Forums (Obsolete)

Member

agerace-ag.state.oh - 10/28/2009 11:13:17 AM

Authentication On 3 Values

The problem I am having is im using the CustomSecurityHandler class with an outside authentication procedure I need to authenticate on 3 different fields (Username, Password, and ORI) ORI is something we use to distinguish where the user is loging in from. ORI is a user input. I added to the to the user table in the System tables. But how do I pass the user input from the login form to the CustomSecurityHandler class.


Member	agerace-ag.state.oh - 10/29/2009 5:44:44 PM RE:Authentication On 3 Values I'm worried you guys haven't respond because you guys are unsure about how to do this as I am, lol. Any ideas?

Member

agerace-ag.state.oh - 11/6/2009 4:19:58 PM

RE:Authentication On 3 Values

Thought I would share how I completed this in case anyone else runs into this.

I didn't want to change Kentico Code to make it easier to upgrade in the future. I simply cloned the webpart, then in the clone I added a text field for the new authentication field. The stored it in a session when they click log in and retrieved it in the CustomSecurityHandler.

Kentico Support

kentico_zdenekc - 11/9/2009 6:43:34 PM

RE:Authentication On 3 Values

Hello,

well, you're partially right, we've been solving very similar request to achive this scenario recently.

Our logon process is built on standard membership provider and the custom security handler accepts just username and password, i.e. 2 values.

In our solution sketch, the modified logon form uses one additional field. Its value is appended to the username in the Login1_loggingIn handler method from logon form codebehind, and in the OnAuthentication method of the security handler, the username in the form "username_thirdfieldname" is split apart and required values are used.
One disadvantage may appear if the login is not succesfull - the username with appended value would be displayed..

The solution with storage in session property is also possible (and might solve that issue).

Best regards,
Zdenek C.

Member

agerace-ag.state.oh - 11/10/2009 8:03:42 AM

RE:Authentication On 3 Values

Well I have another wrinkle for you guys.

When they log into Kentico, Kentico checks to see if they are a Kentico User if they are not they hit my Customer Log on check. The problem I have is when they are authenticated with the 3rd party system I want them to have a different user name then what they log in with. So this shows up up in the forums and whatever i dont want to display the true username they use when the log in.

So they log in with jsmith12345
I want to set the Kentico User Name to John.Smith

When I do this it does not create the user or log them in. Any ideas?

Kentico Support

kentico_zdenekc - 11/12/2009 7:28:26 PM

RE:Authentication On 3 Values

Hi,

I don't know the details of your solution, but if you put an username which is different from the existing username in database, you will need to manually set the forms authentication cookie for the existing username in the Login1_LogedIn handler method of the logon form (in codebehind). You could use this method:

FormsAuthentication.SetAuthCookie(actualUserName, true);

Anyway I'm not sure if changing username is required for your aims. You could use usernickname to store the "nicer" user name that should be displayed in the forums and other places...

Regards,
Zdenek C.