Views: 1
Number of votes: 5
Average rating:

Multiplexing providers

Sometimes you want to use more than one security provider. And that's what the EPiServer multiplex provider can help us. You can add one or more providers in the MultiplexingMembershipProvider section and the same numbers of items in the MultiplexingRoleProvider for the roles.

 

But if one provider allows search for emails, and another doesn't it throws an error. Bit annoying, but is easy to fix. you can add your own multiplexing provider like this:(only added try catch from the underline code)

Code Snippet
  1. public class MultiplexingMembershipProvider : EPiServer.Security.MultiplexingMembershipProvider
  2. {
  3.     public override string GetUserNameByEmail(string email)
  4.     {
  5.         foreach (MembershipProvider provider in this.Providers)
  6.         {
  7.             try
  8.             {
  9.                 string userNameByEmail = provider.GetUserNameByEmail(email);
  10.                 if (userNameByEmail != null)
  11.                 {
  12.                     this.CurrentUsername = userNameByEmail;
  13.                     return userNameByEmail;
  14.                 }
  15.             }
  16.             catch { }
  17.         }
  18.         return null;
  19.     }
  20. }

But there are also times when you want to have 2 user providers and only one role provider. When you have made a page based user provider, and want them to share the same roles. Then its a bit hassle, since if you add 2 of the same role providers, all roles are duplicated.

<add name="MultiplexingRoleProvider" type="Itera.Security.MultiplexingRoleProvider, Itera.Security" 
     provider1="SqlServerRoleProvider" 
     provider2="WindowsRoleProvider" 
     provider3="SqlServerRoleProvider" 
     providerMap1="SqlServerMembershipProvider" 
     providerMap2="WindowsMembershipProvider"
     providerMap3="EPiServerMembershipProvider"/>

The trick is to create your own MultiplexingRoleProvider. At the first glance it is pretty straight forward, but there are stuff inside the AdminGroup page that detects if your role provider inherits form MultiplexingRoleProvider, and gets all the users from the Providers from the role provider. And that is not virtual and is not possible to override.image

image

So to have 2 user providers and only one role provider you have to make your own. And as most of the time you need to copy the code from reflector, and make your modifications.

My modification was that I created a DisitinctProvider list and replaced all references that needed to use that one instead of the Providers.

Code Snippet
  1. public IList<RoleProvider> Providers
  2. {
  3.     get
  4.     {
  5.         if (this._providers == null)
  6.         {
  7.             this.InitProviders();
  8.         }
  9.         return this._providers;
  10.     }
  11. }
  12.  
  13. public IList<RoleProvider> DistinctProviders
  14. {
  15.     get
  16.     {
  17.         if (this._distinctProviders == null)
  18.         {
  19.             this.InitProviders();
  20.         }
  21.         return this._distinctProviders;
  22.     }
  23. }

The only trouble then is that in the admin group page you don’t get provider behind the role

image

This is what i would like to call a mistake by the code team that created the AdminGroup page. They should have checked for an interface instead of hardcode in the MultiPlexRoleProvider. or at least made all the properties there virtual.

 

Itera.Security.MultiplexingMembershipProvider

and

Itera.Security.MultiplexingRoleProvider

is inside the zip file here.

Dec 27, 2010

Anders Hattestad
(By Anders Hattestad, 1/3/2011 7:37:50 PM)

Not my best blog, but rate it 1 was a bit harse:)

Anders Hattestad
(By Anders Hattestad, 1/20/2011 11:12:07 AM)

Wow, got 2 fives :) thx

Dennis Malmgren
(By Dennis Malmgren, 3/4/2011 9:33:48 PM)

We ran into this issue with one customer wanting to authenticate against double AD nodes. Unfortunately that was before this post so had to solve it haphazardly :) great 'fix' to the builtin functionality.

Please login to comment.