Programmatic Login
Is there a way to programmatically login in beta 2? I've tried the usual methods with no luck so far. I'm new to SF so maybe I'm missing something obvious.
Hello Matt,
We generate our own authentication cookie. You should use SecurityManager.SetAuthenticationCookie method to authenticate an user programmatically.
Best wishes,
Ivan Dimitrov
the Telerik team
Thanks, that did the trick.
Matt,
Andrei,
Matt,
Andrei,
Andrei,
Hi Matt, Andrei
Below is a sample code that illustrates how to log in a user .
public partial class WebPageTest1 : System.Web.UI.Page protected void Page_Load(object sender, EventArgs e) // get the login button var b = this.LoginControl.FindControl("LoginButton") as Button; // subscribe for click event b.Click += new EventHandler(b_Click); // get the current user var user = SecurityManager.GetCurrentUser(); if (user != null) // get the identity var ident = user.Identity.Name; // force log out for this stest SecurityManager.Logout(); void b_Click(object sender, EventArgs e) // Login the user. var now = DateTime.UtcNow; var ip = SystemManager.CurrentHttpContext.Request.UserHostAddress; var manager = UserManager.GetManager(); var user = manager.GetUser("admin"); user.IsLoggedIn = true; user.LastLoginIp = ip; user.LastLoginDate = now; user.LastActivityDate = now; SecurityManager.SetAuthenticationCookie(SystemManager.CurrentHttpContext.Response, "Default", user, true); manager.Provider.SuppressSecurityChecks = true; manager.SaveChanges(); manager.Provider.SuppressSecurityChecks = false; Response.Redirect("~/WebPageTest1.aspx"); SecurityManager.SetAuthenticationCookie(SystemManager.CurrentHttpContext.Response, "Default", user, true);Ivan saves the day. Just tried it and it works. Thank you very much.
Hi guys,
This is what I've got, but not sure if I'm on the right track here...
Hello Gerrit,
In Sitefinity 3.x you should use FormsAuthentication cookie
HttpCookie cookie = this.Response.Cookies[FormsAuthentication.FormsCookieName];UserManager.Default.SetAuthenticationCookie(cookie);Hi Ivan,
Hi Gerrit,
Sitefinity uses the standard ASP.NET Login control that comes with the .NET Framework. The error comes from FormsAuthentication.Decrypt ASP.NET static method when it is trying to decrypt authentication ticket which is passed as a string.
It is possible that encryptedTicketstring is very long, it is string empty or it is not well formated and it could not be decrypted. ASP.NET uses the <machineKey> element for encryption and decryption of
forms authentication cookie data. By default, both both validationKey and decryptionKey are set to AutoGenerate. There might be a problem if you are running the website in web farm with AutoGenerated keys.
Regards,
Ivan Dimitrov
the Telerik team
Sorry Gerrit, can't think of anything now.
Thank you for your posts guys!
Gerrit,
Hi Matt,
Hello Gerrit,
You can take a look at this discussion.
Best wishes,
Ivan Dimitrov
the Telerik team
Getting yet another problem with the programmatic login. Worked great for a while, but now sometimes it just shows the login form over and over. Upon closer examination, there's a cookie coming back named .SFLOG with the value UserLoggedFromDifferentComputer. Is there a way to programmatically logout the user from the other computer?
Hi Matt,
Yes, there is way to programmatically logout a user from another computer. However, the API has changed for the RC and therefore I won't give you an example right now. I will post some examples, including web service authentication from other applications, as soon as the RC is out.
You cannot authenticate a request with the same credentials from different machines or browsers at the same time. This restriction applies only to accounts (users) that are members of the built-in BackendUsers role.
Sincerely yours,
Bob
the Telerik team
Ivan/Bob:
Bob wrote " I will post some examples, including web service authentication from other applications, as soon as the RC is out."
Would you mind posting this now?
Thanks
Hello Phil,
Please check this forum post.
Best wishes,
Ivan Dimitrov
the Telerik team
Realise this is old now.
Trying to log in a user I just created using this but I'm not seeing the SetAuthenticationCookie method in the final release version, did it make it in?, API docs still seem to say so.
SecurityManager.SetAuthenticationCookie(SystemManager.CurrentHttpContext, user.ProviderName, user, true);
M
Hi mattc,
I sent reply to your support requests. The SetAuthenticationCookie was made internal static and it is not possible to use it. Currently you should use SecurityManager.AuthenticateUser method.
Regards,
Ivan Dimitrov
the Telerik team
Hi Ivan
Yes thanks for that :)
So after creating the user I used:
TextBox Password = (TextBox)CreateUserWizard1.CreateUserStep.ContentTemplateContainer.FindControl("Password");SecurityManager.AuthenticateUser(user.ProviderName, user.UserName, Password.Text, true);Hopefully someone will see this at the end of this long thread...
protected void linkButtonLogin_Click(object sender, EventArgs e) var manager = UserManager.GetManager(); string userName = textboxUsername.Text.Trim(); string password = textboxPassword.Text.Trim(); if (manager.ValidateUser(userName, password)) DateTime now = DateTime.UtcNow; var user = manager.GetUser(userName); user.IsLoggedIn = true; user.LastLoginIp = SystemManager.CurrentHttpContext.Request.UserHostAddress; user.LastLoginDate = now; user.LastActivityDate = now; var loginReason = SecurityManager.AuthenticateUser(user.ProviderName, userName, password, true); manager.Provider.SuppressSecurityChecks = true; manager.SaveChanges(); manager.Provider.SuppressSecurityChecks = false; FormsAuthentication.SetAuthCookie(userName, true); if (Request["returnUrl"] == null) Response.Redirect(String.Format("0://1", Request.Url.Scheme, Request.Url.Authority)); else Response.Redirect(Request["returnUrl"]); // else literalErroMessage.Text = "Invalid username/password combination"; //Hi Miles,
Thanks Gerrit.
Hi Miles -
Did you ever find a solution to this?
Having the same exact issue.
David
Yes I was but I'm not 100% how correct this is - I'm never 100% when working with Sitefinity :P
01.protected void linkButtonLogin_Click(object sender, EventArgs e)02.03. var manager = UserManager.GetManager();04. string userName = textboxUsername.Text.Trim();05. string password = textboxPassword.Text.Trim();06. 07. if (manager.ValidateUser(userName, password))08. 09. DateTime now = DateTime.UtcNow;10. var user = manager.GetUser(userName);11. user.IsLoggedIn = true;12. user.LastLoginIp = SystemManager.CurrentHttpContext.Request.UserHostAddress;13. user.LastLoginDate = now;14. user.LastActivityDate = now;15. var loginReason = SecurityManager.AuthenticateUser(UserManager.GetDefaultProviderName(), userName, password, true);16. 17. if (loginReason == UserLoggingReason.UserAlreadyLoggedIn)18. 19. SecurityManager.Logout(UserManager.GetDefaultProviderName(), user.Id);20. loginReason = SecurityManager.AuthenticateUser(UserManager.GetDefaultProviderName(), userName, password, true);21. 22. 23. if (loginReason == UserLoggingReason.Success)24. 25. manager.Provider.SuppressSecurityChecks = true;26. manager.SaveChanges();27. 28. FormsAuthentication.SetAuthCookie(userName, true);29. 30. if (Request["returnUrl"] == null)31. Response.Redirect(String.Format("0://1", Request.Url.Scheme, Request.Url.Authority));32. else33. Response.Redirect(Request["returnUrl"]);34. //35. 36. else37. literalErrorMessage.Text = loginReason.ToString();38. //39. 40. else41. literalErrorMessage.Text = "Invalid username or password";42. //43.Thanks Miles - we give this a try today!
Hello. I'm new to Sitefinity and so I decided to learn about it using a sample app from the SDK. I'm using the Telerik.Sitefinity.Samples.Quantum app. I imported it in my Visual Studio and added a web form to the project (ShowClaims.aspx) which is a page that will simply display the identity claims contained in the security token returned to the app by the STS. Here's my question: How does one go about adding a page to the app from the front end UI? I'm currently logged I the dashboard (http://localhost:60876/Sitefinity/dashboard) which is what I call the front end UI, and I assume that would be the way to add my new page to the app. I see where I can create a new page but where do I point it to the code I entered in Studio?
Hello Patrick,
If you have created the .aspx page in the root of your project folder in Visual Studio, you can access it like the following: yourdomain.com/ShowClaims.aspx.
Another option will be to create a user control (.ascx file) and place your logic there and build the solution. Then you can register the user control in the Toolbox using Thunder as described in the following article.
After you register the widget, please restart the application and login to the Sitefinity backend, click on the Pages tab and create a new page or open an existing page in edit mode.
When you open a page in edit mode you will see the Toolbox section on the right hand side of the page. This is the section where you can drag and drop the built-in widgets which come with Sitefinity and your custom widgets as well. You should see your custom widget there under the section where you have registered it. After you find your custom widget, please drop it on the page.
If you would like to add a code behind (the aspx.cs file created in Visual Studio) to a Sitefinity page created through the Sitefinity backend, you can checkout the following blog post for more details on this.
In addition to this, since this forum thread is opened to discuss how to login programatically in Sitefinity, I would kindly ask you to open a new thread or open a support ticket if you have any further questions about creating pages or creating widgets in Sitefinity. Thank you for your kind understanding.
Regards,
Sabrie Nedzhip
Telerik
Hi everyone!
I have a question related to Programmatic Login. I have a situation in which I should login a user based on 3 fields(ID, username, password). The login process is made against an external REST web API.
I tried to implement my own login widget, with these 3 fields, but I could not set authentication cookie, since SecurityManager.SetAuthenticationCookie is internal - no luck(.
I tried to implement my own custom MembershipProvider, but SecurityManager.AuthenticateUser(UserManager.GetDefaultProviderName(), userName, password, true); needs only 2 parameters (username and password).
Actually, my question is: Is there a way to implement a login functionality in Sitefinity based on more than just 2 fields (username and password);
Many thanks!Hello Vladimir,
Please note that you should use the overloads of the SecurityManager.AuthenticateUser() method to authenticate the users in Sitefinity.
If you would like to allow users to enter their id when they submit their credentials, before the login you can use the API to get the user who has this id and/or the entered username and then log this user:
UserManager userManager = UserManager.GetManager();User user = // get the user here by username or/and by the entered id UserLoggingReason result = SecurityManager.AuthenticateUser(null, "username", true, out user);Hi Sabrie!
That's great, I didn't noticed that overload of the method. BUT, it returns also a USER(as out parameter). What it actually does - calls my custom membership method GetUser(string username). Here comes the problem. I could not call my API only with username parameter. An access token should also be provided. So my membership provider could not access my web API to get a user.
I tried a workaround. Created a method SetToken(string token) to membership provider. Than, when I GetUser(string) is called by SecurityManager.AuthenticateUser(string,string,bool,out User), I try to get the User.
I'm not quite sure if it is a good implementation. Is membership implementation is Singleton throughout Sitefinty?(because other users will also supply their tokens to custom provider)
Do you have any ideas?
Many thanks!