Programmatically log in membership user

Posted by Community Admin on 03-Aug-2018 16:06

Programmatically log in membership user

All Replies

Posted by Community Admin on 13-Sep-2011 00:00

Hey all,

I am evaluating sitefinity and making a proof of concept. In said concept, we have an existing web application with an existing database and using membership provider for user authentication. In an ideal world, our development team, myself included, would take our existing application and fully migrate everything over to SF. However, this is not possible and the migration will be a slow process over the course of many months as existing functionality is built on top of the app. With that said, several pages will be initially chosen to be brought into SF. 

Here is the current issue I am facing with our proof of concept. Many of our pages are protected and require a user to log in before accessing those pages. As a test, I created a test page lets call it "AdminTestPage" in SF. I've restricted it to allow only one of our specific roles in our membership provider. I have the AspNetSqlMembershipProvider installed and from the sitefinity login url, back end, can log in using one of our existing user accounts, currently pointing at my test database on my local machine. If I use the sitefinity login page and log in as say "MyTestAccount" and then go to the "AdminTestPage", I can get there.

I've created a custom control, successfully registered it in SF, and placed it on a page that I called "Login", also created in SF. This control is a login control that has two text boxes for username and password and a button for submitting.

Long story short, my main question is, how do I take the username and password provided by the user and programmatically log that user in? I've taken the code that we use in our existing app for logging in with membership. This is the delegate click event code that I added to my custom log in user control. However, when I go to my login page, enter my log in info and submit, I'm redirect to my home page I created. So at that point, everything seems to have functioned as I expected. Then I attempt to hit the "AdminTestPage" and am redirect to the sitefinity login page. At that point, I'm going, "I must not be logged in, perhaps my custom user control log in click delegate method is not functioning as I'd expect". So, is there anything special I have to do to get this to work? Meaning, when I go to my login page and enter my credentials (assuming they are correct), it should log me in and I should be able to go to my protected page. 

protected void LoginButton_Click(object sender, EventArgs e)
    string username = Username.Text;
    string password = Password.Text;
    if (Membership.ValidateUser(username, password))
        FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(20), false, string.Empty, FormsAuthentication.FormsCookiePath);
        Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket))
            Expires = ticket.Expiration,
            Path = FormsAuthentication.FormsCookiePath
        if (!string.IsNullOrEmpty(Request.QueryString["returnurl"]))

Posted by Community Admin on 14-Sep-2011 00:00

Hi Doug,

Thank you for your interest in Telerik Sitefinity CMS.

We have API which automatically sets all authentication cookies needed by Sitefinity. Please consider the sample bellow:

void LoginButton_Click(object sender, EventArgs e)
    //instantiate the Sitefinity user manager
    //if you have multiple providers you have to pass the provider name as parameter in GetManager("ProviderName") in your case it will be the membership provider user
    UserManager userManager = UserManager.GetManager();
    if (userManager.ValidateUser("admin", "password"))
        //if you need to get the user instance use the out parameter
        Telerik.Sitefinity.Security.Model.User userToAuthenticate = null;
        SecurityManager.AuthenticateUser(userManager.Provider.Name, "admin", "password", false, out userToAuthenticate);

Users are logged out by calling SecurityManager.DeleteAuthCookies():
void LogoutButton_Click(object sender, EventArgs e)

All the best,
Radoslav Georgiev
the Telerik team
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 05-Sep-2012 00:00


I am trying to do a similar thing, which is auto login a user after they register on the site. 

Using Radoslav's example, it seems to partially work. In the CMS backend, the new user appears to be online, but the Login/Logout button widget shows a not logged in state. When attempting to access content only available to logged in users, it is not available.

The result to the call to AuthenticateUser came back with a success result.

Any suggestions or pointers gratefully accepted.


This thread is closed