Kentico CMS 7.0 Developer's Guide

Authentication overview

Authentication overview

Previous topic Next topic Mail us feedback on this topic!  

Authentication overview

Previous topic Next topic JavaScript is required for the print function Mail us feedback on this topic!  

The system supports both forms and Windows authentication. The forms authentication stores user names and passwords in the database and requires users to log on. The Windows authentication gets user identity from the network credentials and automatically creates a corresponding user in the database, including the user’s roles (if they exist in the CMS database).

 

 

InfoBox_Arrow

 

Accessing current user data in code

 

When the user is authenticated, a CMS.CMSHelper.CurrentUserInfo object representing the current user is stored in the session variable CMSCurrentUser and is accessible through the CMSHelper.CMSContext.CurrentUser property. All operations after authentication then use the user profile and user roles assigned to this object.

 
[C#]
 

// gets the user name of the current user
string userName = CMS.CMSHelper.CMSContext.CurrentUser.UserName;

 

Configuring forms authentication

 

Forms authentication is configured as the default option. It uses standard ASP.NET forms authentication and its settings, which you can find in your application's web.config file:

 

<system.web>

 
...

 
<authentication mode="Forms">
  <forms loginUrl="CMSPages/logon.aspx" defaultUrl="Default.aspx" name=".ASPXFORMSAUTH" timeout="60000" slidingExpiration="true" />
</authentication>

 
...

 
<system.web>

 

If you're running multiple web projects in virtual directories, and the projects have the same machine key defined, users logging in to one of the websites will be automatically logged in to sites running on other projects. To prevent that, add the path parameter to the above code in each project, as in the following example:

 

<authentication mode="Forms">
<forms loginUrl="CMSPages/logon.aspx" defaultUrl="Default.aspx" name=".ASPXFORMSAUTH" timeout="60000" slidingExpiration="true" path="KenticoCMS" />
</authentication>

 

Additional configuration options related to user passwords may also be defined in the system, as described in the Password management chapter.

 

Membership provider and ASP.NET 2.0 Membership support

 

Kentico CMS contains an ASP.NET 2.0 Membership provider for its user database. This means you can use ASP.NET 2.0 Membership API and controls, such as Login control. However, Kentico CMS uses its own user information database instead of the ASP.NET 2.0 Membership tables. Please see Membership internals and API -> Database tables for detailed information about the membership database structure.

 

Configuring Windows authentication

 

Please see the Windows authentication (Active Directory) sub‑chapter to learn more.

 

Configuring custom authentication

 

If you want to retrieve user and role information from an external source (such as a custom database), you need to configure the system as described in the Integrating authentication with external systems topic.