Custom membership provider invalid user

Five New Optimizely Certifications are Here! Validate your expertise and advance your career with our latest certification exams. Click here to find out more

AI OnAI Off

Home / Forums / Legacy forums / Episerver CMS 6 /

Custom membership provider invalid user

Vote:

I'm trying to implement a custom Membership and Role provider to authenticate over WCF. I've got a breakpoint on my ValidateUser() Method in my custom MembershipProvider and as a test I'm always returning true.

I'm using the Multiplex authentication as I have some site admins setup in the EPiServer DB and if I try to login using one of these site admins everything works fine. If however I try to login using a WCF based user I stay on the EPiServer Login Page, I don't receive any exceptions or a password invalid message.

Has anyone got any ideas of where I'm going wrong here?

 web.config

<roleManager enabled="true" cacheRolesInCookie="true" defaultProvider="MultiplexingRoleProvider">
			<providers>
				<clear/>

<add name="MultiplexingRoleProvider" provider1="SqlServerRoleProvider" provider2="WCFRoleProvider" providerMap1="SqlServerMembershipProvider" providerMap2="WCFMembershipProvider"  type="EPiServer.Security.MultiplexingRoleProvider, EPiServer"/>
				<add applicationName="MyApp" name="WCFRoleProvider" type="MyApp.Classes.WCFRoleProvider, MyApp"/>
			</providers>
		</roleManager>
<membership defaultProvider="MultiplexingMembershipProvider" userIsOnlineTimeWindow="10">

			<providers>
				<clear/>

 <add provider1="SqlServerMembershipProvider" provider2="WCFMembershipProvider" name="MultiplexingMembershipProvider" type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer"/>
				<add name="WCFMembershipProvider" type="MyApp.Classes.WCFMembershipProvider, MyApp" />
			</providers>
		</membership>

WCFMembershipProvider.cs

public override bool ValidateUser(string username, string password)
        {
            bool isValid = true;
           
            return isValid;
        }

WCFRoleProvider.cs

public override string[] GetAllRoles()
        {
            return new string[2]{"WCFCustomer", "WCFBilling"};
        }

        public override string[] GetRolesForUser(string username)
        {
            if (username == "testWCFLogin")
            {

                return new string[1] { "WCFCustomer" };
            }
            else
            {
                return new string[0];
            }
        }

#56342

Jan 18, 2012 15:30

Vote:

Hi Chris,

If you indeed do not move from the login page (I'm assuming the /util/login.aspx page) then it means that the login was successful, but you do not have authorization to that page. I'm guessing it's because you are trying to access edit mode and only certain roles are allowed into edit mode (see edit mode's location in web.config) which you are not part of.

Hope that helps :)

#56345

Jan 18, 2012 15:52

Vote:

Hi Toni,

That makes sense, I put that into the edit section and it's logged me in! So obvious but would have spent hours on it until I worked it out

Thanks very much

#56347

Jan 18, 2012 16:43

This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.