Authentication for Extranet users

Vote:
 
Is there more to read about the different user authentication models in EPiServer 4.61? I find it some confusing with the different authentication functions like EPiServer.Security.AuthenticationProvider, Principals, Memberships, System.Web.Security.FormAuthentication.SetAuthCookie/Authenticate, etc. It would help with just a simple login form for an extranet user with authentication logics. Not the one EPiServer delivers cheeting with Utils/CTLogin ;-) Anyone, please? Regards, Andreas Ek.
#13349
Mar 25, 2008 18:36
Vote:
 
The login form in /templates/login.aspx is a good start. Change the authentication tag in web.config to point to this instead. Authenticating extranet users is nothing different than authenticating editors or administrators. It is done in the same way, what makes you an extranet user is what you can see and do. If you want to create your own login form for extranet users, what you need to do is create two textboxes to collect the username and password, add a button to call EPiServer.Util.LoginBase.Login(username, password, persist). That will try to authenticate the user, write the auth cookie and cache the credentials for subseqent requests. You will have to do a redirect if the authentication is successful in order to have a complete authenticated request, as the button click event is fired rather late in the event chain. /Steve
#15627
Mar 25, 2008 18:47
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.