API
Version 7.x > API > Custom Authentication using External Database without creating new CMS User View modes: 
User avatar
Member
Member
Alex.Gorbunov - 3/11/2013 1:28:45 PM
   
Custom Authentication using External Database without creating new CMS User
Hi,

Is there any possibility to authenticate user using External database without creating new Kentico user ? We have already had the database with users and now trying to avoid duplication of user data in our external db and Kentico one .

Thanks !

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 3/11/2013 2:39:09 PM
   
RE:Custom Authentication using External Database without creating new CMS User
Done what you're talking about with Kentico and a Microsoft CRM database before.

We manually created a user in Kentico and assigned a security role for each security role in the existing database. Then when the authentication process happened, we'd get the external db user info, including role(s), and compare them to the roles for the Kentico site. If one of the roles was found, it authenticated the Kentico user assigned to that role. The beauty of this is you can still use the built in security.

The key is to make your Role names the same in Kentico as they are in your existing db. This will make life a lot easier.

User avatar
Member
Member
Alex.Gorbunov - 3/12/2013 10:04:19 AM
   
RE:Custom Authentication using External Database without creating new CMS User
Thanks for your response !

The problem is that we need not only authentication through external database, but also we are going to use Kentico features like Friends or Private Messaging.

As far as I understand in the way you mentioned this features will work only for one user per role, I mean, the different users in external db under the same role will get all messages for this role. It's my assumption, I am not sure it's correct.

If there is a manner to change the source of users or retrieve user data on fly, I suppose, it may resolve our problem.

Thanks !

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 3/13/2013 5:03:17 PM
   
RE:Custom Authentication using External Database without creating new CMS User
Have you thought about using the Import Toolkit to import the Users into Kentico?

There is really no reason you can't create your own webpart or control to perform authentication and display a users name and username. As I mentioned we setup one user and role combination. You could very well setup a new user with many roles, all depends on the combination you have in your existing database.

Keep in mind Friends and Private Messaging (as well as other features) are setup out of the box to work with Kentico Users and authentication so if you want to use an external source you might be looking at creating a new Membership Provider and/or rewriting the modules and webparts you want to use. I guess it all comes down to how set are you on keeping your users in the external database...

User avatar
Member
Member
Alex.Gorbunov - 3/14/2013 8:56:27 AM
   
RE:Custom Authentication using External Database without creating new CMS User
Thanks for your answer .) I've completely forgotten about Import Toolkit, it will make our lives easier.

It's very strange, my search knowledge seems to be very poor, cause I've just found the topic with the similar question: http://devnet.kentico.com/Forums/f45/fp6/t22241/Custom-database-integration.aspx

Also we've got approval for using external users in Kentico, so the main condition of avoiding data duplication is not necessary to meet now.

Thanks for your help !

User avatar
Kentico Customer Success
Kentico Customer Success
kentico_martind2 - 3/14/2013 11:03:18 AM
   
RE:Custom Authentication using External Database without creating new CMS User
Hi Alex,

To Avoid data duplication you can check the "Skip Existing object" option during importing via Import toolkit, please take a look at the step no. 2 in the Developers Guide - Import Toolkit Initial Steps.

Best regards,
Martin Danko

User avatar
Member
Member
Alex.Gorbunov - 3/14/2013 11:18:30 AM
   
RE:Custom Authentication using External Database without creating new CMS User
Thanks Martin !

But under "Data duplication" I mean the same user data in external db and Kentico db. As far as I understand to use Kentico's features out-of-box we have to had the users in Kentico database anyway, so it is not possible to use only external user storage without rewriting modules and web parts.

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 3/14/2013 3:34:58 PM
   
RE:Custom Authentication using External Database without creating new CMS User
Alex.Gorbunov wrote: As far as I understand to use Kentico's features out-of-box we have to had the users in Kentico database anyway, so it is not possible to use only external user storage without rewriting modules and web parts.
You might go back and read my response again. You have the option to rewrite those modules and webparts. You could also create a custom membership provider that connects to your external datasource.

There is some info here for security handlers that should help.

User avatar
Member
Member
rlull - 5/2/2013 2:19:50 PM
   
RE:Custom Authentication using External Database without creating new CMS User
FroggEye - Implementing the solution you described prevents you from having to rewrite modules and webparts, correct? (Because your users' roles in your external database will correspond to one or more users with those roles defined in the Kentico database) Does this require purchasing the Kentico source code or can you accomplish this in the code behind of a custom login control, for example?

User avatar
Kentico Customer Success
Kentico Customer Success
kentico_martind2 - 5/3/2013 7:48:36 AM
   
RE:Custom Authentication using External Database without creating new CMS User
Hello,

You don't need the source code license to modify some modules, controls or Web Parts.

Best regards,
Martin Danko