SecurityContext.Current gets System.NullReferenceException when logged in


When logged in (with CMSMembershipProvider) I get a System.NullReferenceException on SecurityContext.Current. Is there any configurations that I am missing? Anyone else had this problem?


May 12, 2011 13:42

Hm. Just to make certain, are you accessing the principal through HttpContext.Current.User? Or EPiServer.Security.PrincipalInfo.CurrentPrincipal?

May 12, 2011 13:53

I am using SecurityContext.Current (Mediachase.Commerce.Security.SecurityContect.Current) to get additional information about my logged in user. If I use HttpContext.Current.User I get some information but it is not enough.


May 12, 2011 14:28

The problem seem to accur when calling CustomerSecurityProvider (used in This does not happend on the sample site (Click Talk) so what configuration am I missing? 


May 12, 2011 15:10

I really need some help with this!
Here is the stack trace from when logging in (as used in EPiServers demo site Click talk)

[NullReferenceException: Object reference not set to an instance of an object.]
   Mediachase.BusinessFoundation.Data.Sql.SqlCommandBuilder..ctor(String table) +60
   Mediachase.BusinessFoundation.Data.Sql.SelectCommandBuilder..ctor(String tableName, FilterElementCollection filters, SortingElementCollection sorting) +191
   Mediachase.BusinessFoundation.Data.DataHelper.List(String tableName, Int32 maxCount, FilterElementCollection filters, SortingElementCollection sorting) +241
   Mediachase.BusinessFoundation.Data.DataHelper.List(String tableName, Int32 maxCount, FilterElement[] filters) +263
   Mediachase.BusinessFoundation.Data.DataHelper.List(String tableName, FilterElement[] filters) +64
   Mediachase.Commerce.Security.SecurityProviders.Sql.RolePermissionRow.List(FilterElement[] filters) +132
   Mediachase.Commerce.Customers.CustomerSecurityDataRepository.LoadRole(String roleName) +414
   Mediachase.Commerce.Customers.CustomerSecurityCachedDataRepository.GetCachedSecurityRole(String roleName) +234
   Mediachase.Commerce.Customers.CustomerSecurityCachedDataRepository.LoadRole(String roleName) +189
   Mediachase.Commerce.Customers.Security.CustomerSecurityProvider.GetRoleByName(String roleName) +128
   Mediachase.Commerce.Customers.Security.CustomerSecurityProvider.InstallAdminRoles() +544
   Mediachase.Commerce.Customers.Security.CustomerSecurityProvider..ctor() +179

[TargetInvocationException: Exception has been thrown by the target of an invocation.]
   System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) +0
   System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) +146
   System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) +298
   System.Activator.CreateInstance(Type type, Boolean nonPublic) +79
   Mediachase.BusinessFoundation.Data.AssemblyUtil.LoadObject(String type, String interfaceName) +1508
   Mediachase.BusinessFoundation.Data.AssemblyUtil.LoadObject(String type) +63
   Mediachase.Commerce.Security.SecurityContext.GetSecurityProviderFromName(String providerName) +400
   Mediachase.Commerce.Security.SecurityContext.CreateInstance() +105
   Mediachase.Commerce.Security.SecurityContext.get_Current() +181
   Pelly.Templates.Units.LoginModule.LoginForm_Authenticate(Object sender, AuthenticateEventArgs e) in C:\Solutions\PellyLive\Site\Templates\Units\LoginModule.ascx.cs:210
   System.Web.UI.WebControls.Login.AttemptLogin() +152
   System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +124
   System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +70
   System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +29
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2981


May 12, 2011 16:07

Ok no I'm pissed off! The solution was that there was no httpmodule to handle the authenticateRequest event of the application pool. This file is called ProfilModule.cs in the ClickTalk sample project and is located under the HttpModules folder.

Isn't that supposed to be included when I install Commerce? 


May 13, 2011 9:07

Was this the actual solution to the problem?.....  I'm having exactly the same error and i've got ProfileModule.cs included in my project.

Jul 26, 2011 13:39

If anyone is interested particularly as EPiServer don't get on to the Commerce forums very much ;)...

The issue I was having was that the SqlContext.Current is returning as null a lot of the time, I can't find any reference to it being setup in the Sample Click2Talk site and I also can't see any specific configs that set it up either.  I've used the following code to make sure it is setup - this then makes sure that there isn't a crash in the Mediachase.BusinessFoundation.Data.Sql.SqlCommandBuilder

            if (SqlContext.Current == null)
                string connString = ConfigurationManager.ConnectionStrings["EcfSqlConnection"].ToString();
                SqlContext.Current = new SqlContext(connString);


Jul 27, 2011 11:27

Hi Simon!

We have the same problem as you! Randomly the SqlCommandBuilder crashes becase the SqlContext.Current is null.

When I debug I can see that several requests works, so I added a conditional breakpoint which stops when SqlContext == null, and if I then run you code it will continue smoothly otherwise crash.

But now to the issue: 


Where should I add this code? I think the last call in our code is some kind of .AcceptChanges() on the Cart but when I debug I only pass this .AcceptChanges() once and then several executions of SqlCommandBuilder is run and one of them gets the SqlContext== null, almost as it depends on different threads or something.


Where did you add this code ? and what did you resolve by this?


best regards Andreas

Oct 20, 2011 14:30
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.