Try our conversational search powered by Generative AI!

Best way to create an EpiServer CMS Website with a custom log in page


I want to be able to create an EpiServer website with its own login page but thill be able to go to the /episerver endpoint for CMS Administration.

What is the best way to get started in making this happen. Ultimately, each site we create under the root will need its own custom login page.

I'm sure once I receive some answers I'll have additional questions but any advice on how to start would be appreciated.


Dec 20, 2017 20:43

<authentication mode="Forms">
<forms name=".EPiServerLogin" loginUrl="Util/login.aspx" timeout="120" defaultUrl="~/" />

Is the default for the whole site. You could create different authentication nodes for different locations of the site with the <Location node.
But the easiest might just be to actually do a redirect on the login page to different pages depending on the criteria.

Dec 21, 2017 13:11

My config file is this

 <authentication mode="None">
      <forms name=".EPiServerLogin" loginUrl="Util/login.aspx" timeout="120" defaultUrl="~/" />

I am using owin authentication so everything is setup in my startup class.

The code is here

        public void Configuration(IAppBuilder app)

            // Add CMS integration for ASP.NET Identity

            // Remove to block registration of administrators
            app.UseAdministratorRegistrationPage(() => HttpContext.Current.Request.IsLocal);

            // Use cookie authentication
            app.UseCookieAuthentication(new CookieAuthenticationOptions
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString(RystadGlobal.LoginPath),
                Provider = new CookieAuthenticationProvider
                    // If the "/util/login.aspx" has been used for login otherwise you don't need it you can remove OnApplyRedirect.
                    OnApplyRedirect = cookieApplyRedirectContext =>
                        app.CmsOnCookieApplyRedirect(cookieApplyRedirectContext, cookieApplyRedirectContext.OwinContext.Get<ApplicationSignInManager<ApplicationUser>>());

                    // Enables the application to validate the security stamp when the user logs in.
                    // This is a security feature which is used when you change a password or add an external login to your account.
                    OnValidateIdentity = ValidateIdentity



I have a custom login page which logs in users coming from an external api. I add roles and this is how I do it

IList<Claim> claimCollection = new List<Claim>
                new Claim(ClaimTypes.Name,
                , new Claim(ClaimTypes.Email,

            foreach (string role in ui.roles)
                claimCollection.Add(new Claim(ClaimTypes.Role, role));

            var claimsIdentity = new RystadIdentity(claimCollection, token, tokenType, ui);
            AuthenticationTicket ticket = new AuthenticationTicket(claimsIdentity, authProperties);

Now some of these users could also have admin roles and they should also be able to access Episerver admin/edit site without doing any other login. So basically they are not episerver users but have roles as episerver users. 

I have added WebAdmins role to the user but can't get them in the admin/edit mode. Any ideas on this?

Dec 21, 2017 13:52
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.