Anonymous user access in N2 CMS
N2 CMS
First of all i have to say that N2 CMS i a great Content Management System and really extensible! I discovered it a while ago and i decided to re-develop projects that were built with DotNetNuke with N2.
What do i want?
I want to show a page or a content only to anonymous users. I am using the default ASP.NET Role Provider for Sql Server.
Implementation
So first of all i had to extend that provider. This is how :
public class MyCustomSqlRoleProvider : System.Web.Security.SqlRoleProvider
{
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
if (roleNames.Any(x => x == "Anonymous"))
throw new InvalidOperationException("Cannot add \"Anonymous\" role
to user(s). Role is automaticaly assigned.");
base.AddUsersToRoles(usernames, roleNames);
}
public override string[] GetAllRoles()
{
List<string> roles = base.GetAllRoles().ToList();
roles.Add("Anonymous");
return roles.ToArray();
}
public override bool IsUserInRole(string username, string roleName)
{
if (HttpContext.Current != null &&
!HttpContext.Current.User.Identity.IsAuthenticated &&
HttpContext.Current.User.Identity.Name == username)
{
return roleName == "Anonymous";
}
else
return base.IsUserInRole(username, roleName);
}
}
Nothing fancy here. Just adding the Anonymous Role and checking if user is not logged in and the role being checked is “Anoynoumous” to return true. Also i try to ensure that no one will try to add the '”Anonoymous” role to a registered user.
Next i had to implement an ISecurityManager to do the Authorization. This is how :
public class MyCustomSecurityManager : N2.Security.SecurityManager
{
public MyCustomSecurityManager(IWebContext webContext) : base(webContext) { }
public MyCustomSecurityManager(IWebContext webContext,
N2.Configuration.EditSection config) : base(webContext, config) { }
public override bool IsAuthorized(ContentItem item, IPrincipal principal)
{
bool isAuthorized = base.IsAuthorized(item, principal);
if (!isAuthorized && !principal.Identity.IsAuthenticated &&
item.AuthorizedRoles.Count > 0)
{
isAuthorized = item.AuthorizedRoles.Any(x => x.Role == "Anonymous");
}
return isAuthorized;
}
}
Inheriting from N2.Security.SecurityManager i had to override only the IsAuthorized method to work the way i intended to.
And last but not least i had to add to the web.config the following
<n2>
<engine>
<components>
<add service="N2.Security.ISecurityManager, N2"
implementation="MyCustomSecurityManager, AssemblyName" />
</components>
</engine>
</n2>
Conclusion
I hope to find this post useful. If you have any suggestions or questions please let me know. And i case you haven’t checked N2 CMS just take a quick look.