Don't miss out Virtual Happy Hour this Friday (April 26).

Try our conversational search powered by Generative AI!

AI OnAI Off
Loading...
Applies to versions: 10-13
Other versions:
ARCHIVED This content is retired and no longer maintained. See the version selector for other versions of this topic.

Configuring membership providers [Legacy]

Recommended reading 

Episerver Commerce has full support for the standard Episerver Membership and Role Providers, including Multiplex and Active Directory. Episerver Commerce uses the ASP.NET membership provider model to provide secure user management for the framework. By using the provider model, you can write a custom provider to store the user information in any system and still have it function within Episerver Commerce.

Adding a membership provider

  1. When using custom membership, the first step is to add the custom provider to the application by adding a reference to the library containing the provider. By default, you do not need this because the "custom" provider is already referenced.
  2. Define the membership provider in the application web.config file.
    <membership defaultProvider="CMSMembershipProvider">
 <providers>
   <add connectionStringName="MembershipSqlConnection"
        applicationName="eCommerceFramework"
        enablePasswordRetrieval="false"
        enablePasswordReset="false"
        requiresQuestionAndAnswer="false"
        requiresUniqueEmail="true"
        passwordFormat="Hashed"
        passwordStrengthRegularExpression=""
        minRequiredPasswordLength="1"
        minRequiredNonalphanumericCharacters="0"
        name="CMSMembershipProvider"
        type="Mediachase.Commerce.Customers.Profile.Providers.CustomerSqlMembershipProvider, Mediachase.Commerce"
    />
  </providers>
</membership>

The above code shows the configuration of the CustomerSqlMembershipProvider. If you want to replace the provider, change the type to point to the new provider.

Considerations

In Episerver Commerce, you need a way to associate an authenticated user (as given by the membership provider) with a Contact/Customer. Because a property named ProviderUserKey on the MembershipUser object (as returned by a membership provider) is a unique key that identifies the user, we use that identifier.

Unfortunately, ProviderUserKey is typed as Object, and there is no generic way to convert it to something you can store and use for comparisons. To handle this, Episerver Commerce has code to select different conversion methods to/from a string, depending on the type of ProviderUserKey. It currently supports Guids (used by SqlMembershipProvider), Int32 (common choice for database identifier), SID (Windows identity) and byte[] (binary data). This means that, out-of-the-box, any membership provider that uses any of the four data types for the ProviderUserKey works.

If your membership provider uses any other data type for the ProviderUserKey, implement an interface (IConvertUserKey) and register your class with the IoC container in Episerver Commerce.

Do you find this information helpful? Please log in to provide feedback.

Last updated: Mar 31, 2021

Recommended reading