Default membership provider must be specified

Vote:
 

Hi,

I have a website running on EPiserver 10.4.3. I have replaced SQL Server role and membership providers with ASP.NET Identity, as described on the following link: http://world.episerver.com/documentation/developer-guides/CMS/security/episerver-aspnetidentity/

When I log in for the first time, I get the following error message:

And this is from the IIS Express console: 

If I then hit the refresh button, I can get into the edit mode, and this error message doesn't appear anymore.

Is this a known issue? Is there a workaround?

Thanks!

#176258
Mar 14, 2017 15:35
Vote:
 

The "happens only the first time" error was because this is done by ProfileModule, which only kicks in if you log in. The next request, you're already authenticated then it won't happen anymore.

However it's very strange. Quicksilver is currently using AspNetIdentity and we have no such problem. Would you mind posting your web.config here?

#176262
Mar 14, 2017 15:46
Vote:
 

https://github.com/episerver/Quicksilver/blob/master/Sources/EPiServer.Reference.Commerce.Shared/Identity/SiteUser.cs 

#176263
Mar 14, 2017 15:49
Vote:
 

Web.config is quite big. Something specific I should look at?

#176265
Mar 14, 2017 15:56
Vote:
 

Probably no - I wanted to make sure everything is correct. But it seems that for commerce site you should/must have the SiteUser as I posted above. My suspicion is this method

public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<SiteUser> manager)
{
// Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType
var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);

// Add custom user claims here
userIdentity.AddClaim(new Claim(ClaimTypes.Email, Email));

if (!String.IsNullOrEmpty(FirstName))
{
userIdentity.AddClaim(new Claim(ClaimTypes.GivenName, FirstName));
}

if (!String.IsNullOrEmpty(LastName))
{
userIdentity.AddClaim(new Claim(ClaimTypes.Surname, LastName));
}
return userIdentity;
}

is needed. 

Haven't tried it, thought 

#176270
Mar 14, 2017 16:09
Vote:
 

Besides adding the SiteUser class a couple of things needs to be in place in order to get ASP.NET identity to work with Commerce Manager, which are currently (3/3-2018) not mentioned in the documentation on "Support for OpenID Connect in Episerver Commerce" (https://world.episerver.com/documentation/developer-guides/commerce/security/support-for-openid-connect-in-episerver-commerce/).

So the full recipie to get ASP.NET with Commerce Manager is the following:

  1. Follow the documentation on "Support for OpenID Connect in Episerver Commerce" (https://world.episerver.com/documentation/developer-guides/commerce/security/support-for-openid-connect-in-episerver-commerce/).
  2. Add the SiteUser class to your project (https://github.com/episerver/Quicksilver/blob/master/Sources/EPiServer.Reference.Commerce.Shared/Identity/SiteUser.cs)
  3. Add the files Login.aspx.cs, Login.aspx.designer.cs and Logout.aspx.cs from the Quicksilver EPiServer.Reference.Commerce.Manager project (https://github.com/episerver/Quicksilver/tree/master/Sources/EPiServer.Reference.Commerce.Manager
  4. Add the UpdateLoginPage build task from the EPiServer.Reference.Commerce.Manager.csproj to your Commerce Manager project csproj file.
  5. If you are not using version 11.8.1 it may be necessary to remove the panel with id RegisterPanel from the Apps\Shell\Pages\Login.aspx file. At least it is necessary for version 10.8 and below. One way of removing the panel is to extend the UpdateLoginPage build task with the following lines.
// Remove RegisterPanel in order to avoid Membership provider not found error when using OWIN authentication 
var pageFile = File.ReadAllText(pagePath); 
var panelRegEx = new Regex("<asp:Panel ID=\"RegisterPanel\".*?</asp:Panel>", RegexOptions.Singleline); 
pageFile = panelRegEx.Replace(pageFile, string.Empty, 1); 
File.WriteAllText(pagePath, pageFile);

I have written the Episerver support and suggested the official documentation is updated.

#188784
Mar 03, 2018 11:31
Vote:
 

@rfj Having the same issue, I got it working with ApplicationUser, and without going through the OpenID Connect steps (minus cleaning out the membership/role providers in Web.config). But I would still be spinning on it without your write up. Thank you!

#194631
Jun 27, 2018 2:45
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.