Installation and deployment Questions on installation, system configuration and deployment to the live server.
Version 5.x > Installation and deployment > Authenticating user with external database View modes: 
User avatar
Member
Member
dylan-eastproject - 6/9/2011 3:57:00 PM
   
Authenticating user with external database
So, I have caught on to making web parts with user controls but I am having a bit of a problem authenticating users. My Setup: 1 web server I am putting a new kentico cms on an existing website, for testing purposes I have it in the /www directory. I have it all setup and running. I'm to a part where I need to start authenticating users from my external database. The Kentico database is on the same server as my users but in a separate database. So, on my login page I setup a web part to deal with the logging in with just the standard username and password boxes, along with a button. I am very used to VB so this may just be a syntax problem(even though I am showing no errors). Here is my ideal way to do this: Authenticate from my external user database and add the user into the Kentico database with the appropriate role. Much like this http://devnet.kentico.com/docs/devguide/index.html?security_handler.htm Right now, I am trying to verify that the person logging in authenticates with my current user database and then authenticates with the kentico user database. I setup a test account on both databases with the same username and password. I will explain what the classes below the btnLogin_Click do but most just call stored procedures to search through my external database for the user information. so here is the first part of my login.ascs.cs:

protected void btnLogin_Click(object sender, System.EventArgs e)
{
if (EAST.User.Authenticate(txtUsername.Text, txtPassword.Text) == true)
{
EAST.User usr = new EAST.User(EAST.User.GetUserId(txtUsername.Text));
if (usr.Exists)
{
if (usr.IsActive)
{
if (usr.IsApproved)
{
if (usr.HasValidEmail)
{
EAST.User.Login(txtUsername.Text, chkRememberMe.Checked);
UserInfo user = null;
user = CMS.SiteProvider.UserInfoProvider.AuthenticateUser(txtUsername.Text, txtPassword.Text, CMS.CMSHelper.CMSContext.CurrentSiteName);
if (user != null)
{
// Authentication was successful
}

*********

public static bool Authenticate(string Username, string Password)
{
DataTable tbl = EAST.Data.GetDataSet("CheckLogin", Username).Tables[0];
if (tbl.Rows.Count > 0)
{
DataRow row = tbl.Rows[0];
if (Convert.ToBoolean(EAST.Security.CompareHash(Password.ToString(), row["Password"].ToString())) == true)
{
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}

***************

public static void Login(string Username, bool PersistentCookie)
{
HttpContext.Current.Session.Abandon();
System.Web.Security.FormsAuthentication.RedirectFromLoginPage(Username, PersistentCookie);
}

***********************

public static int GetUserId(string Username)
{
DataTable tbl = EAST.Data.GetDataSet("SelectUserId", Username).Tables[0];
if (tbl.Rows.Count > 0)
{
return Convert.ToInt32(tbl.Rows[0]["UserId"]);
}
else
{
return 0;
}
}

**********************************


Am I making this way too complicated? I've tried cutting back to just the very first if statement and still, nothing happens, the login page just does a postback like it's not even recognizing the button is wired up. Oh, and I didn't forget to put in

using CMS.SiteProvider;
public partial class CMSWebParts_EASTwebparts_login : CMSAbstractWebPart


Any suggestions?

User avatar
Kentico Support
Kentico Support
kentico_jurajo - 6/10/2011 3:01:45 AM
   
RE:Authenticating user with external database
Hi,

I think you are doing it more complicated than it is. You just need to use the custom security handler as you mentioned and use the logon web part provided by Kentico CMS on some logon page for your Kentico web site. When the user will hit logon button, the custom security handler is fired and it will check if the user exists in Kentico DB or not. If not, the user will be authenticated against your external DB where you will look up the user name and password.

Then, the user is created in Kentico DB as well.

Best regards,
Juraj Ondrus