Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Lynicon has a built in membership system based on ASP.Net Membership.  There are a number of points where this is set up and accessed.

Configuration

There a several changes that need to be made to the web.config file to use the built in membership system.  You can see these on the Manual Installation page.  These are standard configuration elements for ASP,Net Membership.  One key attribute is on the <add name="LightweightMembershipProvider"...> tag, the attribute is 'initPassword' and this value is used as the password for any user who has a null password field.

Also required is to in global.asax.cs add an event handler for OnPostAuthenticateRequest which calls LyniconSecurityManager.Current.EnsureLightweightIdentity().  This sets up ASP.Net with the identity of any logged in user from the built in system.

The Membership System

The membership system features an extensible User type.  This can be extended as described in the Extend a Type section.  This allows the client code to add extra fields into the membership record.

Roles in the membership system are made very simple, they are single letters.  The core roles are A - Admin, E - Editor, U - User.  You can use any single letter as a role simply by adding to it a user's details.  The intention is that instead of the 'A' admin role being set up as authorized in any place where a 'U' user role is authorized, that an 'A' user always has the role 'U' as well.

Authorizing Action Methods

The built in system works with AuthorizeAttribute, and when you are setting the required role, the name is simply the appropriate single letter.

Logging In

You can build a custom log in system for site users, and then call

 

LyniconSecurityManager.Current.LoginUser(login.UserName, login.Password);

 

to actually log the user in - this returns null if there is no such user or their password is wrong.

There is also the standard editor login at /Lynicon/Login, which is the login page which is part of the CMS UI.

Getting the Current User

You can get the current user by calling:

 

LyniconSecurityManager.Current.User

 

It returns null if there is no logged in user.

User Management

You can get to the User Management page by clicking 'Users' on the Lynicon bar at the bottom of the screen, or just going to /Lynicon/Users. This opens a list/details editor for users.  You can set a user's password here by typing it in the password box in clear text, then clicking 'Encrypt'. (then saving the user record).

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.