Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Owen 22 posts 43 karma points
    Mar 14, 2013 @ 18:32
    Owen
    0

    How does Umbraco secure it's internal CMS pages?

    I want to add a page to my Umbraco website that only users who are logged into the Umbraco back end will be able to access, but I haven't been able to figure out how Umbraco does it's authentication.

    All that I've been able to figure out from debugging is that after I log in to Umbraco, I check HttpContext.Current.User.Identity.IsAuthenticated, it's false, so it's not doing authentication that way.

    Does anyone know where I'd find the code where Umbraco does it's authentication checks and sends users back to the login screen if they're not logged in? I need to hook in to this and extend it to my new page.

  • Richard Soeteman 4049 posts 12922 karma points MVP 2x
    Mar 14, 2013 @ 22:27
    Richard Soeteman
    0

    Hi,

    Back-end authentication is handled by an internal mechanism and not by ASP.Net Membership provider. What you can try is check if umbraco.BusinessLogic.User.GetCurrent() is null or not, not sure if this works, but User.GetCurrent() should return the backoffice user.

    Hope this helps,

    Richard

  • Owen 22 posts 43 karma points
    Mar 15, 2013 @ 10:17
    Owen
    0

    Exactly what I was looking for. Thanks!

Please Sign in or register to post replies

Write your reply to:

Draft