setup a private "Members" section that is under custom forms authentication. The Members section, and users are not part of sitefinity.

    I've got the user database, and login set up. However when I call 
    FormsAuthentication.SetAuthCookie(username, false);

    It doesn't seem like this is working, the username is not available via HttpContext.Current.User.Identity.Name, and  HttpContext.Current.User.Identity.IsAuthenticated is always false. I'm copying this authentication code over from another project, so I know it works.

    I'm sure this is something simple I'm overlooking, but I didn't know if Sitefinity overruled any other custom Forms authentication from the web.config file.

    Here is what I have in my web.config
    <location path="Members">
      <system.web>
        <authorization>
          <!-- <allow users="*"/>-->
          <deny users="?" />
        </authorization>
     
      </system.web>
    </location>
     
     
    <system.web>....
      <authentication mode="Forms">
        <forms name="Members" loginUrl="login.aspx" protection="All"  path="/" slidingExpiration="true" />
      </authentication>
       
        
      <authorization>
        <allow users="*" />
      </authorization>
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    11 Aug 2011
    Link to this post
    Hello Ed,

    Please take a look at this post which explains how Sitefinity authentication works

    If the user is not authenticated, then you don't have a current principal and the username will be always null.

    Is standard ASP.NET scenario this could be done with the code below


    protected void Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
        this.Login1.LoggedIn += new EventHandler(Login1_LoggedIn);
        this.Login1.Authenticate += new AuthenticateEventHandler(Login1_Authenticate);
        }
     }
     
    void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
        e.Authenticated = Membership.ValidateUser(this.Login1.UserName, this.Login1.Password);
    }
     
    void Login1_LoggedIn(object sender, EventArgs e)
    {
        HttpCookie cookie = this.Response.Cookies[FormsAuthentication.FormsCookieName];
        FormsAuthentication.SetAuthCookie("username", false);
    }


    Kind regards,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
2 posts, 0 answered