Sitefinity 10.0 Beta Announced
Sitefinity 10.0 Beta is available for download on this link.
Nuget packages are available on http://nuget.sitefinity.com/ (use pre-release tag)
This version contains
Authentication reinvention, SVG Images Support, System Health Check, Built-In Site Warmup, Diagnostic module improvements and extended functionality, Cache Control Policy Management support, Site Shield, Delete Add-On, Tools updates, multiple bug fixes and more.
Оut-of-the-box integration added with the most popular authentication types/providers:
OpenID Connect allows clients of all types, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. Here are the main benefits:
For more information you could check the official OpenID Connect site.
Sitefinity 10.0 supports login with email (instead of username). There is no more a need to specify both username and email when registering a user in Sitefinity. The email is sufficient making the login process more convenient as you don't have to remember specific username.
If a user has a registration with username (different than email) both username and email will work successfully for login.
IT administrators can configure a mapping between external claims (e.g. AD groups/roles) and Sitefinity roles for implementing external role management of the new web site users.
While developing a website that only a chosen group of people should be able to see, Website Managers can invite people to the secured site and monitor when they access the site and from what devices. Stakeholders are able to review the progress even without being CMS users.
This feature will be available only for Sitefinity license holders who have Multisite Management capability.
Better user experience and functionality for managing permissions in Мultisite environments with several providers.
In order to hide the CMS utilized by the web site from the web site visitors, Sitefinity allows administrators to configure the application status page relative URL.
(documentation)
Support for client cache based on standard cache control HTTP response headers such as Cache-Control max age, public etc.
(documentation)
Developers and System Administrators can use the Sitefinity health check API endpoint to easily get the current status of a website in terms of database access, NLB communication, Internet connectivity and Redis access.
(documentation)
Multiple improvements in profiling capabilities, while in the same time reducing potential performance impact on live environments of the profiling process. The new reports and tracking capabilities include:
Content Marketers can easily use SVG images for better website performance and visitor experience, especially on mobile devices.
(documentation)
Sitefinity 10 makes it possible to isolate customer journey data for individual websites powered by a single CMS instance (codebase) in separate data centers in the Digital Experience Cloud. Thus, Digital Marketers can get data-driven insights that are specific to the brand or website they manage.
All MVC widgets now match the behavioral tracking capabilities of web forms
(documentation)
A new capability of the Persona Scoring rules allows Digital Marketers to score every visit of a particular web site section or page, rather than the first time only, which simplifies the Scoring Model definition and reduces the model maintenance costs.
(documentation)
A new capability of the Lead Scoring rules allows Digital Marketers to score repetitive interactions measuring an increased engagement of a particular contact.
Allows for the export and import of content and structure to and from a .zip file. The .zip file can be used to import the data in another Sitefinity instance,thus providing the opportunity to use starter kits for new projects.
Add-ons can now be uninstalled by uninstalling the NuGet packages holding them. After the website initializes, Sitefinity will automatically remove all functionality, structure and content that were part of that Add-on.
User Profile structure is included in the export/import functionality for deployment, add-on or .zip file, so new projects with similar user profiling can easily benefit from previous structures.
Lots of great stuff here! I'm looking forward to trying them out. Content import/export and the new sign-on options probably are my favorites. Plus lots of bug fixes!
Some of your FP links are trying to link to tpdogfood instead of the public Feedback Portal, though.
We're also eager to start using v. 10 in some of our projects.
Lot's of awesomeness in there for us.
Any date on when v. 10 is going to be production ready?
I guess early March?
What about the new angular backend? Postponed again?
OC, we will release more details on the new Sitefinity backend after the Sitefinity 10 release, which is planned for the week of March 13, 2017. Pavel, this answers your question on the release date.
@Ivan\@Anton
Re: Auth
Are there any docs for extending or integrating custom rules? We need GoogleAuth here (on an apps domain), but on success we need to then run a couple checks on a custom DB before allowing that login... is there a method to allow for this?
Hi Steve,
The documentation about how to implement a custom provider (or extend a current one) is still not released. We are working on it. I will check the codebase for you and let you know what kind of solution you could use.
Regards,
Peter
Hello. As the official documentation is still not ready here is a sample how to achieve this: CustomExternalAuthentication
Basically you need to create your own AuthenticationProvider deriving from one of our provider classes (SitefinityGoogleAuthenticationProvider, SitefinityFacebookAuthenticationProvider, etc. ), which provide several overridable methods. Then to register this provider you need to override the AuthenticationProvidersInitializer class and put the custom initializer into the ObjectFactory.
Please, let us know if this is enough to achieve what you want.
Regards,
Viktor
@Viktor
Looks perfect, much more readable than the current Git repo for social auth :)
Does the MVC-based Widgets Tracking include custom developed MVC widgets or just OOB widgets? If not is there code snippets we can add to custom MVC widgets to get them communicating with DEC?
Regarding:
"MVC-Based Widgets Tracking
All MVC-based widgets in the CMS can now send
data to the Digital Experience Cloud out of the box..."
Hello,
i've found a bug in this beta.
I don't know if this bug is already in a previous release. If you create a form you can't select the form with the "old" built in Form Control. You get no error. The control designer loads and show the standard empty text: "No records to display."
The "new" built in feather control works.
Another question: How can i map a Sitefinty role to new Google/Facebook users.
Is there a documentation you can provide us?
Kind Regards
Emanuel
An further question: Why the Sitefinity Site Shield is not working.
Can this due to my localhost adresses?
Hi,
I have tested the Beta release locally and everything is working at my end. Could you please elaborate more on your problem? What exactly is not working. Could you hide the web site? If you use smtp4dev tool, could you examine the access emails?
Regards,
Peter
Hi,
I installed your beta version and try to configure a SSO like your documentation specify:
docs.sitefinity.com/administration-configure-single-sign-on-with-sitefinity-cms-as-sts
I receive a error "Invalid JSON primitive" on the sitefinity client after the login
My configuration:
I installed 2 sitefinity version 10. All in localhost with SQL Express. One is the CMS STS and the second is the client. I don't use https.
Can you tell me why I receive this error?
One point I don't understand the documentation for the configuration of the CMS STS about the 4 paragraph: "In the left pane, click Security and in ValidationKey, enter the key that you copied in Step 16 of the above procedure."
But If I have multiple Sitefinity client which key must be copied ???
Regards,Hi. This error normally happens when the client application cannot obtain the metadata from the STS due to miscofiguration. I checked the documentation and it appears to have some incorrect points:
Let me know if you managed to configure the SSO
Hello. Regarding your question about the Sitefinity roles for new Google/Facebook users there is a setting in Settings -> Advanced -> Authentication -> SecurityTokenService -> AuthenticationProviders. Select the provider and there is a setting 'Auto assigned roles'. Keep in mind that this roles will be assigned only for new users
Hi Viktor,
No I have anymore the error but on the Client website when I'm log-in I can enter what I want like username password. And he display the user of the CMS STS. And I cannot go to the backend of the client ?!?
Something is strange with this configuration. What I want is simple:
A sitefinity website he would be the CMS STS and a other sitefinity website he would be the client.
When I log-in on the client he check if the user exist into the CMS STS if yes I'm log-in and I can see the backend of the Client CMS.
Can you please describe me step by step the correct procedure to do that?
Thanks
Regards,
Viktor,
I create a new client and follow again step by step the SSO configuration now I receive this error when I want login to my new client (see screenshot)
Regards,
[quote]Richard said:
Does the MVC-based Widgets Tracking include custom developed MVC widgets or just OOB widgets? If not is there code snippets we can add to custom MVC widgets to get them communicating with DEC?
Regarding:
"MVC-Based Widgets Tracking
All MVC-based widgets in the CMS can now send
data to the Digital Experience Cloud out of the box..."
[/quote]
Hi Richard,
What we mean with this item is that all out-of-the-box MVC widgets are now covered with the same tracking as web forms, since previously some MVC widgets were lacking the tracking functionality provided in web forms widgets.
If you extend any of them and replace the views and scripts, the server-side events will still work as long as the logic in the overriden model base methods is not skipped. The client-side tracking will also work as long as the calls performed by the DEC JavaScript SDK are still there. You can find more information on the tracking events here: docs.sitefinity.com/.../understand-the-connector-built-in-tracking-event-handlers
For new custom widgets, you would have to utilize the DEC JavaScript SDK or .NET SDK additionally in order to configure the necessary tracking.
I hope that helps,
Ivailo
[quote]Francis Kienlen said:
Viktor,
I create a new client and follow again step by step the SSO configuration now I receive this error when I want login to my new client (see screenshot)
Regards,
[/quote]
Hi. Can you enable the logging for the STS from Advanced settings -> SecurityTokenService -> IdentityServer. This will log the actual error in the Authentication log. Normally this happens when something is still not properly configured.
Also, does this happen before or after you enter your credentials?
Hi Viktor,
This log help me there's a little bit a mistake from me (clientid was wrong) and that was after I enter the credentials.
Now I have this situation:
- When the STS is login-in with the admin user I can use any CMS Client with any username or password and I'm log-in why?
- When the STS is logout and when I use one of my CMS Test Client and log-in I receive a unexpected error windows "something went wrong"
I send you into the attachment my authentication log files from the CMS STS
Can you please tell me why I have this issue?
Thanks
Did you copy the EncryptionKey from the STS application to the client one located in Advanced settings -> Authentication? Because the error you get is that there is a problem with the decryption of the data sent from the client to the STS. Make sure to restart the application after updating the settings.
Right I don't copy the EncryptionKey now it's good and also updated correctly in Documentation '-)
Now my new questions:
When I log-in at first to CMS STS and when I go to the CMS Client and click on login link I see the input box of log-in and here I can enter what I want... It's possible to be log-in immediately without see login widget? (see attachement)
And most important how can I go to the backend from my CMS Client for create/editing pages (not the CMS STS backend)?
Hi Viktor,
I found this issue, he comes from the name of the provider. A blank space was insert at the end. I fix it.
He would be fine to insert a comment from the doc before the paragraph 18 to restart the IIS because the membership provider isn't see the first time from administration / users
NEW Question:
I have a CMS STS website
I have a first client CMS TEST1 and I have a second client CMS TEST2 configure with CMS STS.
When I'm logout from CMS TEST1 I want also that CMS TEST2 is also logout how can I do that?
Glad to hear that you managed to make it work.
Regarding your question, what you want is Single Sign-Out which unfortunately is currently not supported. It may be logged as a Feature Request.
Error in Sitefinity Nuget on updating?
I'm not able to update projects with Progress.Sitefinity.Authentication. It refers to Telerik.Sitefinity.OpenAccess version 10.0.6400.0, but the correct version there should be 2016.2.822.1 ?
Hi Viktor,
I have a CMS STS website and a CMS client website. I configure for SSO. The login widget is on my Client CMS but the registration widget is a redirection and come from my CMS STS.
When someone is registered the user is created into the Database of CMS STS automatically that is normal and I can see the provider into my CMS Client.
It's possible to have a real copy at the same time on the local DB of the CMS Client? So I can in future separate my CMS Client from my CMS STS.
Can you give me a tip for that?If I understand you right, you want to have the same user in both Databases (CMS STS and CMS Client)? This is not recommended, as it will lead to duplicate users and this can make the authentication behave incorrectly.
My problem is when in future I want that the CMS Client want be standalone (not more attach to a CMS STS) how can I find my users.
Especially If I have more than one CMS Client attach to a CMS STS. I want backup my user for each CMS client.
Have you a solution for that?
Login form still shows "Email or username" on the live SF10 instance eh, there is no more "Or" when they are one in the same right?
Hello OC,
From what I gather you are trying to update a project which references Sitefinity 10.0.6350.0-beta packages. If this is the case could you please try removing them completely using the following command in the Package Manager Console:
Uninstall-Package Telerik.Sitefinity.All -RemoveDependencies
Afterwards try installing the latest NuGet packages once again.
Hi Steve,
You have one field on the user registration but under the hood it is used to fill both username and email (this way they are the same).
For upgraded projects (or users created with API - e.g. importing users from other system or using custom registration widget) you will have the ability to have different values for username and email. That's the reason the login widget allows using email or username.
If you setup brand new Sitefinity 10.0 and use the standard widgets - the new users will use email only.
Best Wishes,
Dimitar
Hello there,
We released official version of 10.0 on March 15. I'm closing the BETA thread now. We have multiple fixes between the beta and official release.
Please use "SITEFINITY" forums instead "SITEFINITY EARLY PREVIEW" for further questions.
BR,
Ivan