Sitecore extranet authentication

0
votes

I have a site that I'm trying to migrate into my Sitecore instance. The Sitecore instance has multiple sites. For the one site I'm trying to migrate over, there is a login page for external users to login. I'm validating this against an external database. This all works so far. My issue is that I need to prevent the external users from accessing certain pages without logging in(they should be redirected to the login page). The way that this was working when the site was outside of Sitecore was that there was forms authentication being done and when a page was trying to be accessed without the user being logged in the ReturnURL would be used to return the user to the proper page after login.

I'm not sure how to do this now that I have multiple sites inside of my sitecore instance.

Any suggestion?

1
asp.netsitecore

1 Answers

1
votes

This is not very different in Sitecore to how it was done before, except now you can control the security of which pages should be accessible by logged in users with the Sitecore Security Editor. There are a few pieces which you need to hook up in order to get this work properly though.

Have a read through these articles, they should provide everything you need to get this to work:

Set the value of <setting name="NoAccessUrl" value="/sitecore/service/noaccess.aspx" /> in web.config to your Login page (this can be an item in Sitecore) using a patch config and if a user tries to access a restricted page they will be redirected to this page, which will also include the return url parameter.

If you are using an external database to authenticate users then you will also need implement your own membership provider:

Be sure to correctly set the domain attribute of your <site> definition to whatever you set in domains.config and set as the providerName of your <provider> definition.