add group to user - MultiplexingRoleProvider

Vote:
 

Hi, 

I want to add groups to user programmatically using the code but I am getting an errro - "

The method is not supported by this provider.

"

if (!string.IsNullOrEmpty(page.MemberOf))
{
var groupsFromAD = page.MemberOf.Split(',').Count() > 0 ? page.MemberOf.Split(',') : null;
var groupsFromEpiServer = System.Web.Security.Roles.GetRolesForUser("EM\\mose");

var groupsDifference = (groupsFromAD != null && groupsFromEpiServer != null) ? groupsFromAD.Except(groupsFromEpiServer).ToArray<string>() : null;
groupsDifference = groupsDifference.Where(g => g.Length > 0).ToArray<string>();
if (groupsDifference != null && groupsDifference.Count() > 0)
{
System.Web.Security.Roles.AddUserToRoles("EM\\mose", groupsDifference);
}
}

 

Any help would be appreciated !!

#72844
Jul 01, 2013 16:25
Vote:
 

What MembershipProviders do you have in your MultiplexingRoleProvider and in what order are they registered?

For example the WindowsRoleProvider, which is a read only Provider, throw a ProviderException with the message "The method is not supported by this provider." when you try to add or remove roles on a user.

#72848
Jul 01, 2013 20:21
Vote:
 

hi, I am using multiplex provider

 

<system.web>
    <roleManager enabled="true"
                 defaultProvider="MultiplexingRoleProvider"
                 cacheRolesInCookie="true">
      <providers>
        <clear />
        <!-- Comment the following lines when running on oracle. -->
        <add name="MultiplexingRoleProvider"
             type="EPiServer.Security.MultiplexingRoleProvider, EPiServer"
             provider1="ActiveDirectoryRoleProvider"
             provider2="WindowsRoleProvider"
             providerMap1="SqlServerMembershipProvider"
             providerMap2="WindowsMembershipProvider" />
        <!--  comment when running on oracle  -->
        <!-- Uncomment the following lines when running on oracle. -->
        <!--<add provider1="OracleRoleProvider" provider2="WindowsRoleProvider"
        providerMap1="OracleMembershipProvider" providerMap2="WindowsMembershipProvider"
         name="MultiplexingRoleProvider" type="EPiServer.Security.MultiplexingRoleProvider, EPiServer" />-->
        <!--Uncomment the lines above running oracle-->
        <add name="WindowsRoleProvider"
             applicationName="EPiServerSample"
             type="EPiServer.Security.WindowsRoleProvider, EPiServer" />
        <add name="SqlServerRoleProvider"
             connectionStringName="EPiServerDB"
             applicationName="EPiServerSample"
             type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
        <add name="ActiveDirectoryRoleProvider"
             type="EPiServer.Security.ActiveDirectoryRoleProvider, EPiServer"
             connectionStringName="ActiveDirectoryProviderConnection"
             connectionUsername="xxx"
             connectionPassword="xxx"
             attributeMapUsername="sAMAccountName" cacheTimeout="0:01:00" />
      </providers>
    </roleManager>
    <membership defaultProvider="MultiplexingMembershipProvider"
                userIsOnlineTimeWindow="10">
      <providers>
        <clear />
        <!-- Comment the following lines when running on oracle. -->
        <add name="MultiplexingMembershipProvider"
             type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer"
             provider1="ActiveDirectoryMembershipProvider"
             provider2="WindowsMembershipProvider" />
        <!--  comment the lines above when running on oracle  -->
        <!-- Uncomment the following lines when running on oracle. -->
        <!--<add provider1="OracleMembershipProvider" provider2="WindowsMembershipProvider"
          name="MultiplexingMembershipProvider" type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer" />-->
        <!--Uncomment the lines above running oracle-->
        <add name="WindowsMembershipProvider"
             type="EPiServer.Security.WindowsMembershipProvider, EPiServer"
             deletePrefix="BUILTIN\"
             searchByEmail="true" />
        <add name="SqlServerMembershipProvider"
             type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
             connectionStringName="EPiServerDB"
             requiresQuestionAndAnswer="false"
             applicationName="EPiServerSample"
             requiresUniqueEmail="true"
             passwordFormat="Hashed"
             maxInvalidPasswordAttempts="5"
             minRequiredPasswordLength="7"
             minRequiredNonalphanumericCharacters="0"
             passwordAttemptWindow="10"
             passwordStrengthRegularExpression="" />
        <add name="ActiveDirectoryMembershipProvider"
             type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
             connectionStringName="ActiveDirectoryProviderConnection"
             connectionUsername="xxxx"
             connectionPassword="xxx"
             enableSearchMethods="true"
             attributeMapUsername="sAMAccountName"/>

      </providers>
    </membership>

#72850
Jul 01, 2013 21:04
Vote:
 

What I can see you have a Multiplexing where you define both ActiveDirectoryRoleProvider and WindowsRoleProvider. Both of them are kind of read only and throws an Exception when you try to add or remove users from a role.

In what situation do you want to add users to roles?

#72851
Jul 01, 2013 21:15
Vote:
 

Hi, thanks for your reply. 

I have users and groups defined in AD. I am importing users using from AD to episever using the plugin https://www.coderesort.com/p/epicode/browser/Epinova.ActiveDirectoryImport/6.x/Services/ActiveDirectoryService.cs?rev=1957 

Now, when I add a group for user in AD, the group is not importing into episerver for that user. I have written code to get groups for each user and I am thinking to add those groups for respective users.

#72852
Jul 01, 2013 21:24
Vote:
 

I think I understand.

As I mentioned the WindowsRoleProvider and ActiveDirectoryRoleProvider does not allow you to create roles.

Do you have any other members that are supposed to log on except those in the Active Directory that is your import source?

If not I would suggest that you changed to using SqlRoleProvider and SqlMembershipProvider if the idea is that you want to store your users and roles locally on your web site.

#72853
Jul 02, 2013 0:34
Vote:
 

HI, After I changed my defaultRole provider as SqlRoleProvider and defaultMembershipProvider as SqlMemberShipProvider, I couldn't even login. 

thanks.

#72866
Jul 02, 2013 10:03
Vote:
 

Hi Suresh, 

Below is example of setting Multiplexing membership & role providers using SQL and windows : 

<roleManager enabled="true" defaultProvider="MultiplexingRoleProvider" cacheRolesInCookie="true">
<providers>
<clear/>
<add name="MultiplexingRoleProvider" type="EPiServer.Security.MultiplexingRoleProvider, EPiServer" provider1="SqlServerRoleProvider" provider2="WindowsRoleProvider" providerMap1="SqlServerMembershipProvider" providerMap2="WindowsMembershipProvider"/>
<add name="WindowsRoleProvider" applicationName="EPiServerSample" type="EPiServer.Security.WindowsRoleProvider, EPiServer"/>
<add name="SqlServerRoleProvider" connectionStringName="EPiServerDB" applicationName="EPiServerSample" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</roleManager>
<membership defaultProvider="MultiplexingMembershipProvider" userIsOnlineTimeWindow="10">
<providers>
<clear/>

<add name="MultiplexingMembershipProvider" type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer" provider1="SqlServerMembershipProvider" provider2="WindowsMembershipProvider"/>
<add name="WindowsMembershipProvider" type="EPiServer.Security.WindowsMembershipProvider, EPiServer" deletePrefix="BUILTIN\" searchByEmail="true"/>
<add name="SqlServerMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="EPiServerDB" requiresQuestionAndAnswer="false" applicationName="EPiServerSample" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
</providers>
</membership>

 

After setting this, login with your windows user and create a SQL user from Admin mode and assign him to a group (Webadmins, Webeditors). Then you should be able to login with your sql account. 

#72870
Jul 02, 2013 10:20
Vote:
 

OK, I understand. thanks. 

then I just would like to import AD groups in episerver. but it seems there is a limitation AD groups are imported in episerver if only if user logins with windows user login. 

Could you tell me any work around for this ?

thanks. 

#72878
Jul 02, 2013 10:59
Vote:
 

What kind of limitation do you mean?

An other solution could be that you create your own RoleProvider and MembershipProvider that use your imported pages in the same way as SqlMembershipProvider use the database or WindowsMembershipProvider use your Windows accounts.

#72879
Jul 02, 2013 11:09
Vote:
 

I mean, AD groups are syncing into episerver when user logins. Some times, I would like to have those AD groups in Episever even though user doesn't login. 

#72880
Jul 02, 2013 11:13
Vote:
 
#72882
Jul 02, 2013 11:29
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.