Where to set custom authorization?

Topics: Core
Dec 14, 2011 at 2:17 PM

I need to be able to have a custom authorization through a webservice, not use the Orchard users DB. Is this possible? Must I add each user to the Orchard DB during the authorization and then set their role to Authenticated?

Where would I do this?

Dec 15, 2011 at 1:23 AM

You just need to replace the membership implementation with your own.

Dec 15, 2011 at 3:09 PM

I see no Membership project nor do I see a Security project even though I see this in the AccountController.cs file:

using Orchard.Security;

Dec 15, 2011 at 3:14 PM

Ok, I think I may have found it.

public IUser ValidateUser(string userNameOrEmail, string password)

in Orchard.Users/Service/MembershipService.cs.

I'm not sure if this is the only thing I need to modify.