Read auth cookie created by another web application

Jon Bowen asked on January 23, 2018 18:21

I have a situation where another web application is authenticating users that are stored in its own database. I want my Kentico application to use that cookie to determine if a user is logged in or not (except for the admin side, that will still use the Kentico login form). The web application performing the login has the same machine key as the kentico web application, along with the same form name, cookie name, path, etc. that are required for ASP .NET to read the authentication cookie.

I've verified the cookie is present and can be read. But Kentico seems to be discarding the cookie since the user name isn't in its database. I just need to know if a user is logged in or not so that I can change some minor UI things. Is this possible in Kentico?

Thank you in advance.

Correct Answer

Eric Garrison answered on January 23, 2018 18:50

Pretty Simple. Just drop this into an editable text block: {% Cookies["CMSPreferredCulture"] |(identity)GlobalAdministrator%}

It should pull back en-US from the cookies and display on your page.

0 votesVote for this answer Unmark Correct answer

Recent Answers

Eric Garrison answered on January 23, 2018 18:32

I am assuming your app is on the same domain so you can read the cookie properly. It seems like you need to read a param out of that cookie to check status of Logged in or not: Open inspector in Chrome -> switch to Application -> Cookies and see your cookies with all parameters. I would not use Is_Authenticated, would set your visibility based off macro and value in that cookie.

0 votesVote for this answer Mark as a Correct answer

Jon Bowen answered on January 23, 2018 18:42

Thank you for the quick reply! The cookie is definitely there and the apps are on the same domain. There aren't any errors in the event log about failing to parse the cookie either.

Is it difficult to have a macro check for a cookie?

0 votesVote for this answer Mark as a Correct answer

Jon Bowen answered on January 23, 2018 19:07

Awesome, thank you so much!

One last thing. Kentico is deleting the authentication cookie after it loads a page. I'm assuming it is because the user specified in the cookie isn't in the Kentico user database. Is there anyway to prevent it from deleting the cookie?

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.