Custom login page with custom authentication

Alex Golebiewski asked on July 27, 2016 17:59

Can anyone point me in the right direction, I have a custom logon form and it authenticates a user correctly and seems to be working fine but won't redirect to the admin interface. The redirect goes to /Admin/CMSAdministration.aspx. Why if authenticated, won't it redirect to the admin user interface for that user?

Authenticate Method in LogonForm web part

if (MFAuthenticationHelper.IsMultiFactorRequiredForUser(userName))
{
    var plcPasscodeBox = Login1.FindControl("plcPasscodeBox");
    var plcLoginInputs = Login1.FindControl("plcLoginInputs");
    var txtPasscode = Login1.FindControl("txtPasscode") as CMSTextBox;

    if (txtPasscode == null)
    {
        return;
    }
    if (plcPasscodeBox == null)
    {
        return;
    }
    if (plcLoginInputs == null)
    {
        return;
    }

    // Handle passcode
    var passcode = txtPasscode.Text;
    txtPasscode.Text = String.Empty;

    var provider = new CMSMembershipProvider();

    // Validate username and password
    if (plcLoginInputs.Visible)
    {
        if (provider.MFValidateCredentials(userName, Login1.Password))
        {
            // Show passcode screen
            plcLoginInputs.Visible = false;
            plcPasscodeBox.Visible = true;
        }
    }
    // Validate passcode
    else
    {
        if (provider.MFValidatePasscode(userName, passcode))
        {
            e.Authenticated = true;
        }
    }
}
else
{
    var isValid = Membership.Provider.ValidateUser(userName, Login1.Password);
    e.Authenticated = isValid;
}

Logged in method in LogonForm web part

 // Ensure response cookie
CookieHelper.EnsureResponseCookie(FormsAuthentication.FormsCookieName);

// Set cookie expiration
if (Login1.RememberMeSet)
{
    CookieHelper.ChangeCookieExpiration(FormsAuthentication.FormsCookieName, DateTime.Now.AddYears(1), false);
}
else
{
    // Extend the expiration of the authentication cookie if required
    if (!AuthenticationHelper.UseSessionCookies && (HttpContext.Current != null) && (HttpContext.Current.Session != null))
    {
        CookieHelper.ChangeCookieExpiration(FormsAuthentication.FormsCookieName, DateTime.Now.AddMinutes(Session.Timeout), false);
    }
}

// Current username
var userName = Login1.UserName;

// Get info on the authenticated user
var ui = UserInfoProvider.GetUserInfoForSitePrefix(userName, SiteContext.CurrentSite);
var siteName = SiteContext.CurrentSiteName;

// For site prefix user, authenticate manually
if (ui != null)
{
    if (UserInfoProvider.UserNameSitePrefixEnabled(siteName) && UserInfoProvider.IsSitePrefixedUser(ui.UserName))
    {
        AuthenticationHelper.AuthenticateUser(ui.UserName, Login1.RememberMeSet);
    }
}
// Check whether safe user name is required and if so get safe username
else if (RequestHelper.IsMixedAuthentication() && UserInfoProvider.UseSafeUserName)
{
    userName = ValidationHelper.GetSafeUserName(userName, SiteContext.CurrentSiteName);

    if (UserInfoProvider.UserNameSitePrefixEnabled(siteName))
    {
        // Check for site prefix
        ui = UserInfoProvider.GetUserInfoForSitePrefix(userName, SiteContext.CurrentSite);
        if (ui != null)
        {
            userName = ui.UserName;
        }
    }

    AuthenticationHelper.AuthenticateUser(userName, Login1.RememberMeSet);
}

// Set culture
var drpCulture = (CMSDropDownList)Login1.FindControl("drpCulture");
if (drpCulture != null)
{
    var selectedCulture = drpCulture.SelectedValue;

    // Not the default culture
    if (selectedCulture != "")
    {
        // Update the user
        if (ui != null)
        {
            ui.PreferredUICultureCode = selectedCulture;
            UserInfoProvider.SetUserInfo(ui);
        }

        // Update current user
        MembershipContext.AuthenticatedUser.PreferredUICultureCode = selectedCulture;
    }
}

// Return url is not specified or is relative path or hash is valid
URLHelper.Redirect(DefaultTargetUrl);

Thank you, Alex

Recent Answers


Brenden Kehren answered on July 27, 2016 18:28 (last edited on July 27, 2016 18:28)

Are you getting an error or any kind?

Are you setting the actual property to redirect to the Admin interface or is it using the returnurl query string value?

Does the user have permissions to view the Admin UI?

0 votesVote for this answer Mark as a Correct answer

Alex Golebiewski answered on July 27, 2016 18:58

Hi Brenden,

No there are no errors. I'm setting the returnurl in the properties of the logon form web part. It's read in and shows /Admin/CMSAdministration.aspx when debuggin.

Yes the user is a global administrator

0 votesVote for this answer Mark as a Correct answer

Alex Golebiewski answered on July 27, 2016 19:44

Ok so I got it to work for the Administrator (Local) user. The other global administrator that I'm trying to login is marked as external user and domain user. Is there anything different I need to do for that user?

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.