November Happy Hour will be moved to Thursday December 5th.

Best way to create an EpiServer CMS Website with a custom log in page

Vote:
 

I want to be able to create an EpiServer website with its own login page but thill be able to go to the /episerver endpoint for CMS Administration.

What is the best way to get started in making this happen. Ultimately, each site we create under the root will need its own custom login page.

I'm sure once I receive some answers I'll have additional questions but any advice on how to start would be appreciated.

Thanks.

#186496
Dec 20, 2017 20:43
Vote:
 

<authentication mode="Forms">
<forms name=".EPiServerLogin" loginUrl="Util/login.aspx" timeout="120" defaultUrl="~/" />
</authentication>

Is the default for the whole site. You could create different authentication nodes for different locations of the site with the <Location node.
But the easiest might just be to actually do a redirect on the login page to different pages depending on the criteria.

#186517
Dec 21, 2017 13:11
Vote:
 

My config file is this

 <authentication mode="None">
      <forms name=".EPiServerLogin" loginUrl="Util/login.aspx" timeout="120" defaultUrl="~/" />
</authentication>

I am using owin authentication so everything is setup in my startup class.

The code is here

        public void Configuration(IAppBuilder app)
        {

            // Add CMS integration for ASP.NET Identity
            app.AddCmsAspNetIdentity<ApplicationUser>();

            // Remove to block registration of administrators
            app.UseAdministratorRegistrationPage(() => HttpContext.Current.Request.IsLocal);

            // Use cookie authentication
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString(RystadGlobal.LoginPath),
                Provider = new CookieAuthenticationProvider
                {
                    // If the "/util/login.aspx" has been used for login otherwise you don't need it you can remove OnApplyRedirect.
                    OnApplyRedirect = cookieApplyRedirectContext =>
                    {
                        app.CmsOnCookieApplyRedirect(cookieApplyRedirectContext, cookieApplyRedirectContext.OwinContext.Get<ApplicationSignInManager<ApplicationUser>>());
                    },

                    // Enables the application to validate the security stamp when the user logs in.
                    // This is a security feature which is used when you change a password or add an external login to your account.
                    OnValidateIdentity = ValidateIdentity

                }
            });


            app.UseTokenBasedAuthentication();
        }

I have a custom login page which logs in users coming from an external api. I add roles and this is how I do it

IList<Claim> claimCollection = new List<Claim>
            {
                new Claim(ClaimTypes.Name, ui.name)
                , new Claim(ClaimTypes.Email, ui.email)
            };

            foreach (string role in ui.roles)
            {
                claimCollection.Add(new Claim(ClaimTypes.Role, role));
            }


            var claimsIdentity = new RystadIdentity(claimCollection, token, tokenType, ui);
            AuthenticationTicket ticket = new AuthenticationTicket(claimsIdentity, authProperties);

Now some of these users could also have admin roles and they should also be able to access Episerver admin/edit site without doing any other login. So basically they are not episerver users but have roles as episerver users. 

I have added WebAdmins role to the user but can't get them in the admin/edit mode. Any ideas on this?




                        
#186520
Dec 21, 2017 13:52
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.