We are facing an interesting issue on the Kentico Cms site. When a user goes to our site, they can login as a User to the website (custom database, no Kentico Authorization). Once the user has logged in, we redirect them to some Kentico pages.

Whenever the user logs in (not from CMS Desk or anything, just a login control we use), we do our custom authentication and then do: FormsAuthentication.SetAuthCookie(username, false);

However, I have noticed that this login doesn’t seem to work as the cookie that I set automatically gets deleted and the user keeps on getting pushed back to the login page.

In my firebug (in FireFox) I explicitly see the cookie being set and then deleted right away, and because the cookie is deleted right away, it doesn’t think the request is authenticated, thereby redirecting the user back to the login page again and again.

Something else that might interest you, when I login as another user, say abcUser,
the cookie doesn’t get deleted. Funny thing is, abcUser is also a user on the CMS Desk.

So something tells me, that when we have a username that is common b/w Kentico Users and actual custom users, the cookie doesn't get deleted. However, when the username isn't matched up in the Kentico DB, the cookie gets deleted.

On further research, we found out that the cookie is deleted immediately following the
OnPreInit event after the line base.OnPreInit(e);

Now my Q to you guys is:
1. How can I just authenticate users against my database and then just log them in and make their requests authenticated within the context of the CMS App

2. We know there is a custom security handler. But we don't need it since we're not changing the way the Kentico Site Admins/Editors login. We understand that if we want to handle Kentico logins using our custom db, then we need to proceed with a custom security handler.


Awaiting yoru response.