AI OnAI Off
how to create an empty starter project which works?
In web.config, you have a section like this. Change this to allow all users access to admin mode, then you can enter admin mode without having to log in, and create your user. Change the configuration back afterward.
<location path="Episerver/CMS/admin">
<system.web>
<authorization>
<allow roles="WebAdmins" />
<deny users="*" />
</authorization>
</system.web>
</location>
Nov 15, 2019 12:54
johnv
- Nov 15, 2019 15:21
Hi I tried this but it doesnt work. I still cant login with my windows user.
Hi,
I think the issues you're having stem from the fact that you have a choice of how you implement authentication within your Episerver site. If you install an empty site, it will use the older provider model, using SqlServerMembershipProvider with a fallback to WindowsMembershipProvider. Presumably, the idea is to make it as simple as possible to get started by allowing you to login with your windows login. As you've found out however, that isn't always applicable. By contrast, the Alloy site uses the newer asp.Net Identity model for authentication which requires some manual configuration if you're setting it up in an empty site as described here:
https://world.episerver.com/documentation/developer-guides/CMS/security/episerver-aspnetidentity/
You should be able to get around your current login issues as follows:
In web.config, find the virtualRoles node inside episerver.framework. It should look something like this:
<virtualRoles addClaims="true">
<providers>
<add name="Administrators" type="EPiServer.Security.WindowsAdministratorsRole, EPiServer.Framework" />
<add name="Everyone" type="EPiServer.Security.EveryoneRole, EPiServer.Framework" />
<add name="Authenticated" type="EPiServer.Security.AuthenticatedRole, EPiServer.Framework" />
<add name="Anonymous" type="EPiServer.Security.AnonymousRole, EPiServer.Framework" />
<add name="CmsAdmins" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebAdmins, Administrators" mode="Any" />
<add name="CmsEditors" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebEditors" mode="Any" />
<add name="Creator" type="EPiServer.Security.CreatorRole, EPiServer" />
</providers>
</virtualRoles>
Temporarily replace the <add name="Administrators" type="EPiServer.Security.WindowsAdministratorsRole, EPiServer.Framework" /> line with the following:
<add name="Administrators" type="EPiServer.Security.AuthenticatedRole, EPiServer.Framework" />This will make all logged in users administrators so it's important that you revert this change once you've added a real admin user.
Log in to the Episerver CMS using your network login. As described above, you should now be logged in as an administrator.
Go to the admin section and click "Administer groups" in the left hand menu under "Access Rights". Click the "Add" button and add a group called "WebAdmins".
Click on "Create User" in the left hand menu under "Access Rights". Fill in the details to create a user ensuring you add your user to the "WebAdmins" group. It's important that you tick the "Active" box too as it's quite easy to miss. Click save to save the user.
Once you've created this user, revert the change you made in the web.config to the VirtualRoles so that the administrator role is back to
<add name="Administrators" type="EPiServer.Security.WindowsAdministratorsRole, EPiServer.Framework" />You should now be able to log in to the CMS using your newly created admin login.
Nov 15, 2019 13:02
johnv
- Nov 15, 2019 14:51
Thanks paul. I got to step 3 in that link episerver-aspnetidentity.
Step 3 is creating a new startup.cs file (empty project doesnt have one) and pasting in the required source.
I have the EPiServer.CMS.UI.AspNetIdentity nuget package installed and its the latest version.
The errors I get are:
1>C:\Users\xx\dev\empty\startup.cs(9,31,9,38): error CS0246: The type or namespace name 'Startup' could not be found (are you missing a using directive or an assembly reference?)
1>C:\Users\xx\dev\empty\startup.cs(11,13,11,26): error CS0116: A namespace cannot directly contain members such as fields or methods
I cant see any way to get further. Suggestions?
Step 3 is creating a new startup.cs file (empty project doesnt have one) and pasting in the required source.
I have the EPiServer.CMS.UI.AspNetIdentity nuget package installed and its the latest version.
The errors I get are:
1>C:\Users\xx\dev\empty\startup.cs(9,31,9,38): error CS0246: The type or namespace name 'Startup' could not be found (are you missing a using directive or an assembly reference?)
1>C:\Users\xx\dev\empty\startup.cs(11,13,11,26): error CS0116: A namespace cannot directly contain members such as fields or methods
I cant see any way to get further. Suggestions?
johnv
- Nov 15, 2019 14:56
Paul, you gave a link to how to include the new authentication with empty project, and you also include code to "fix" the current user. Is this an and or an or solution? i.e. should I implement both, or one of these two? Thanks for the help btw.
Paul Gruffydd
- Nov 15, 2019 15:33
It's an "or". You have a choice of either sticking with the default provider model or moving to identity. The easiest way for you to get up and running would be to stick with the membership provider model and use the workaround I suggested. If you want to use Identity, I think I see the problem but I'll have to respond below as you can't add code snippets in nested replies.
@tomas, this is what I currently have:
<location path="EPiServer/CMS/admin">
<system.web>
<authorization>
<allow roles="WebAdmins, Administrators" />
<deny users="*" />
</authorization>
</system.web>
</location>and
<location path="EPiServer">
<system.web>
<httpRuntime maxRequestLength="1000000" requestValidationMode="2.0" />
<pages enableEventValidation="true" enableViewState="true" enableSessionState="true" enableViewStateMac="true">
<controls>
<add tagPrefix="EPiServerUI" namespace="EPiServer.UI.WebControls" assembly="EPiServer.UI" />
<add tagPrefix="EPiServerScript" namespace="EPiServer.ClientScript.WebControls" assembly="EPiServer.Cms.AspNet" />
<add tagPrefix="EPiServerScript" namespace="EPiServer.UI.ClientScript.WebControls" assembly="EPiServer.UI" />
</controls>
</pages>
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
<authorization>
<allow roles="WebEditors, WebAdmins, Administrators" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>Are you suggesting i change the first section to something like this:
<location path="EPiServer/CMS/admin">
<system.web>
<authorization>
<allow roles="*" />
<deny users="*" />
</authorization>
</system.web>
</location>The problem I have is when trying to hit localhost:xxx/episerver.
I made the last change above, and when I try to hit localhost:xxx i get
- No assembly found containing an OwinStartupAttribute.
- No assembly found containing a Startup or [AssemblyName].Startup class.
Not sure how to get rid of this.
Edited,
Nov 15, 2019 15:04
As I mentioned above, I think I see the issue with your Identity implementation based on those error messages. Unfortunately, the code provided in step 3 of that link is a partial example, not a complete one so I suspect you'll be missing a couple of bits. Here's how it should look (though obviously replace BlankEpiTest with your own namespace both in the namespace declaration and the assembly attribute above).
using EPiServer.Cms.UI.AspNetIdentity;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.Owin;
using Microsoft.Owin;
using Microsoft.Owin.Security.Cookies;
using Owin;
using System;
[assembly: OwinStartup(typeof(BlankEpiTest.Startup))]
namespace BlankEpiTest
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
// Add CMS integration for ASP.NET Identity
app.AddCmsAspNetIdentity<ApplicationUser>();
// Use cookie authentication
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/util/login.aspx"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity =
SecurityStampValidator.OnValidateIdentity<ApplicationUserManager<ApplicationUser>, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => manager.GenerateUserIdentityAsync(user))
}
});
}
}
}As an added spanner in the works, you'll also need to make sure that, in web.config, the compilation element has defaultLanguage="c#" specified otherwise your startup class may not be picked up. For example:
<compilation debug="true" targetFramework="4.6.2" optimizeCompilations="true" defaultLanguage="c#" />Bear in mind that if you go down the identity route, you'll still need to set up an admin user login so, for the sake of getting up and running quickly, it may be easier to stick with the membership provider model and implement the workaround I mentioned above.
Nov 15, 2019 15:42
johnv
- Nov 15, 2019 16:11
Thanks Paul, much appreciated. I am still a bit confused, I think you are proposing two different options, but I dont know which is which, and which I have to create a user for (not sure how to do this either unfortunately.
Paul Gruffydd
- Nov 15, 2019 16:35
Yes, you've got two options available to you but I'd suggest one of those options is an easier option for you than the other.
If you ignore everything about Identity for now, get rid of your startup.cs and put the web.config back to how it was, setting the membership and role providers back to this:
You can then follow the bulk of my first post above starting from "You should be able to get around your current login issues as follows". This will take you through temporarily lowering the security levels to log in, setting up an admin user and then resetting the security levels.
If you ignore everything about Identity for now, get rid of your startup.cs and put the web.config back to how it was, setting the membership and role providers back to this:
You can then follow the bulk of my first post above starting from "You should be able to get around your current login issues as follows". This will take you through temporarily lowering the security levels to log in, setting up an admin user and then resetting the security levels.
Basically, there are two types of membership systems exist in Episerver - SqlMembershipProvider and AspNet Identity. By default, if you create empty Episerver project with Visual Studio VSIX, the solution will use SqlMembrshipProvider. To create a default user, the easiest way is to use Initialization module.
- Under your project root, create a file named "CreateAdminUserForMembershipInitiialization.cs"
- Replace with the following code sample, use your Visual Studio ctrl+. to resolve all missing using statements and build the solution.
- Run your website with Ctrl + F5 (Run without debugging), navigate to <domain>/util/login.aspx, login with username "EpiSQLAdmin" and password "6hEthU".
I hope this should help you to start with empty Episerver project site. BTW: Off the topic, I think you need to start conversation with your IT to get local admin account as it will be required when you debug your solution with IIS, and Visual Studio itself will require admin privilege for some of its internal tools as well.
[InitializableModule]
[ModuleDependency(typeof(EPiServer.Web.InitializationModule))]
public class CreateAdminUserForMembershipInitiialization : IInitializableModule
{
private static readonly ILog Log = LogManager.GetLogger(typeof(CreateAdminUserForMembershipInitiialization));
public void Initialize(InitializationEngine context)
{
#if DEBUG
var mu = Membership.GetUser("EpiSQLAdmin");
if (mu != null) return;
try
{
Membership.CreateUser("EpiSQLAdmin", "6hEthU", "EpiSQLAdmin@site.com");
try
{
this.EnsureRoleExists("WebEditors");
this.EnsureRoleExists("WebAdmins");
Roles.AddUserToRoles("EpiSQLAdmin", new[] { "WebAdmins", "WebEditors" });
}
catch (ProviderException pe)
{
Log.Error(pe);
}
}
catch (MembershipCreateUserException mcue)
{
Log.Error(mcue);
}
#endif
}
public void Uninitialize(InitializationEngine context)
{
}
private void EnsureRoleExists(string roleName)
{
if (Roles.RoleExists(roleName)) return;
try
{
Roles.CreateRole(roleName);
}
catch (ProviderException pe)
{
Log.Error(pe);
}
}
}
Edited,
Nov 18, 2019 3:51
Rajesh Katare
- Oct 31, 2020 22:04
@Vincent, your post is good and to the point. It worked smooth. Thanks.
valdis
- Nov 20, 2019 15:17
so essentially - you would be looking for option to choose while creating project via VS extensions - "add everything to the project so I can start working except all stuff that I don't need right now"? meaning that you would have full configuration of preferred providers, authentication & authorization, etc. but no templates, no page types, no display options, etc.?
I checked all this solutions but none of them worked for me, what I did to achive this goal was installing another Episerver with Alloy example. Also added references for Owin. This added all the dependecies attached to it, besides check if library Microsoft.AspNet.Identity.EntityFramework to allow Startup.cs to execute with owin at the startup.
The next step is copying these files that are needed to create a Registration page, similar to what we have at the moment we install alloy first time:
- Business/AdministratorRegistrationPage.cs
- Controllers/RegisterController.cs
- Models/Register/RegisterViewModel.cs
- Views/Register/Index.cshtml
- Startup.cs
After compiling and deploying I cleaned IIS cache just in case and try to enter to {your_epi_url}/Register and fill the registration form for your admin user.
This worked for me using Episerver 11.14.1.0 release.
Feb 20, 2020 21:07
I was following the tutorial for the exact same URL, but for CMS 12, which is different. But I had the same problem where it would not work as described. I followed all the steps of the tutorial but I could not get it to work. The Start Page was not edittable. After a call with support I learned that I needed to create a site, which is not detailed in the tutorial.
In the CMS I went to Settings (the gear on the left) then "Manage Websites" then "Create Website" - I gave it a name and a URL of https://localhost:5000/ - then it worked.
Chris
Edited,
Apr 18, 2024 18:56
The "creating-a-starter-project" guide here:
Says you can just create an empty start project, login with windows credentials, and start creating pages.
However, this seems to be far from the truth, at least for users who are on a domain (who's windows user is not a local admin), i.e. anyone in a corporate network.
After intalling VS, episever plugin and nuget, you can create for example an "alloy MVC" site. This prompts to create a user which it ads to its Asp.Net.Users table. you can hit localhost:xx/episerver and login with this user to edit the site.
This is great, but to learn episerver, the docs say to create an empty site, and create a page.
So I created a new episerver project of type "empty" instead of Alloy. You can run this ok, but when you hit localhost:xx//episerver, the user you created for alloy does not work. As we dont have local admin access to our machines (we are on a domain), it is implossible to login.
In fact, the database it creates for the empty site does not even have a Asp.Net.Users table.
The only workaround seems to be to create a user programatically, by creating a file called "EpiserverInitialization.cs" which contains the code someone kindly put together to create an account.
However, when you try to login with this account, you get the error "No owin.Environment item was found in the context.". It seems that the empty project is missing the "startup.cs" file which is required.
So getting an empty project working seems to be extremely difficult, and not documented.
What am I missing?
Has anyone managed to get an emtpy site working?
if so, how did you get around not being able to create users, and the missing owin/startup stuff?
Could some kind sole put together a guide on how to create an empty site, including the account creation, owin, startup and any other missing critical items? So far, as a new episerver user, I have not managed.