Managing logged in user

We have a site that will have two different kinds of users, Users and Admin. Users will be authenticated using our existing customer database whereas Admin will use the Sitefinity database. After the a User logs in, what is the best way to keep track of their username?

Hi Andrew,

You cannot just authenticate a user in Sitefinity. This should be Telerik.Sitefinity.Security.Model.User which is Sitefinity's 4.0 own custom object. You should have a membership provider that inherits from Telerik.Sitefinity.Security.Data.MembershipDataProvider. This is an abstract class which is used by the OpenAccess implementation - OpenAccessMembershipProvider.

Best wishes,
Ivan Dimitrov
the Telerik team

Thanks for the reply, can you point me to a tutorial or documentation?

Hi Andrew,

You can take a look at this post which provides a basic sample for custom membership provider.
We do not have a complete example for a custom membership provider.


All the best,
Ivan Dimitrov
the Telerik team

Thanks for this. The only issue I'm having now is that I can't create a user when no one is logged in. I get the error below. Is there a way to impersonate an administrator?

You are not authorized to 'Manage Users' ('Backend').

Hello Andrew,

You should be logged in with a user who has Manage Users permissions, otherwise you cannot use the API. You can grant a user or role from Administration >> Permissions.

Best wishes,
Ivan Dimitrov
the Telerik team

Hi,

If internet user want to change their password, this error still comes. and how we will add that user to the role.


thanks
Johar Iqbal

Hi ,

If you do not have permissions to change users password - "Manage Users" you cannot do this. You should call SuppressSecurityChecks or grant anonymous user. It is better to use SuppressSecurityChecks property from the provider.

All the best,
Ivan Dimitrov
the Telerik team