Don't miss out Virtual Happy Hour this Friday (April 26).

Try our conversational search powered by Generative AI!

AI OnAI Off

SqlMembershipProvider configuration in web.config

dblomsma
dblomsma
Vote:
 

Hello,

I've got a question about the Membership Provider settings in the web.config.

Error messages are shown in the Episerver CMS on the Administer Groups, Search User/Group and Create User pages after an upgrade to CMS 11.3.1 and Commerce 11.5.1.

The error messages are "There is no Role Provider configured and/or enabled in Web.config!" and "There is no Membership Provider configured in web.config!".

The SqlMembershipProvider is still working without any problems in the site itself, does any of you have any clue why the pages are displaying this error message? How can we resolve this?

Thanks,

Dominique

#187182
Jan 15, 2018 15:03
Vote:
 

Can you please paste the following sections from your web.config:

<membership>

<roleManager>

<virtualRoles>

<location path="EPiServer/CMS/admin">

#187189
Jan 15, 2018 19:46
dblomsma
dblomsma
Vote:
 

Yes of course, here are the web.config sections:

 <roleManager enabled="true" defaultProvider="CMSRoleProvider" cacheRolesInCookie="true">
  <providers>
	<clear />
	<add name="MultiplexingRoleProvider" type="EPiServer.Security.MultiplexingRoleProvider, EPiServer.Framework.AspNet" provider1="SqlServerRoleProvider" provider2="WindowsRoleProvider" providerMap1="SqlServerMembershipProvider" providerMap2="WindowsMembershipProvider" />
	<add name="WindowsRoleProvider" applicationName="ECApplication" type="EPiServer.Security.WindowsRoleProvider, EPiServer.Cms.AspNet" />
	<add name="SqlServerRoleProvider" connectionStringName="EPiServerDB" applicationName="ECApplication" type="System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
	<add connectionStringName="EcfSqlConnection" applicationName="ECApplication" name="CMSRoleProvider" type="Mediachase.Commerce.Customers.Profile.Providers.CustomerSqlRoleProvider, Mediachase.Commerce" />
  </providers>
</roleManager>

<membership defaultProvider="CMSMembershipProvider" userIsOnlineTimeWindow="10" hashAlgorithmType="HMACSHA512">
  <providers>
	<clear />
	<add name="MultiplexingMembershipProvider" type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer.Framework.AspNet" provider1="SqlServerMembershipProvider" provider2="WindowsMembershipProvider" />
	<add name="WindowsMembershipProvider" type="EPiServer.Security.WindowsMembershipProvider, EPiServer.Cms.AspNet" deletePrefix="BUILTIN\" searchByEmail="true" />
	<add name="SqlServerMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="EPiServerDB" requiresQuestionAndAnswer="false" applicationName="EPiServerSample" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
	<add connectionStringName="EcfSqlConnection" applicationName="ECApplication" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Hashed" passwordStrengthRegularExpression="" minRequiredPasswordLength="8" minRequiredNonalphanumericCharacters="0" name="CMSMembershipProvider" type="Mediachase.Commerce.Customers.Profile.Providers.CustomerSqlMembershipProvider, Mediachase.Commerce" />
  </providers>
</membership>

<virtualRoles addClaims="true">
    <providers>
      <add name="Administrators" type="EPiServer.Security.WindowsAdministratorsRole, EPiServer.Framework" />
      <add name="Everyone" type="EPiServer.Security.EveryoneRole, EPiServer.Framework" />
      <add name="Authenticated" type="EPiServer.Security.AuthenticatedRole, EPiServer.Framework" />
      <add name="Anonymous" type="EPiServer.Security.AnonymousRole, EPiServer.Framework" />
      <add name="PackagingAdmins" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebAdmins, Administrators" mode="Any" />
      <add name="CmsAdmins" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebAdmins, Administrators" mode="Any" />
      <add name="CmsEditors" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebEditors" mode="Any" />
      <add name="Creator" type="EPiServer.Security.CreatorRole, EPiServer" />
      <add name="CommerceAdmins" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebAdmins, Administrators" mode="Any" />
    </providers>
</virtualRoles>

<location path="episerver/CMS/admin">
    <system.web>
      <authorization>
        <allow roles="WebAdmins, Administrators" />
        <deny users="*" />
      </authorization>
    </system.web>
</location>
#187190
Jan 15, 2018 19:56
Vote:
 

I believe you need to use MultiplexingMembershipProvider as your default provider to use both SQL and your custom membership provider, no?

Something along those lines:

<system.web>
<membership defaultProvider="MultiplexingMembershipProvider" userIsOnlineTimeWindow="10">     
<providers>       
<clear /> 
<add name="MultiplexingMembershipProvider" type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer" provider1="SqlServerMembershipProvider" provider2="MyMembershipProvider" /> 
<add name="SqlServerMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="EPiServerDB" requiresQuestionAndAnswer="false" applicationName="EPiServerSample" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
<add name="MyMembershipProvider" type="MyMembershipProvider.MyMembershipProvider, MyMembershipProvider, Version=1.0.0.0, Culture=neutral"  connectionStringName="MySqlConnection" applicationName="MyEPiServerSite" maxInvalidPasswordAttempts="3" passwordAttemptWindow="10" requiresQuestionAndAnswer="false"/>
</providers>
</membership>
< ... >
</system.web> 

Same thing for the role provider. Try that and let me know if it works. 

#187192
Jan 15, 2018 20:21
dblomsma
dblomsma
Vote:
 

We only use the default EPiServer Commerce role and membership implementation, we've removed the other providers in the web.config but we still get the error on the pages.
The RoleManager and Membership configuration is as following:

   <roleManager enabled="true" defaultProvider="CMSRoleProvider" cacheRolesInCookie="true">
      <providers>
        <clear />
        <add connectionStringName="EcfSqlConnection" applicationName="ECApplication" name="CMSRoleProvider" type="Mediachase.Commerce.Customers.Profile.Providers.CustomerSqlRoleProvider, Mediachase.Commerce" />
      </providers>
    </roleManager>
    <membership defaultProvider="CMSMembershipProvider" userIsOnlineTimeWindow="10" hashAlgorithmType="HMACSHA512">
      <providers>
        <clear />
        <add connectionStringName="EcfSqlConnection" applicationName="ECApplication" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Hashed" passwordStrengthRegularExpression="" minRequiredPasswordLength="8" minRequiredNonalphanumericCharacters="0" name="CMSMembershipProvider" type="Mediachase.Commerce.Customers.Profile.Providers.CustomerSqlMembershipProvider, Mediachase.Commerce" />
      </providers>
    </membership>

This seems like the clean and most basic configuration for the membershipprovider for Commerce right?

What we found is that in the code for the EditUsers screen in the Admin panel a value of type EPiServer.Shell.Security.UIUserProvider and EPiServer.Shell.Security.UIRoleProvider should get injected by EPiServer.ServiceLocation, but it seems that these have a value of NULL when loading the page.

We are clueless into why these variables are NULL or how we can get these pages to get the right implementation injected.

#187218
Jan 16, 2018 11:46
Bo Rosenquist
Bo Rosenquist
Vote:
 

Dominique, We have the same experience, CMS 11.3.2, and Commerce 11.7.1.

Did you get your issue resolved?

In that case, how?

Thanks in advance.

/Bo

#187740
Feb 01, 2018 16:30
dblomsma
dblomsma
Vote:
 

Hello Bo,

Yes we solved the issue by removing the package EPiServer.Cms.UI.AspNetIdentity from the project.
The package has an InitializationModule as shown below which caused the problem:

public void ConfigureContainer(EPiServer.ServiceLocation.ServiceConfigurationContext context)
{
	if (context.HostType == HostType.WebApplication)
	{
		context.Services.AddTransient<UIUserProvider>(s => HttpContext.Current.GetOwinContext().Get<UIUserProvider>())
			.AddTransient<UIRoleProvider>(s => HttpContext.Current.GetOwinContext().Get<UIRoleProvider>())
			.AddTransient<UIUserManager>(s => HttpContext.Current.GetOwinContext().Get<UIUserManager>())
			.AddTransient<UISignInManager>(s => HttpContext.Current.GetOwinContext().Get<UISignInManager>());
	}
}

Does this help you to solve your problem?

#187742
Feb 01, 2018 16:40
Bo Rosenquist
Bo Rosenquist
Vote:
 

Thanks Dominique,

Yes, I am now able to access Users and Groups :)

#187743
Feb 01, 2018 16:52
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.