Jump to:

5513 Posts in 1732 Topics by 1218 members

Customising the CMS

SilverStripe Forums » Customising the CMS » [SOLVED] Different Login/Authenticator for Site/CMS

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 1099 Views
  • Dave L
    Avatar
    Community Member
    56 Posts

    [SOLVED] Different Login/Authenticator for Site/CMS Link to this post

    Hi,

    The site I'm working on has a different authentication model for web users. However, it's not secure enough for admin so I disabled admin access using this method use the main authentication for admin. Is there any way to show my CustomAuthenticator when requesting access to the website, but normal MemberAuthenticator when requesting access to the CMS?

    I've got as far as showing both when anonymous users are trying to access secure pages. However, I don't want web users to see the admin authentication. When I unregister MemberAuthenticator, admins have no access method.

    I've tried unregistering MemberAuthenticator and calling MemberLoginForm independently, but when login fails it sends you to Security/login and the site Login (not the independent CMS login).

    Ideally, I'd like some way to unregister MemberAuthenticator when Director::siteMode() = 'site' (requesting site), and register it when Director::siteMode() = 'cms' (requesting cms)

  • Dave L
    Avatar
    Community Member
    56 Posts

    Re: [SOLVED] Different Login/Authenticator for Site/CMS Link to this post

    Workaround:

    1. Disable MemberAuthenticator, so only customer login shows on normal /Security/login requests

    _config.php:

    Authenticator::register_authenticator('CustomerAuthenticator');
    Authenticator::set_default_authenticator('CustomerAuthenticator');
    Authenticator::unregister_authenticator('MemberAuthenticator');

    2. Create rule to have a new CMS entry point (in this case "/manager" ), in reality this is just a pointer to the standard MemberAuthenticator, now disabled for all standard security login requests.

    _config.php:

    Director::addRules(100, array('manager' => 'AdminLogin_Controller',));

    3. Create a new controller to handle this entry point, ensure any bad logins get redirected back to it.

    class AdminLogin_Controller extends Page_Controller {

    function init() {
    Session::set('BadLoginURL', '/manager'); parent::init();
    }

    function Form() {
    return new MemberLoginForm?($this, "LoginForm");
    }

    function Title() {
    return "Admin Log in";
    }
    }

    1099 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.