|
||
The system supports both forms and Windows authentication. The forms authentication stores user names and passwords in the database and requires users to log on. The Windows authentication gets user identity from the network credentials and automatically creates a corresponding user in the database, including the user’s roles (if they exist in the CMS database).
|
Accessing current user data in code
When the user is authenticated, a CMS.CMSHelper.CurrentUserInfo object representing the current user is stored in the session variable CMSCurrentUser and is accessible through the CMSHelper.CMSContext.CurrentUser property. All operations after authentication then use the user profile and user roles assigned to this object.
|
Forms authentication is configured as the default option. It uses standard ASP.NET forms authentication and its settings, which you can find in your application's web.config file:
<system.web> |
If you're running multiple web projects in virtual directories, and the projects have the same machine key defined, users logging in to one of the websites will be automatically logged in to sites running on other projects. To prevent that, add the path parameter to the above code in each project, as in the following example:
<authentication mode="Forms"> |
Additional configuration options related to user passwords may also be defined in the system, as described in the Password management chapter.
Kentico CMS contains an ASP.NET 2.0 Membership provider for its user database. This means you can use ASP.NET 2.0 Membership API and controls, such as Login control. However, Kentico CMS uses its own user information database instead of the ASP.NET 2.0 Membership tables. Please see Membership internals and API -> Database tables for detailed information about the membership database structure.
Please see the Windows authentication (Active Directory) sub‑chapter to learn more.
If you want to retrieve user and role information from an external source (such as a custom database), you need to configure the system as described in the Integrating authentication with external systems topic.