|
Member
|
neeraj.jain-aonhewitt
-
11/14/2011 12:39:32 AM
New Custom Security implementation - Kentico 6
Hi,
I want to implement custom authentication in kentico 6.0. Earlier i was using the CustomSecurityHandler with version 5.5R2
Can you explain/guide how to use the new mechanism introduced in version 6. Any sample soluton/code would be highly appreciated.
Thanks Neeraj
|
|
|
Member
|
kentico_michal
-
11/14/2011 1:07:25 AM
RE:New Custom Security implementation - Kentico 6
Hello, You need to create a partial class CMSLoaderAttribute and a new custom attribute class by inheriting from the CMSLoaderAttribute attribute. For example: [CustomClassLoaderModuleLoader] public partial class CMSModuleLoader {
/// <summary> /// Attribute that ensures the loading of custom classes. /// </summary> private class CustomClassLoaderModuleLoaderAttribute : CMSLoaderAttribute {
public override void Init() { SecurityEvents.Authenticate.Execute += new EventHandler<AuthenticationEventArgs>(Authenticate_Execute); }
void Authenticate_Execute(object sender, AuthenticationEventArgs e) { string userName = e.UserName; string password = e.Password; UserInfo user = e.User; }
}
} Some related information can be found here: Event handlers overview. However, there was a bug reported by another customer. So, please apply the latest hotfix 6.0.5 since you might encounter an issue with the code above. Best regards, Michal Legen
|
|
|
Member
|
neeraj.jain-aonhewitt
-
11/14/2011 3:58:25 AM
RE:New Custom Security implementation - Kentico 6
Hello,
I have written the code which you mentioned, but when i am debugging my application, the compiler is not going inside the breakpoint added in the Authenticate_Execute() event handler at the time of login from front-end.
Is there anything else which needs to be done apart from this ?
I also checked for the Hotfixes, the latest hotfix available is 6.0.4, from where can i get the 6.0.5 version ?
Thanks Neeraj
|
|
|
Member
|
kentico_michal
-
11/14/2011 6:35:16 AM
RE:New Custom Security implementation - Kentico 6
Hello,
There is nothing else that needs to be done. This should be sufficient to get it work. The hotfix 6.0.5 will be released tomorrow. So, please try to apply it, once it is released.
Best regards, Michal Legen
|
|
|
Member
|
neeraj.jain-aonhewitt
-
11/15/2011 12:05:57 AM
RE:New Custom Security implementation - Kentico 6
Hi Michal,
Thanks for the information.
Do we need to register the class in web.config?
We do not anticipate using CustomProviders though. Not sure how to register this class.
Regards, Neeraj
|
|
|
Member
|
kentico_michal
-
11/16/2011 4:09:53 AM
RE:New Custom Security implementation - Kentico 6
Hello, You can define this class directly in the App_Code folder as it is described in the documentation without the need to be compiled into an additional assembly or registering in the web.config file: Customizing providers from the App_Code folderBest regards, Michal Legen
|
|
|
Member
|
Raja Tirumala Rao
-
11/23/2011 5:13:09 PM
RE:New Custom Security implementation - Kentico 6
Hi ,
Is this resolved after applying he hotfix ?
|
|
|
Member
|
Raja Tirumala Rao
-
11/23/2011 5:45:16 PM
RE:New Custom Security implementation - Kentico 6
I have applied hot fix 6 , that does not seem to havefixed the issue, also show how the version number on the cms desk shows 6.0.4343
|
|
|
Member
|
Raja Tirumala Rao
-
11/24/2011 11:06:07 PM
RE:New Custom Security implementation - Kentico 6
This issue got resolved, when i have upgraded from Kentico 6 base version to hotfix 6 the web config some how got overwritten , i just had to enable the debugging.
There was an issue with this type of custom security handling untli hotfix 4 , this got resolved in hotfix 5.
|
|
|
Member
|
Jay
-
12/2/2011 3:07:26 AM
RE:New Custom Security implementation - Kentico 6
I seem to at least see this method being executed in my version of the code, however I can't find any documentation on how to return a valid user that i've authenticated outside of kentico.
Is there some doco you can point me at that shows me that?
Thanks
Jay
|
|
|
Member
|
kentico_michal
-
12/2/2011 3:27:27 AM
RE:New Custom Security implementation - Kentico 6
Hello, Please take a look at the following code snippet that could give you some inspiration: void Authenticate_Execute(object sender, AuthenticationEventArgs e) { // Check if the user was authenticated by the system if (e.User != null) { return; }
// Custom authentication // Create a new user or use an existing one
user.IsExternal = true; e.User = user; }
First, you should check if the user was authenticated by the system by checking the e.User property. If not, you can perform your custom authentication and the resulted UserInfo set to e.User property. Best regards, Michal Legen
|
|
|
Member
|
Jay
-
12/2/2011 2:33:36 PM
RE:New Custom Security implementation - Kentico 6
Really appreciate your help on this. My code looks like this: private void Authenticate_Execute(object sender, AuthenticationEventArgs e) { if (e.User != null) { return; }
UserInfo u = new UserInfo(); u.UserName = e.UserName; u.FullName = "Full Name Here"; u.Email = "mail@mail.com"; u.UserEnabled = true; u.UserIsExternal = true; e.User = u; }
However when I attempt to login i'm still not being authenticated. Is there anything special I need to do?
|
|
|
Member
|
Jay
-
12/2/2011 3:14:12 PM
RE:New Custom Security implementation - Kentico 6
I'm not so sure this code is executing now - how do I register this custom event?
|
|
|
Member
|
kentico_michal
-
12/5/2011 12:30:02 AM
RE:New Custom Security implementation - Kentico 6
Hello, You need to create a partial class CMSLoaderAttribute and a new custom attribute class by inheriting from the CMSLoaderAttribute attribute. For example: [CustomClassLoaderModuleLoader] public partial class CMSModuleLoader {
/// <summary> /// Attribute that ensures the loading of custom classes. /// </summary> private class CustomClassLoaderModuleLoaderAttribute : CMSLoaderAttribute {
public override void Init() { SecurityEvents.Authenticate.Execute += new EventHandler<AuthenticationEventArgs>(Authenticate_Execute); }
void Authenticate_Execute(object sender, AuthenticationEventArgs e) { // ... }
}
I would like to point you to following articles for more information: - Event handlers overview- Custom providers App_CodeMoreover, please apply the latest hotfix if you have not already done so, because there was a bug related to custom handlers. Best regards, Michal Legen
|
|