Vulnerability in EPiServer.Forms
I'm trying to figure out why I can't create a user inside of the CMS?
I have a regular user created and I wanna set the User to Administrator etc.
When I try to add this access to the user it says:
The method or operation is not implemented.
with this random error after:
at EPiServer.Common.Web.Authorization.RoleProvider.RemoveUsersFromRoles(String usernames, String roleNames) at System.Web.Security.Roles.RemoveUserFromRoles(String username, String roleNames) at EPiServer.UI.Edit.UserMembership.SaveMembershipRoles() at EPiServer.UI.Edit.UserMembership.SaveButton_Click(Object sender, EventArgs e)
Which role provider are you using (snippet from web.config)?
I'm currently using:
Well that's not a surprise :) CommonUserRoleProvider does not support removal user from the role.
public override void RemoveUsersFromRoles(string usernames, string roleNames)
throw new ProviderException("The method or operation is not implemented.");
Can you provide excat fragments from web.config for roles and membership providers?