Graceful way to link to item in Sitecore client?

3
votes

I am looking for the best way to link to an item in the Sitecore client (not the external website). The link will be embedded in a broken links report email. The user should be able to click the link and launch the Sitecore content editor with that Item auto-selected in the tree.

I have found Mark Ursino's solution on his blog here, but unfortunately, it only works if you are actively logged into Sitecore (Otherwise, it brings you to the Sitecore Desktop after logging in).

I am running Sitecore.NET 6.4.1 (rev. 110324)

UPDATE

Just to close the loop on Marko's solution:

public void Process(LoggedInArgs args)
{
    string url = HttpUtility.UrlDecode(WebUtil.GetQueryString("url"));

    // Ensure we're dealing with the client login site and there is a URL to redirect to
    if (Sitecore.Context.GetSiteName() == "login" &&
        !String.IsNullOrEmpty(url))
    {
        var queryString = WebUtil.ParseQueryString(url);

        // Check for redirect param to prevent accidental redirections 
        if (queryString.ContainsKey("redirectAfterLogin"))
                WebUtil.Redirect(url);
    }
}
3
sitecoresitecore6

3 Answers

2
votes

Here's what I've used before:

There's an option in the sitecore web.config to send through raw url's. Set that on using this patch file 

<setting name="Authentication.SaveRawUrl">
  <patch:attribute name="value">true</patch:attribute>
</setting>

Then, I added an additional processor into the loggedin processor after the CleanupUserProfile which reads the querystring parameter(s) and redirects to the appropriate page. This processor is called everytime, regardless of if the user has logged in before, or not.

The signature for my custom logged in processor is 

namespace [...]
{
    public class LoginModeSwitcher
    {
        public void Process(LoggedInArgs args)
        {
            // your code here
        }
    }
}

This is the patch config I've used for the logged in processor:

<processors>
  <loggedin>
    <processor patch:after="*[@type='Sitecore.Pipelines.LoggedIn.CleanupUserProfile, Sitecore.Kernel']" mode="on" type="[...].LoginModeSwitcher, [ASSEMBLY]" />
  </loggedin>
</processors>

The links in the email link contain a querystring parameter to tell my code that we want to redirect after login and other querystring parameters to tell it where to redirect the user.

3
votes

You'd want to have a single page that all you're links point to which process the login and then redirect to Sitecore. You'd want to add a few querystring parameters to the url of the links in the email such as: itemID and serialCode. I highly recommend, because of the security implications of doing this type of thing, that you setup an encrypted code that can be sent in the links that can be unencrypted and checked against a stored code for that particular report to ensure the person trying to login is who you sent the email to. After checking the code you would access the low level user credentials which you could store in your web.config to login automatically. Then you'd use the itemID to determine which item to open in the content editor. (Note that sidestepping Sitecore's login process will open security holes you should be prepared to defend against)

Another less complicated and more secure option would be to email a summary and notification of the new report with a link to the Sitecore login page. Then create a custom application within Sitecore to create and view these reports. The email's intended recipient can then login and use this application to view it when they've been notified. It would be similar to how the log viewer works. Once inside Sitecore's desktop mode they could flip between the content editor and your custom application which could then have a list of links to all the items. This of course depends on the flexibility of your client.

0
votes

I think the easiest solution by far would be to simply roll your own login page. There is nothing that the default Sitecore login is doing that you can't do yourself very easily in a new page... one that then automatically redirects the user to the appropriate item in Content Editor.

This is essentially the same as mstiles first suggestion, minus the auto-login process. That's just a security breach waiting to happen... don't do that.