开发者

Anonymous users with sitecore domains

I'm checking if this is a sitecore bug, or if I'm missing something obvious.

EDIT FOR CLARIFICATION: The problem I'm having is that I'm trying to set up the configuration settings in the Domains.config file so that Sitecore shouldn't be creating (and/or returning) an anonymous user for a domain set up this way. However, if I use the Domain.GetUsers() function on the domain, I still get the anonymous user returned.

The membership provider is a custom built and connects to LDAP in开发者_C百科 read only mode.

Details

Using Sitecore 6.4.1 and given the following domain configuration in App_Config/Security/domains.config

<domain name="DOMAINNAME" ensureAnonymousUser="false" anonymousUserName="" everyoneRoleName="" />

and these comments in that domain.config file

anonymousUserName: <snip> Set to blank to disable the anonymous user for the domain. Optional
ensureAnonymousUser: Indicates if the domain should ensure that an anonymous user for the domain exists in the Membership database. Optional - default value: false
everyoneRoleName: <snip> Set to blank to disable the everyone role for the domain. Optional - default value: Everyone

If I use the following code,

List<Sitecore.Security.Accounts.User> users = new List<Sitecore.Security.Accounts.User>();
var domain = Sitecore.Security.Domains.Domain.GetDomain(DOMAINNAME);
users.AddRange(domain.GetUsers().ToArray<Sitecore.Security.Accounts.User>());

I get the anonymous user included in users list. I assumed from the comments in the domain.config file that I shouldn't get the anonymous user if I set up my domain as above.

Is there something obvious that I'm missing?


Just a guess as I have not used 6.4 yet or tweaked any of those types of setting before... but I believe Sitecore always comes pre-packaged with the Anonymous user in the membership. By setting ensureAnonymousUser to false you're just telling it not to ensure its there, but its already there by default. Why don't you try this test:

  1. Set ensureAnonymousUser to true then delete [*] the Anonymous user from the user manager.
  2. Log out and back in and see if it's there again. If so then the "ensure" aspect of that worked. So...
  3. Set ensureAnonymousUser to false then do the same thing. Does the user come back?

This is really just a hunch on how it works -- I don't have an environment like that setup right now to play with, but its worth a shot.

[*] - to delete a user form the User Manager, go to Sitecore > Security > User Manager


I think it's more question to membership provider you use. Take a look at Active Directory Module

Maybe this is something that could help you.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜