Security handler (CustomSecurityHandler class)

  Previous topic Next topic JavaScript is required for the print function Mail us feedback on this topic! Mail us feedback on this topic!  

The security handler allows you to integrate external user databases and modify the authentication and authorization process.

 

It handles the following events:

OnAuthentication - the user tries to sign in with user name and password
OnClassNameAuthorization - checking user's permissions for particular document type
OnResourceAuthorization - checking user's permissions for particular module
OnTreeNodeAuthorization - checking user's permissions for particular document
OnFilterDataSetByPermissions - filtering a DataSet with documents based on permissions or custom personalization rules

 

Example

 

In the following example, you will learn how to integrate an external user authentication using the custom security handler. For simplicity, it doesn't use any particular database. Instead, it only checks if the current user name and password are equal to some constants.

 

In real-world scenario, you will need to replace this condition with lookup of the user name with given password in your external database.

 

Put the following code inside the OnAuthentication method:

 

[C#]

 

using CMS.SiteProvider;

using CMS.CMSHelper;

 

// Check if the user was authenticated by the system

if (userInfo != null)

{

   return userInfo;

}

 

// Sample external user credentials

UserInfo usr = null;

 

// Not authenticated, authenticate from the external source

if ((username.ToLower() == "externaluser") && (password == "pass"))

{

   // Create base user record if user found

   usr = new UserInfo();

   usr.IsExternal = true;

   usr.UserName = "externaluser";

   usr.FullName = "external user";

   usr.Enabled = true;

            

   // Init user sites and roles if requested

   Hashtable rolesTable = new Hashtable();

   string siteName = CMSContext.CurrentSite.SiteName;

   // Assign user to the current site

   usr.SitesRoles[siteName.ToLower()] = rolesTable;

   // Add new role "external role" and assign it to the user

   rolesTable["external role"] = 0;                

}

 

// Return the user info

return usr;   

 

Page url: http://devnet.kentico.com/docs/devguide/index.html?security_handler.htm