Authenticating against Active Directory and Sitefinity database
Hi
I am building a site that basically has two sets of users. These are differentiated via roles. Currently all credentials are stored in the Sitefinity database and when logging in, this is where the credentials are checked against.
The client has come back and asked that one set of users are to be authenticated against their Active Directory forest, while leaving the other set's credentials as they are.
This is my first go at using Active Directory for authenticating against, but my research seems to indicate that is easy enough.
I am hoping someone has encountered a similar situation before and can provide pointers on the best way to handle this situation.
First idea: Create a custom membership provider that hides all these details, and set this as the default provider. This would minimize any impact on the code already written.
Second idea: Have 2 membership providers in play (Active Directory and Sitefinity database), determine which role the user is in, and attempt to authenticate against the correct provider. This would involve setting up another provider and altering the existing code.
Does anyone else have any other ideas or pointers?
Thanks,
David
Hi David,
We use both AD and SF built in directory. We just have two different pages for logging in. There's a staff page that allows logins from AD and then the general login page for our public users that uses SF's login credentials.
Hi,
Thank you Amanda for your suggestion. More information about configuring LDAP could be found in our official Sitefinity documentation. Your users could be stored in AD and in the Sitefinity default provider.
Regards,
Stefani Tacheva
Telerik
Hi Amanda
That would be a nice and easy solution, unfortunately the requirements are for a single login page that just takes in the credentials only.
Still good to know that using AD is fine.
Thanks,
David
Hi,
var userName = username.Text;
var pass = password.Text;
var userMan = UserManager.GetManager();
var currUser = userMan.GetUser(userName);
if
(currUser.IsApproved==
true
)
SecurityManager.AuthenticateUser(
"Default"
, userName, pass,
true
);
else
Label1.Text =
"User not active. Please, follow the link in your email to activate your user. Thank you!"
;
var userMan = UserManager.GetManager();