Skip to content

Sitecore Corner

Sitecore Tips and Tricks

Tag: Login

Sitecore User Authentication Against External System Using Virtual Users

There are cases in which the client might request that users which are part of an external system (for example the company’s internal system) should be able to login into the CMS. The fastest and the simplest way is to do it via custom login form and virtual users.

By taking this approach there is no need for custom pipelines, handlers, data providers etc. The other plus is that there is a clear separation between the Sitecore membership and the external system membership, because the virtual users are not stored in Sitecore. In fact the virtual users are not stored anywhere and every time a user uses the login screen – the virtual user is recreated.

To achieve this create a simple Web Form that will have two textboxes (for username and password) and a login button (You can see what I did with my amazing front end skills).

External Login Form

Place the following code in the code behind.


namespace Sandbox.External
{
    using System;
    using Sitecore.Security.Authentication;

    public partial class Login : System.Web.UI.Page
    {
        // The domain for external users
        private const string Domain = "external";

        // The role for the external users
        private const string DomainRole = @"external\editor";

        // Redirect to Sitecore if the user is already logged in
        protected void Page_Init(object sender, EventArgs e)
        {
            if (AuthenticationManager.GetActiveUser().IsAuthenticated)
            {
                Response.Redirect(Sitecore.Constants.SitecoreShellPath);
            }
        }

        protected void ButtonLogin_OnClick(object sender, EventArgs e)
        {
            string username = TextBoxUsername.Text;
            string password = TextBoxPassword.Text;

            if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
            {
                // Authenticate Against the External System
                MyExampleAuthenticationProvider authenticationProvider = new MyExampleAuthenticationProvider();

                if (authenticationProvider.Authenticate(username, password))
                {
                    // Create virtual user
                    Sitecore.Security.Accounts.User user =
                        AuthenticationManager.BuildVirtualUser(string.Format(@"{0}\{1}", Domain, username), false);

                    if (user != null)
                    {
                        // Assign roles to the user
                        if (Sitecore.Security.Accounts.Role.Exists(DomainRole))
                        {
                            user.Roles.Add(Sitecore.Security.Accounts.Role.FromName(DomainRole));
                        }

                        // Assign more roles or edit the user profile
                        user.Profile.FullName = "Your User Full Name";

                        // Login the user
                        AuthenticationManager.LoginVirtualUser(user);

                        // Redirect to Sitecore shell
                        Response.Redirect(Sitecore.Constants.SitecoreShellPath);
                    }
                }
            }
        }
    }
}

In the Page_Load event the code checks if the user is already authenticated and in case he is – he gets automatically redirected to the shell site.

The button click tries to authenticate the user against the external system. If the user is successfully authenticated it builds a virtual user, assigns roles to him and redirects to the shell site. Please keep in mind that it is a good practice to create a separate domain that you are going to use for thеse users (in the example – “external”), but the standard extranet domain can be used as well.

There is an option to make the user administrator (which is not recommended even when using the standard Sitecore create user form) by setting the following property:

user.RuntimeSettings.IsAdministrator = true;

Happy authenticating !

Share this:

  • Facebook
  • LinkedIn
  • Twitter
  • Email
  • Print
  • Pocket

Like this:

Like Loading...
Author nsgocevPosted on August 12, 2014August 12, 2014Tags External, Login, Sitecore, Virtual Users2 Comments on Sitecore User Authentication Against External System Using Virtual Users
Sitecore MVP 2017
Sitecore MVP 2016
Sitecore MVP 2015

Archives

  • October 2017
  • January 2016
  • November 2015
  • September 2015
  • August 2015
  • June 2015
  • May 2015
  • March 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014

Follow me on Twitter

My Tweets

Stack Overflow

Stack Overflow

Sitecore Stack Exchange

Recent Posts

  • Sitecore 9, xConnect, SSL and that 403 Forbidden
  • Sitecore MVC Autofac Dependancy Resolution
  • Sitecore SVG Support
  • Sitecore Custom Workflow Email Action
  • The Amazing World of RAZL Part 2 – Script Like A Boss

Recent Comments

Cris Corra on Permissions Required To Edit R…
Sitecore Commerce 9… on Sitecore 9, xConnect, SSL and…
Sitecore Commerce 9… on Sitecore 9, xConnect, SSL and…
Sitecore 9 XConnect… on Sitecore 9, xConnect, SSL and…
Sitecore 9 – Error W… on Sitecore 9, xConnect, SSL and…

Tags

  • Admin
  • Diagnostics
  • Log
  • Logging
  • Parameter Templates
  • RAZL
  • SEO
  • Sitecore
  • Speak UI
  • Sublayout

RSS

  • RSS - Posts

Enter your email address to follow this blog and receive notifications of new posts by email.

Sitecore Corner Blog at WordPress.com.
Cancel

 
Loading Comments...
Comment
    ×
    loading Cancel
    Post was not sent - check your email addresses!
    Email check failed, please try again
    Sorry, your blog cannot share posts by email.
    %d bloggers like this: