More in this section

Forums / Developing with Sitefinity / Public Users - Authentication

Public Users - Authentication

3 posts, 0 answered
  1. George
    George  avatar
    204 posts
    Registered:
    05 Sep 2006
    30 Mar 2010
    Link to this post
    Hi,

    I have a website where i need to authenticate public users. I have read that Sitefinity supports public users and that i can create a role that i called "public users" and denied the CmsAccess but i have couple of issues to address:

    1- Is it a good practice to use Sitefinity membership provider for public users on a large website?
    2- When i use, Sitefinity's membership, i also have the forms authentication login page set to Sitefinity's login page, while in fact the public users should be redirected to a special login page since they shouldn't know about the existance of the CMS. What's the best way handle this? should i set the default login page to the public login page then check if the return URL includes the Sitefinity directory?
    3- Or should i simply create custom membership for my site ...

    Please advice .... appreciate it in advance.

    Best Regards,

    George
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    30 Mar 2010
    Link to this post
    Hello G-force,

    1- Is it a good practice to use Sitefinity membership provider for public users on a large website?

    I do not see any problem to use the built-in provider. Of course you could extend it or create a custom one.

    2. When i use, Sitefinity's membership, i also have the forms authentication login page set to Sitefinity's.....

    The FormsAutnetication has a property loginUrl which accepts only single url. By default there is ASP.NET limitation that you could have only one login page. You can leave the loginUrl as is and create a custom control that makes proper redirect depending on from where the request comes from. So, a public user is trying to access a resource that requires authentication, then it is redirected to website.com/Sitefinity/login.aspx. In the code behind of login.aspx you could check whether the request comes from the backend or not. If the request comes from the public website, redirect it to another public page.

    sample

    // check where does it come from
     string redirectUrl = Request.QueryString["ReturnUrl"];
     if (!string.IsNullOrEmpty(redirectUrl) && !redirectUrl.StartsWith("/sitefinity"))
     {
         Response.Redirect("~/publicLoginPage.aspx?ReturnUrl=" + redirectUrl);
     }


    Sincerely yours,
    Ivan Dimitrov
    the Telerik team

    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
  3. George
    George  avatar
    204 posts
    Registered:
    05 Sep 2006
    31 Mar 2010
    Link to this post
    Thank you Ivan.

    I think the best way to do it is what we suggested.

    Best Regards,

    G
Register for webinar
3 posts, 0 answered