November Happy Hour will be moved to Thursday December 5th.
November Happy Hour will be moved to Thursday December 5th.
In web.config, you have a section like this. Change this to allow all users access to admin mode, then you can enter admin mode without having to log in, and create your user. Change the configuration back afterward.
<location path="Episerver/CMS/admin">
<system.web>
<authorization>
<allow roles="WebAdmins" />
<deny users="*" />
</authorization>
</system.web>
</location>
Hi,
I think the issues you're having stem from the fact that you have a choice of how you implement authentication within your Episerver site. If you install an empty site, it will use the older provider model, using SqlServerMembershipProvider with a fallback to WindowsMembershipProvider. Presumably, the idea is to make it as simple as possible to get started by allowing you to login with your windows login. As you've found out however, that isn't always applicable. By contrast, the Alloy site uses the newer asp.Net Identity model for authentication which requires some manual configuration if you're setting it up in an empty site as described here:
https://world.episerver.com/documentation/developer-guides/CMS/security/episerver-aspnetidentity/
You should be able to get around your current login issues as follows:
In web.config, find the virtualRoles node inside episerver.framework. It should look something like this:
<virtualRoles addClaims="true">
<providers>
<add name="Administrators" type="EPiServer.Security.WindowsAdministratorsRole, EPiServer.Framework" />
<add name="Everyone" type="EPiServer.Security.EveryoneRole, EPiServer.Framework" />
<add name="Authenticated" type="EPiServer.Security.AuthenticatedRole, EPiServer.Framework" />
<add name="Anonymous" type="EPiServer.Security.AnonymousRole, EPiServer.Framework" />
<add name="CmsAdmins" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebAdmins, Administrators" mode="Any" />
<add name="CmsEditors" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebEditors" mode="Any" />
<add name="Creator" type="EPiServer.Security.CreatorRole, EPiServer" />
</providers>
</virtualRoles>
Temporarily replace the <add name="Administrators" type="EPiServer.Security.WindowsAdministratorsRole, EPiServer.Framework" /> line with the following:
<add name="Administrators" type="EPiServer.Security.AuthenticatedRole, EPiServer.Framework" />
This will make all logged in users administrators so it's important that you revert this change once you've added a real admin user.
Log in to the Episerver CMS using your network login. As described above, you should now be logged in as an administrator.
Go to the admin section and click "Administer groups" in the left hand menu under "Access Rights". Click the "Add" button and add a group called "WebAdmins".
Click on "Create User" in the left hand menu under "Access Rights". Fill in the details to create a user ensuring you add your user to the "WebAdmins" group. It's important that you tick the "Active" box too as it's quite easy to miss. Click save to save the user.
Once you've created this user, revert the change you made in the web.config to the VirtualRoles so that the administrator role is back to
<add name="Administrators" type="EPiServer.Security.WindowsAdministratorsRole, EPiServer.Framework" />
You should now be able to log in to the CMS using your newly created admin login.
@tomas, this is what I currently have:
<location path="EPiServer/CMS/admin">
<system.web>
<authorization>
<allow roles="WebAdmins, Administrators" />
<deny users="*" />
</authorization>
</system.web>
</location>
and
<location path="EPiServer">
<system.web>
<httpRuntime maxRequestLength="1000000" requestValidationMode="2.0" />
<pages enableEventValidation="true" enableViewState="true" enableSessionState="true" enableViewStateMac="true">
<controls>
<add tagPrefix="EPiServerUI" namespace="EPiServer.UI.WebControls" assembly="EPiServer.UI" />
<add tagPrefix="EPiServerScript" namespace="EPiServer.ClientScript.WebControls" assembly="EPiServer.Cms.AspNet" />
<add tagPrefix="EPiServerScript" namespace="EPiServer.UI.ClientScript.WebControls" assembly="EPiServer.UI" />
</controls>
</pages>
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
<authorization>
<allow roles="WebEditors, WebAdmins, Administrators" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>
Are you suggesting i change the first section to something like this:
<location path="EPiServer/CMS/admin">
<system.web>
<authorization>
<allow roles="*" />
<deny users="*" />
</authorization>
</system.web>
</location>
The problem I have is when trying to hit localhost:xxx/episerver.
I made the last change above, and when I try to hit localhost:xxx i get
- No assembly found containing an OwinStartupAttribute.
- No assembly found containing a Startup or [AssemblyName].Startup class.
Not sure how to get rid of this.
As I mentioned above, I think I see the issue with your Identity implementation based on those error messages. Unfortunately, the code provided in step 3 of that link is a partial example, not a complete one so I suspect you'll be missing a couple of bits. Here's how it should look (though obviously replace BlankEpiTest with your own namespace both in the namespace declaration and the assembly attribute above).
using EPiServer.Cms.UI.AspNetIdentity;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.Owin;
using Microsoft.Owin;
using Microsoft.Owin.Security.Cookies;
using Owin;
using System;
[assembly: OwinStartup(typeof(BlankEpiTest.Startup))]
namespace BlankEpiTest
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
// Add CMS integration for ASP.NET Identity
app.AddCmsAspNetIdentity<ApplicationUser>();
// Use cookie authentication
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/util/login.aspx"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity =
SecurityStampValidator.OnValidateIdentity<ApplicationUserManager<ApplicationUser>, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => manager.GenerateUserIdentityAsync(user))
}
});
}
}
}
As an added spanner in the works, you'll also need to make sure that, in web.config, the compilation element has defaultLanguage="c#" specified otherwise your startup class may not be picked up. For example:
<compilation debug="true" targetFramework="4.6.2" optimizeCompilations="true" defaultLanguage="c#" />
Bear in mind that if you go down the identity route, you'll still need to set up an admin user login so, for the sake of getting up and running quickly, it may be easier to stick with the membership provider model and implement the workaround I mentioned above.
Basically, there are two types of membership systems exist in Episerver - SqlMembershipProvider and AspNet Identity. By default, if you create empty Episerver project with Visual Studio VSIX, the solution will use SqlMembrshipProvider. To create a default user, the easiest way is to use Initialization module.
I hope this should help you to start with empty Episerver project site. BTW: Off the topic, I think you need to start conversation with your IT to get local admin account as it will be required when you debug your solution with IIS, and Visual Studio itself will require admin privilege for some of its internal tools as well.
[InitializableModule]
[ModuleDependency(typeof(EPiServer.Web.InitializationModule))]
public class CreateAdminUserForMembershipInitiialization : IInitializableModule
{
private static readonly ILog Log = LogManager.GetLogger(typeof(CreateAdminUserForMembershipInitiialization));
public void Initialize(InitializationEngine context)
{
#if DEBUG
var mu = Membership.GetUser("EpiSQLAdmin");
if (mu != null) return;
try
{
Membership.CreateUser("EpiSQLAdmin", "6hEthU", "EpiSQLAdmin@site.com");
try
{
this.EnsureRoleExists("WebEditors");
this.EnsureRoleExists("WebAdmins");
Roles.AddUserToRoles("EpiSQLAdmin", new[] { "WebAdmins", "WebEditors" });
}
catch (ProviderException pe)
{
Log.Error(pe);
}
}
catch (MembershipCreateUserException mcue)
{
Log.Error(mcue);
}
#endif
}
public void Uninitialize(InitializationEngine context)
{
}
private void EnsureRoleExists(string roleName)
{
if (Roles.RoleExists(roleName)) return;
try
{
Roles.CreateRole(roleName);
}
catch (ProviderException pe)
{
Log.Error(pe);
}
}
}
I checked all this solutions but none of them worked for me, what I did to achive this goal was installing another Episerver with Alloy example. Also added references for Owin. This added all the dependecies attached to it, besides check if library Microsoft.AspNet.Identity.EntityFramework to allow Startup.cs to execute with owin at the startup.
The next step is copying these files that are needed to create a Registration page, similar to what we have at the moment we install alloy first time:
After compiling and deploying I cleaned IIS cache just in case and try to enter to {your_epi_url}/Register and fill the registration form for your admin user.
This worked for me using Episerver 11.14.1.0 release.
I was following the tutorial for the exact same URL, but for CMS 12, which is different. But I had the same problem where it would not work as described. I followed all the steps of the tutorial but I could not get it to work. The Start Page was not edittable. After a call with support I learned that I needed to create a site, which is not detailed in the tutorial.
In the CMS I went to Settings (the gear on the left) then "Manage Websites" then "Create Website" - I gave it a name and a URL of https://localhost:5000/ - then it worked.
Chris
The "creating-a-starter-project" guide here:
Says you can just create an empty start project, login with windows credentials, and start creating pages.
However, this seems to be far from the truth, at least for users who are on a domain (who's windows user is not a local admin), i.e. anyone in a corporate network.
After intalling VS, episever plugin and nuget, you can create for example an "alloy MVC" site. This prompts to create a user which it ads to its Asp.Net.Users table. you can hit localhost:xx/episerver and login with this user to edit the site.
This is great, but to learn episerver, the docs say to create an empty site, and create a page.
So I created a new episerver project of type "empty" instead of Alloy. You can run this ok, but when you hit localhost:xx//episerver, the user you created for alloy does not work. As we dont have local admin access to our machines (we are on a domain), it is implossible to login.
In fact, the database it creates for the empty site does not even have a Asp.Net.Users table.
The only workaround seems to be to create a user programatically, by creating a file called "EpiserverInitialization.cs" which contains the code someone kindly put together to create an account.
However, when you try to login with this account, you get the error "No owin.Environment item was found in the context.". It seems that the empty project is missing the "startup.cs" file which is required.
So getting an empty project working seems to be extremely difficult, and not documented.
What am I missing?
Has anyone managed to get an emtpy site working?
if so, how did you get around not being able to create users, and the missing owin/startup stuff?
Could some kind sole put together a guide on how to create an empty site, including the account creation, owin, startup and any other missing critical items? So far, as a new episerver user, I have not managed.