multiple Authentication Providers - Sitefinity - General Discussions

All Replies

Posted by Community Admin on 13-Jan-2011 00:00

Hi,

I have to rebuild an existent web application which has its own database (employee customers products ....).
I intend to use Sitefinity to save time with design and have the content management capability.

But , I still don't know how the authentication should be implemented because I have to authenticate users for :

1- Content management : (let say website owner employee) and for this I think there is no problem to do it with Sitefinity except that all employee contact information are in the old database. Should I do link the 2
DBs (application's and Sitefinity's one) ?

2- website browsing : since there is different roles :
* admin (or employee ) : to be able to use some website functionnalities such as : editing products , editing customers, finance ...
* customer or members : to have access to customer only service (using shopping cart, editing the profiles, payment .... ) (here also all the data are in the application database)
* public : general web pages such as contact us ...

As I am really newbie in Sitefinty, I wanted to know which is the best way to do this.
1- I thought may be to add another authentication provider for the browsing part.

2- May be also I could use pages with some business logic to modify the application database (using controls : grid , formview ....) and limit the acess of the page based on the role that should see it or execute its functions (via buttons). Is that secure ?
In this case, I think I will need also to link the Sitefinity DB to the application DB to have coherent information : user (customer and employee) details, order details .... Or is it better to keep them separated and do some DTS or stored proc to update the DBs in order to have coherent data ?

Any suggestion would be appreciated

Many thanks

Posted by Community Admin on 17-Jan-2011 00:00

Hi
Why there no reply ??

Posted by Community Admin on 21-Jan-2011 00:00

Hi xheo,

1.You have to create a custom membership provider to wrap your users
2. You can restrict website browsing and content access by using the granular permissions that we have in 4.0. You can set permissions for the backend (admin) and front end - public part, per user and per role of users.

3. I do not suggest changing the existing database tables. You should better use your own tables.

All the best,
Ivan Dimitrov
the Telerik team

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

This thread is closed