Authenticating against Active Directory and Sitefinity datab

Posted by Community Admin on 04-Aug-2018 17:06

Authenticating against Active Directory and Sitefinity database

Sitefinity - Front- & Back-End Development

All Replies

Posted by Community Admin on 03-Jan-2014 00:00

Hi

I am building a site that basically has two sets of users. These are differentiated via roles. Currently all credentials are stored in the Sitefinity database and when logging in, this is where the credentials are checked against.

The client has come back and asked that one set of users are to be authenticated against their Active Directory forest, while leaving the other set's credentials as they are.

This is my first go at using Active Directory for authenticating against, but my research seems to indicate that is easy enough. 
I am hoping someone has encountered a similar situation before and can provide pointers on the best way to handle this situation.

First idea: Create a custom membership provider that hides all these details, and set this as the default provider. This would minimize any impact on the code already written.

Second idea: Have 2 membership providers in play (Active Directory and Sitefinity database), determine which role the user is in, and attempt to authenticate against the correct provider. This would involve setting up another provider and altering the existing code.

Does anyone else have any other ideas or pointers?

Thanks,
David

Posted by Community Admin on 06-Jan-2014 00:00

Hi David,
We use both AD and SF built in directory. We just have two different pages for logging in. There's a staff page that allows logins from AD and then the general login page for our public users that uses SF's login credentials. 

Posted by Community Admin on 08-Jan-2014 00:00

Hi,

Thank you Amanda for your suggestion. More information about configuring LDAP could be found in our official Sitefinity documentation. Your users could be stored in AD and in the Sitefinity default provider.

Regards,
Stefani Tacheva
Telerik

Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 10-Jan-2014 00:00

Hi Amanda

That would be a nice and easy solution, unfortunately the requirements are for a single login page that just takes in the credentials only.

Still good to know that using AD is fine.

Thanks,
David 

Posted by Community Admin on 15-Jan-2014 00:00

Hi,


There is no dropdown available on the frontend login widget. Sitefintiy by default would try to authenticate the users in the Default MembershipProvider (which by default is the OpenAccessMemebershipProvider that manages the users from the Sitefinity database).

You could create a custom login widget with dropdown, where you could specify your provider. After the provider is selected you could authenticate your users.

Please find a simple custom login widget without a dropdown:
var userName = username.Text;
            var pass = password.Text;
  
            var userMan = UserManager.GetManager();
  
            var currUser = userMan.GetUser(userName);
  
            if (currUser.IsApproved==true)
            
                SecurityManager.AuthenticateUser("Default", userName, pass, true);
            
            else
            
                Label1.Text = "User not active. Please, follow the link in your email to activate your user. Thank you!";
            

The following line gets the default provider:

var userMan = UserManager.GetManager();

You could modify the code and add a dropdown to your widget with the providers.

Regards,
Stefani Tacheva
Telerik
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

This thread is closed