London Dev Meetup Rescheduled! Due to unavoidable reasons, the event has been moved to 21st May. Speakers remain the same—any changes will be communicated. Seats are limited—register here to secure your spot!
AI OnAI Off
Cannot get SqlServerMembershipProvider to work
Hi,
Make sure you have mapped the correct groups in EPiServerFramework.config, i.e. CmsAdmin and CmsEditors. By default I think those groups are only mapped to Administrators. You might need to add AD groups as well.
<episerver.framework>
<scanAssembly forceBinFolderScan="true" />
<virtualRoles replacePrincipal="true">
<providers>
<add name="Administrators" type="EPiServer.Security.WindowsAdministratorsRole, EPiServer.Framework" />
<add name="Everyone" type="EPiServer.Security.EveryoneRole, EPiServer.Framework" />
<add name="Authenticated" type="EPiServer.Security.AuthenticatedRole, EPiServer.Framework" />
<add name="Anonymous" type="EPiServer.Security.AnonymousRole, EPiServer.Framework" />
<add name="Creator" type="EPiServer.Security.CreatorRole, EPiServer" />
<add name="PackagingAdmins" roles="WebAdmins, Administrators" mode="Any" type="EPiServer.Security.MappedRole, EPiServer.Framework" />
<add name="CmsAdmins" roles="WebAdmins, Administrators" mode="Any" type="EPiServer.Security.MappedRole, EPiServer.Framework" />
<add name="CmsEditors" roles="WebEditors" mode="Any" type="EPiServer.Security.MappedRole, EPiServer.Framework" />
</providers>
</virtualRoles>
<geolocation defaultProvider="maxmind">
<providers>
<add name="maxmind" databaseFileName="[appDataPath]\Geolocation\GeoLiteCity.dat" type="EPiServer.Personalization.Providers.MaxMind.GeolocationProvider, EPiServer.ApplicationModules" />
</providers>
</geolocation>
<virtualPathProviders>
<clear />
<add name="ProtectedAddons" virtualPath="~/ui/" physicalPath="[appDataPath]\Modules" type="EPiServer.Web.Hosting.VirtualPathNonUnifiedProvider, EPiServer.Framework" />
</virtualPathProviders>
<appData basePath="..\AppData" />
</episerver.framework>
You need those groups in web.config as well. Search for <authorization>, then you will find all places that needs to be updated. You can add all additional groups here, or just add CmsAdmins or CmsEditors instead.
Edited,
Jun 02, 2014 18:37
Hi Magnus,
I have the same "problem" on my work laptop :)
When I'm in the office I can log in to admin mode with my AD account.
When I'm at home, and don't use VPN, I cannot log in to admin mode with the same AD account.
What always helps is SqlServer Role/Membership provider.
In this forum thread, I've described how to create an epi admin user from the code: http://world.episerver.com/Modules/Forum/Pages/Thread.aspx?id=86653
Or you can create one "by hand" using ASP.NET Configuration tool in Visual Studio.
Your web.config looks fine.
If you only want to use SqlServer Role/Membership provider, then your web.config should look like this:
<roleManager enabled="true" defaultProvider="SqlServerRoleProvider" cacheRolesInCookie="true">
<providers>
<clear />
<add name="SqlServerRoleProvider" connectionStringName="EPiServerDB" applicationName="EPiServerSample" type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
<membership defaultProvider="SqlServerMembershipProvider" userIsOnlineTimeWindow="10" hashAlgorithmType="HMACSHA512">
<providers>
<clear />
<add name="SqlServerMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="EPiServerDB" requiresQuestionAndAnswer="false" applicationName="EPiServerSample" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
</providers>
</membership>Hope this helps!
Jun 02, 2014 18:49
Hi!
I'm trying to create a sql user with no luck.
If i use WindowsMembershipProvider i cannot create SQL-users.
If i use MultiplexingMembershipProvider i cannot login with my domain account. I can login with a local windows admin account but has no access to the admin page in Episerver.
MultiplexingMembershipProvider do work when the site is published on another server but if i set up a SQL account there and move the database to my local machine the user/group looses its administration permissions.
What am i supposed to do?
Why dosen't my domain account work when using MultiplexingMembershipProvider?
<roleManager enabled="true" defaultProvider="MultiplexingRoleProvider" cacheRolesInCookie="true"> <providers> <clear /> <add name="MultiplexingRoleProvider" type="EPiServer.Security.MultiplexingRoleProvider, EPiServer.Framework" provider1="SqlServerRoleProvider" provider2="WindowsRoleProvider" providerMap1="SqlServerMembershipProvider" providerMap2="WindowsMembershipProvider" /> <add name="WindowsRoleProvider" applicationName="EPiServerSample" type="EPiServer.Security.WindowsRoleProvider, EPiServer" /> <add name="SqlServerRoleProvider" connectionStringName="EPiServerDB" applicationName="EPiServerSample" type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </roleManager> <membership defaultProvider="MultiplexingMembershipProvider" userIsOnlineTimeWindow="10" hashAlgorithmType="HMACSHA512"> <providers> <clear /> <add name="MultiplexingMembershipProvider" type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer.Framework" provider1="SqlServerMembershipProvider" provider2="WindowsMembershipProvider" /> <add name="WindowsMembershipProvider" type="EPiServer.Security.WindowsMembershipProvider, EPiServer" deletePrefix="BUILTIN\" searchByEmail="true" /> <add name="SqlServerMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="EPiServerDB" requiresQuestionAndAnswer="false" applicationName="EPiServerSample" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" /> </providers> </membership>