Custom User Registration
I have implemented a custom user control that adds a new user as a new Sitefinity user because there is not a CreateUser control included in the Sitefinity system. However, when I am not logged in already I receive the error message saying "You are not authorized to 'Manage Users' ('Backend').". Is there a way around this to allow a user to be added? I would like to utilize the sitefinity users/roles functionality with this.
Thanks,
Alex Lorenz
Hello Alex,
To register a user you can use the standard ASP.NET CreateUserWizard control. You are getting the message, because you are not logged as a user that can create other users or you have not granted "Anonymous" with permissions for create.
There is an option to suppress the security check, but it should be used only as an exception.
userManager.Provider.SuppressSecurityChecks = true
;
Another issue I'm fighting is actually logging in the user after the user is registered. After looking at a couple other forum posts, I tried the following, but it is saying there is no definition for SetAuthenticationCookie.
SecurityManager.SetAuthenticationCookie(SystemManager.CurrentHttpContext.Response, Membership.Provider.Name, username, false);
Any thoughts?
Hi Alex,
You can use AuthenticateUser method which can be accessed.
Regards,
Ivan Dimitrov
the Telerik team
Can you provide an example of what the credentials should be for the AuthenticateUser() on SecurityManager.
Hello Alex,
You can use this overload.
AuthenticateUser(string membershipProviderName, string userName, string password, bool persistent, out User user)
Regards,
Ivan Dimitrov
the Telerik team
"To register a user you can use the standard ASP.NET CreateUserWizard
control. You are getting the message, because you are not logged as a
user that can create other users or you have not granted "Anonymous"
with permissions for create."
How do we grant permissions for Anonymous to create an account?
I went into Administration > Permissions. Global Permissions. Who can...
I selected Manage Users - Everyone, Authenticated, Anonymous
Manage Roles - Everyone, Authenticated, Anonymous
I still get the message:
You are not authorized to 'Manage Users' ('Backend'
Hi Amanda,
I tried to reproduce the error, but, alas, without luck.
I started with a fresh Sitefinity project, added an aspx page to my solution, put a CreateUserWizard on it like so:
<
asp:CreateUserWizard
ID
=
"creator"
runat
=
"server"
></
asp:CreateUserWizard
>
"There is an option to suppress the security check, but it should be used only as an exception.
userManager.Provider.SuppressSecurityChecks = true
;
"
User registration would be an exception, right? It sounds better than giving the Anonymous role write access on the roles and users.
Hi Ryan,
It is better to suppress the check when you create the user userManager.Provider.SuppressSecurityChecks = true
then, after the use has been created set the check back to false
userManager.Provider.SuppressSecurityChecks = false.
Greetings,
Ivan Dimitrov
the Telerik team