Hi,
I suspect this
I am having trouble after logging in and it keeps going in a redirect loop.
to be a problem with IAppBuilder.Map (you redirect to the page OWIN is supposed to map)
Is there any custom code with your Owin implementation?
Regards,
/Q
Hi Quan - Yes I think this is where the confusion lies... The EPiServer.Commerce.Security inserts default into Commerce Manager
[assembly: OwinStartup(typeof(Startup))] namespace EPiServer.Commerce.Security { /// <summary> /// Sample Startup file to be use EPiServer.Commerce.Security /// </summary> public class Startup { /// <summary> /// Configuration method used by Microsoft.Owin to initialize owin process. /// </summary> /// <param name="app">The application.</param> public void Configuration(IAppBuilder app) { //Enable cookie authentication, used to store the claims between requests app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = CookieAuthenticationDefaults.AuthenticationType, AuthenticationMode = AuthenticationMode.Active, LoginPath = new PathString("/Login"), LogoutPath = new PathString("/Logout") }); } } }
The user has all roles required but problem is accessing /Apps/Shell/Pages/default.aspx
The redirect loop is http://dev.commerce.mysite.com/Login?ReturnUrl=%2FApps%2FShell%2FPages%2Fdefault.aspx which keeps appending returnUrl to it.
And the Website has this which I have put together from a few samples...
public void Configuration(IAppBuilder app) { const string LogoutUrl = "/util/logout.aspx"; app.CreatePerOwinContext(ApplicationDbContext.Create); app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create); app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Login"), LogoutPath = new PathString("/Logout"), Provider = new CookieAuthenticationProvider { // Enables the application to validate the security stamp when the user logs in. // This is a security feature which is used when you change a password or add an external login to your account. OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>( validateInterval: TimeSpan.FromMinutes(30), regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)), OnApplyRedirect = ApplyRedirect } }); // Maps the EPiServer Admin logout app.Map( LogoutUrl, map => map.Run( ctx => { ctx.Authentication.SignOut(); ctx.Response.Redirect("/"); return Task.FromResult(0); })); // Tell antiforgery to use the name claim AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.Name; app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); EnableFacebookAccountLogin(app); } /// <summary> /// Applies the redirect. /// </summary> /// <param name="context">The context.</param> private static void ApplyRedirect(CookieApplyRedirectContext context) { var backendPath = Paths.ProtectedRootPath.TrimEnd('/'); // We use the method for transferring the user to the backend login pages if she tries to go // to the Edit views without being navigated. if (context.Request.Uri.AbsolutePath.StartsWith(backendPath) && !context.Request.User.Identity.IsAuthenticated) { context.RedirectUri = VirtualPathUtility.ToAbsolute("~/BackendLogin") + new QueryString( context.Options.ReturnUrlParameter, context.Request.Uri.AbsoluteUri); } context.Response.Redirect(context.RedirectUri); }
Appreciate if you could point me in the right direction
I'm trying to implement identity in with both commerce manager and the CMS but I am running into an issue. It seems using ApplicationUserManager relies on the IUIUser interface which exists in the Episerver.Shell library. My issue is that it seems including that library in the code is causing a runtime error when loading commerce manager. I've spoken with support from Episerver and they have said to remove the Episerver.Shell library, which allows the site to load again, but that ends up breaking my security for OWIN and identity because of the reference to IUIUser.
I followed the reference provided in Quicksilver and got it working.
Think you are referencing wrong interface as OWIN references IdentityUser - see https://github.com/episerver/Quicksilver/blob/master/Sources/EPiServer.Reference.Commerce.Shared/Models/Identity/ApplicationUserManager.cs
I am able to get it working somewhat now, but the problem is that I can't administer users anymore since that isn't tied into the default Epi screens. When you use the Cms.Ui.AspNetIdentity package, you can integrate into there very nicely. However, doing so causes the error I was refering to within commerce.
I think this is a new feature as I followed this example and this and built my own Epi User Managment screens.
Also here it states there are 2 ways to use the customs user model. Maybe worth trying just inheriting from ApplicationUser
Hope this helps
Has anybody got OWIN working with Commerce Manager? I am having trouble after logging in and it keeps going in a redirect loop.
I have installed OWIN on our dev site and all works without problem.
I tried installing EPiServer.Commerce.Security on Commerce Manager and added the SynchronizingProvider as described here.
Any pointers or know of any documentation (I cant seem to find any)
I haver the latest packages installed EPiServer.CommerceManager 8.16.1