Try our conversational search powered by Generative AI!

EPiServer CurrentPrincipal Initialization


Below is the following code I have for properly redirecting a user to an authenticated page   

string baseUrl = Request.Url.Scheme + "://" + Request.Url.Authority + Request.ApplicationPath.TrimEnd('/');
                UrlBuilder url = new UrlBuilder(baseUrl + returnUrl);
                object page;
                Global.UrlRewriteProvider.ConvertToInternal(url, out page);

                if (page != null && page is PageReference)
                    // make sure EPiServer authenticates the user
                    if (!User.Identity.IsAuthenticated)
                        EPiServer.Security.PrincipalInfo.CurrentPrincipal = EPiServer.Security.PrincipalInfo.CreatePrincipal(mu.UserName);

                    PageReference reference = (PageReference)page;

                    if (reference.PageData().QueryAccess().Equals(AccessLevel.NoAccess))
                        string URL = string.IsNullOrEmpty(XavierPortalConstants.ErrorPage) ? "\\" : XavierPortalConstants.ErrorPage;
                        URL += "?" + XavierPortalConstants.ErrorCode + "=" + XavierPortalConstants.ErrorCode609;

For the bolded text, is this the best way to initialize the current principal or does anyone see this as any foreseeable issues with this approach? I ask because once logged in, the current user isn't recognized as being authenticated and I need that information on the login page to check if that user has the access to the page that they are getting redirected to. All suggestions welcomed.

Oct 22, 2012 17:51

Im not sure I understand what your after but

Why don't you just let the user login. In the login page you hook up to the logincontrols loggedin event. There you can perform your user right check and do any custom redirects.

But if you have user click on a link like and the user doesn't have access to the page episerver will throw an error and show an error page.

If you google a bit you will find information on how to setup your own custom error pages in episerver.


Oct 22, 2012 21:22

Thanks. I will take that into consideration.

Oct 25, 2012 19:07
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.