Default membership provider must be specified

Dejan Caric
Member since: 2010
 

Hi,

I have a website running on EPiserver 10.4.3. I have replaced SQL Server role and membership providers with ASP.NET Identity, as described on the following link: http://world.episerver.com/documentation/developer-guides/CMS/security/episerver-aspnetidentity/

When I log in for the first time, I get the following error message:

And this is from the IIS Express console: 

If I then hit the refresh button, I can get into the edit mode, and this error message doesn't appear anymore.

Is this a known issue? Is there a workaround?

Thanks!

#176258 Mar 14, 2017 15:35
  • Quan Mai
    Member since: 2011
     

    The "happens only the first time" error was because this is done by ProfileModule, which only kicks in if you log in. The next request, you're already authenticated then it won't happen anymore.

    However it's very strange. Quicksilver is currently using AspNetIdentity and we have no such problem. Would you mind posting your web.config here?

    #176262 Mar 14, 2017 15:46
  • Quan Mai
    Member since: 2011
     

    https://github.com/episerver/Quicksilver/blob/master/Sources/EPiServer.Reference.Commerce.Shared/Identity/SiteUser.cs 

    #176263 Mar 14, 2017 15:49
  • Dejan Caric
    Member since: 2010
     

    Web.config is quite big. Something specific I should look at?

    #176265 Mar 14, 2017 15:56
  • Quan Mai
    Member since: 2011
     

    Probably no - I wanted to make sure everything is correct. But it seems that for commerce site you should/must have the SiteUser as I posted above. My suspicion is this method

    public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<SiteUser> manager)
    {
    // Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType
    var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);

    // Add custom user claims here
    userIdentity.AddClaim(new Claim(ClaimTypes.Email, Email));

    if (!String.IsNullOrEmpty(FirstName))
    {
    userIdentity.AddClaim(new Claim(ClaimTypes.GivenName, FirstName));
    }

    if (!String.IsNullOrEmpty(LastName))
    {
    userIdentity.AddClaim(new Claim(ClaimTypes.Surname, LastName));
    }
    return userIdentity;
    }

    is needed. 

    Haven't tried it, thought 

    #176270 Mar 14, 2017 16:09
  •  

    Besides adding the SiteUser class a couple of things needs to be in place in order to get ASP.NET identity to work with Commerce Manager, which are currently (3/3-2018) not mentioned in the documentation on "Support for OpenID Connect in Episerver Commerce" (https://world.episerver.com/documentation/developer-guides/commerce/security/support-for-openid-connect-in-episerver-commerce/).

    So the full recipie to get ASP.NET with Commerce Manager is the following:

    1. Follow the documentation on "Support for OpenID Connect in Episerver Commerce" (https://world.episerver.com/documentation/developer-guides/commerce/security/support-for-openid-connect-in-episerver-commerce/).
    2. Add the SiteUser class to your project (https://github.com/episerver/Quicksilver/blob/master/Sources/EPiServer.Reference.Commerce.Shared/Identity/SiteUser.cs)
    3. Add the files Login.aspx.cs, Login.aspx.designer.cs and Logout.aspx.cs from the Quicksilver EPiServer.Reference.Commerce.Manager project (https://github.com/episerver/Quicksilver/tree/master/Sources/EPiServer.Reference.Commerce.Manager
    4. Add the UpdateLoginPage build task from the EPiServer.Reference.Commerce.Manager.csproj to your Commerce Manager project csproj file.
    5. If you are not using version 11.8.1 it may be necessary to remove the panel with id RegisterPanel from the Apps\Shell\Pages\Login.aspx file. At least it is necessary for version 10.8 and below. One way of removing the panel is to extend the UpdateLoginPage build task with the following lines.
    // Remove RegisterPanel in order to avoid Membership provider not found error when using OWIN authentication 
    var pageFile = File.ReadAllText(pagePath); 
    var panelRegEx = new Regex("<asp:Panel ID=\"RegisterPanel\".*?</asp:Panel>", RegexOptions.Singleline); 
    pageFile = panelRegEx.Replace(pageFile, string.Empty, 1); 
    File.WriteAllText(pagePath, pageFile);

    I have written the Episerver support and suggested the official documentation is updated.

    #188784 Mar 03, 2018 11:31
  • Drew Null
    Member since: 2013
     

    @rfj Having the same issue, I got it working with ApplicationUser, and without going through the OpenID Connect steps (minus cleaning out the membership/role providers in Web.config). But I would still be spinning on it without your write up. Thank you!

    #194631 Jun 27, 2018 2:45