The system supports both forms and Windows authentication. The forms authentication stores user names and passwords in the database and requires users to log on. The Windows authentication gets user identity from the network credentials and automatically creates a corresponding user in the database, including the user’s roles (if they exist in the CMS database).

 

 

Configuring forms authentication

 

Forms authentication is configured as the default option. It uses standard ASP.NET forms authentication and its settings, which you can find in your application's web.config file:

 

 

If you're running multiple web projects in virtual directories, and the projects have the same machine key defined, users logging in to one of the websites will be automatically logged in to sites running on other projects. To prevent that, add the path parameter to the above code in each project, as in the following example:

 

 

Additional configuration options related to user passwords may also be defined in the system, as described in the Password management chapter.

 

Membership provider and ASP.NET 2.0 Membership support

 

Kentico CMS contains an ASP.NET 2.0 Membership provider for its user database. This means you can use ASP.NET 2.0 Membership API and controls, such as Login control. However, Kentico CMS uses its own user information database instead of the ASP.NET 2.0 Membership tables. Please see Membership internals and API -> Database tables for detailed information about the membership database structure.

 

Configuring Windows authentication

 

Please see the Windows authentication (Active Directory) sub‑chapter to learn more.

 

Configuring custom authentication

 

If you want to retrieve user and role information from an external source (such as a custom database), you need to configure the system as described in the Integrating authentication with external systems topic.