U4-11 - FormsAuthentication for back office login

Created by Matt Brailsford 20 Jun 2012, 10:46:00 Updated by Shannon Deminick 18 Sep 2013, 23:56:31

Relates to: U4-2142

Is required for: U4-29

Is required for: U4-30

Subtask of: U4-2891

Could borrow nearly all the code from v5 for this


Shannon Deminick 31 Jul 2013, 07:10:35

We finally have FormsAuthentication implemented for all cookie based authentication in the back office! :)

This will actually save quite a lot of queries because we can store much of the information we need in the cookie for user interaction/validation on each request.

Now, need to implement a token based authentication for our web api's (public access). Luckily we still have our user/timeout/session table which we can use for this.

Shannon Deminick 01 Aug 2013, 00:08:31

I'm marking this as 'not' backwards compatible only because the way that the cookie is stored. That said, the usage of the API will not break compatibility but there are a few obsoleted methods and methods that no longer perform any functions such as setting the umbracoUserContextID of the BasePage, in fact the umbracoUserContextID doesn't perform any functions now at all.

Priority: Task - Pri 1

Type: Feature (request)

State: Fixed


Difficulty: Normal

Category: Security

Backwards Compatible: False

Fix Submitted:

Affected versions: 4.5.2

Due in version: 7.0.0


Story Points: