Handling custom claims-based authentication
You can use global events to define custom actions that the system performs after a user signs in or out of the Xperience administration using claims-based authentication. See the SecurityEvents section of the global event reference to learn more about the available options.
Live site authentication scenarios
The examples on this page show how to customize authentication for the Xperience administration, and the code only works when deployed to the Xperience administration project.
To learn about implementation and customization options for claims-based live site authentication, see Configuring external authentication.
Sign-in events
To set up a custom action, which the system performs after a user tries to access the Xperience administration, implement a handler for the SecurityEvents.AuthenticationRequested.Execute event. For example, you can set up your own redirection to an identity provider.
The following code is a simple example of a custom module class that writes information into the system event log when a user attempts to access the Xperience administration.
using CMS;
using CMS.Core;
using CMS.DataEngine;
using CMS.Membership;
// Registers the custom module into the system
[assembly: RegisterModule(typeof(CustomAuthenticationModule))]
public class CustomAuthenticationModule : Module
{
// Module class constructor, the system registers the module under the name "CustomAuthentication"
public CustomAuthenticationModule()
: base("CustomAuthentication")
{
}
// Contains initialization code that is executed when the application starts
protected override void OnInit()
{
base.OnInit();
// Assigns a handler to the SecurityEvents.AuthenticationRequested.Execute event
// This event occurs when users attempt to access the Xperience administration
SecurityEvents.AuthenticationRequested.Execute += SignIn_Execute;
}
// Handler method that writes the URL from which the authentication request was made into the event log
// You can replace it with your custom code
private void SignIn_Execute(object sender, AuthenticationRequestEventArgs e)
{
string message = string.Format("Custom code handled the authentication event on URL: {0}", e.RequestedUrl);
Service.Resolve<IEventLogService>().LogInformation("Custom code", "SIGN_IN", message);
}
}
Sign-out events
To set up a custom action that the system performs after a user signs out of the Xperience administration, implement a handler for theĀ SecurityEvents.SignOut.Before event. For example, you can set up simultaneous sign-out from an external CRM or another system.
The following code is a simple example of a custom module class that writes information into the system event log when a user attempts to sign out of the Xperience administration.
using CMS;
using CMS.Core;
using CMS.DataEngine;
using CMS.Membership;
// Registers the custom module into the system
[assembly: RegisterModule(typeof(CustomAuthenticationModule))]
public class CustomAuthenticationModule : Module
{
// Module class constructor, the system registers the module under the name "CustomAuthentication"
public CustomAuthenticationModule()
: base("CustomAuthentication")
{
}
// Contains initialization code that is executed when the application starts
protected override void OnInit()
{
base.OnInit();
// Assigns a handler to the SecurityEvents.SignOut.Before event
// This event occurs when users attempt to sign out of Xperience
SecurityEvents.SignOut.Before += SignOut_Before;
}
// Handler method that writes the username and sign-out URL into the event log
// You can replace it with your custom code
private void SignOut_Before(object sender, SignOutEventArgs e)
{
string message = string.Format("Custom code handled the sign-out event for user {0} on URL {1}", e.User.FullName, e.SignOutUrl);
Service.Resolve<IEventLogService>().LogInformation("Custom code", "SIGN_OUT", message);
}
}