.NET Identity will authorize the users, but we still need a Sitecore Membership User for authentication. To do this job, Sitecore created the Virtual User. A Virtual User is in effect a one-time, memory only Sitecore User than can be created on the fly without the use of a password.
Once the user have been authorized (username/password matches) by the external system, we can create a virtual user that Sitecore will recognize as a normal user:
// Create virtual user var virtualUser = Sitecore.Security.Authentication.AuthenticationManager.BuildVirtualUser("extranet\\email@example.com", true); // You can add roles to the Virtual user virtualUser.Roles.Add(Sitecore.Security.Accounts.Role.FromName("extranet\\MyRole")); // You can even work with the profile if you wish virtualUser.Profile.SetCustomProperty("CustomProperty", "12345"); virtualUser.Profile.Email = "firstname.lastname@example.org"; virtualUser.Profile.Name = "My User"; // Login the virtual user Sitecore.Security.Authentication.AuthenticationManager.LoginVirtualUser(virtualUser);
After the user have been authenticated using the LoginVirtualUser function, Sitecore will assume the identity of this user:
// This will return TRUE Sitecore.Context.User.IsAuthenticated; // This will return "extranet\email@example.com" Sitecore.Context.User.Name; // This will return "My user" Sitecore.Context.User.Profile.Name; // This will return "1" Sitecore.Context.User.Roles.Count; // This will return "12345" Sitecore.Context.User.Profile.GetCustomProperty("CustomProperty");
Please note that Sitecore states that if you use the User.Profile, they cannot guarantee that they will not write to the ASP.Net Membership database, although this cannot be confirmed with my current version 8.0 of Sitecore. I did not get anything written to my CORE database.
MORE TO READ:
- Sitecore Virtual Users, a lightweight way to perform authentication for external users by SitecoreInsight
- Sitecore Users and C# by myself