Hm. Just to make certain, are you accessing the principal through HttpContext.Current.User? Or EPiServer.Security.PrincipalInfo.CurrentPrincipal?

I am using SecurityContext.Current (Mediachase.Commerce.Security.SecurityContect.Current) to get additional information about my logged in user. If I use HttpContext.Current.User I get some information but it is not enough.

Regards
Sandra 

The problem seem to accur when calling CustomerSecurityProvider (used in ecf.security.config). This does not happend on the sample site (Click Talk) so what configuration am I missing? 

Regards
Sandra 

I really need some help with this!
Here is the stack trace from when logging in (as used in EPiServers demo site Click talk)

[NullReferenceException: Object reference not set to an instance of an object.]
   Mediachase.BusinessFoundation.Data.Sql.SqlCommandBuilder..ctor(String table) +60
   Mediachase.BusinessFoundation.Data.Sql.SelectCommandBuilder..ctor(String tableName, FilterElementCollection filters, SortingElementCollection sorting) +191
   Mediachase.BusinessFoundation.Data.DataHelper.List(String tableName, Int32 maxCount, FilterElementCollection filters, SortingElementCollection sorting) +241
   Mediachase.BusinessFoundation.Data.DataHelper.List(String tableName, Int32 maxCount, FilterElement[] filters) +263
   Mediachase.BusinessFoundation.Data.DataHelper.List(String tableName, FilterElement[] filters) +64
   Mediachase.Commerce.Security.SecurityProviders.Sql.RolePermissionRow.List(FilterElement[] filters) +132
   Mediachase.Commerce.Customers.CustomerSecurityDataRepository.LoadRole(String roleName) +414
   Mediachase.Commerce.Customers.CustomerSecurityCachedDataRepository.GetCachedSecurityRole(String roleName) +234
   Mediachase.Commerce.Customers.CustomerSecurityCachedDataRepository.LoadRole(String roleName) +189
   Mediachase.Commerce.Customers.Security.CustomerSecurityProvider.GetRoleByName(String roleName) +128
   Mediachase.Commerce.Customers.Security.CustomerSecurityProvider.InstallAdminRoles() +544
   Mediachase.Commerce.Customers.Security.CustomerSecurityProvider..ctor() +179

[TargetInvocationException: Exception has been thrown by the target of an invocation.]
   System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) +0
   System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) +146
   System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) +298
   System.Activator.CreateInstance(Type type, Boolean nonPublic) +79
   Mediachase.BusinessFoundation.Data.AssemblyUtil.LoadObject(String type, String interfaceName) +1508
   Mediachase.BusinessFoundation.Data.AssemblyUtil.LoadObject(String type) +63
   Mediachase.Commerce.Security.SecurityContext.GetSecurityProviderFromName(String providerName) +400
   Mediachase.Commerce.Security.SecurityContext.CreateInstance() +105
   Mediachase.Commerce.Security.SecurityContext.get_Current() +181
   Pelly.Templates.Units.LoginModule.LoginForm_Authenticate(Object sender, AuthenticateEventArgs e) in C:\Solutions\PellyLive\Site\Templates\Units\LoginModule.ascx.cs:210
   System.Web.UI.WebControls.Login.AttemptLogin() +152
   System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +124
   System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +70
   System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +29
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2981

Ok no I'm pissed off! The solution was that there was no httpmodule to handle the authenticateRequest event of the application pool. This file is called ProfilModule.cs in the ClickTalk sample project and is located under the HttpModules folder.

Isn't that supposed to be included when I install Commerce? 

Was this the actual solution to the problem?.....  I'm having exactly the same error and i've got ProfileModule.cs included in my project.

If anyone is interested particularly as EPiServer don't get on to the Commerce forums very much ;)...

The issue I was having was that the SqlContext.Current is returning as null a lot of the time, I can't find any reference to it being setup in the Sample Click2Talk site and I also can't see any specific configs that set it up either.  I've used the following code to make sure it is setup - this then makes sure that there isn't a crash in the Mediachase.BusinessFoundation.Data.Sql.SqlCommandBuilder

            if (SqlContext.Current == null)
            {
                string connString = ConfigurationManager.ConnectionStrings["EcfSqlConnection"].ToString();
                SqlContext.Current = new SqlContext(connString);
            }

Hi Simon!

We have the same problem as you! Randomly the SqlCommandBuilder crashes becase the SqlContext.Current is null.

When I debug I can see that several requests works, so I added a conditional breakpoint which stops when SqlContext == null, and if I then run you code it will continue smoothly otherwise crash.

But now to the issue: 

Where should I add this code? I think the last call in our code is some kind of .AcceptChanges() on the Cart but when I debug I only pass this .AcceptChanges() once and then several executions of SqlCommandBuilder is run and one of them gets the SqlContext== null, almost as it depends on different threads or something.

Where did you add this code ? and what did you resolve by this?

best regards Andreas