Its been long time since wanted to discuss about this use case which is related to Sitecore Virtual User .Let see What actually it is .
Recently came across a scenario where business do not want users and roles to be created in sitecore cms instead they wanted to store there users in external system or custom database where they can create new users assign them roles .
creating a custom database and creating users and assigning role using web api we can do in sitecore mvc project and achieve this easily .
Next part of the requirement was in sitecore content tree each page will be specific to some user roles and based on user role when user login in website they can see assigned screens .
So, as I was aware of api creation and ajax call for creating users and roles in custom db and assigning role to the users was kind of easy for me but when it comes to login to sitecore and assigning pages to those roles which actually do not exist in sitecore was the tricky part for me as when we login using external user to sitecore . .NET Identity will authorize the users, but we still need a Sitecore Membership User for authentication.Login was not allowed with those users .
In this scenario Virtual User Concept came in to picture for rescue .I was aware about virtual user term in sitecore but actually I have not used it before so based on research I tried to use this concept to complete business requirement.
Sitecore Virtual Users are users which actually do not exists in sitecore .Once the user have been authorized (username/password matches) by the external system, we can create a virtual user that Sitecore will recognize as a normal user and based on our requirement we can get the current context role and user related information.
Below is the code snippet to create the Virtual User and assign role to the user:
// Create Virtual User
var virtualUser = Sitecore.Security.Authentication.AuthenticationManager.BuildVirtualUser(externalDomain\userName, true);
// You can add roles to the Virtual user
foreach (var role in UserRoles)
{
virtualUser.Roles.Add(Sitecore.Security.Accounts.Role.FromName(role));
}
// Login the virtual user
Sitecore.Security.Authentication.AuthenticationManager.LoginVirtualUser(virtualUser);
After this we can access below information and write our custom logic if any
// This will return TRUE
Sitecore.Context.User.IsAuthenticated;
// This will return “extranet\user@domain.com”
Sitecore.Context.User.Name;
// This will return “My user”
Sitecore.Context.User.Profile.Name;
// This will return “1”
Sitecore.Context.User.Roles.Count;
Important Note : By default Sitecore does not honor the timeout expiration to this kind of user . To avoid having numbers of Virtual Users being orphaned in Sitecore we should always use below code snippet where we have logout logic written based on our code base to delete and logout virtual user.
Sitecore.Security.Authentication.AuthenticationManager.Logout();
VirtualUser.User.Delete();
This was the small and useful concept which I learned from this business requirement .
As a developer when we get some requirement after understanding the requirement our next work will be to achieve this technically and we are not sure what to search where to start to help someone in similar situation I have written this blog .As someone’s search might match with my use case and it will help to save time.
So keep learning and keep writing ….
