+1-888-365-2779
Try Now
More in this section

Forums / Deployment / Problems with Security in case when we have many instances and only one database

Problems with Security in case when we have many instances and only one database

6 posts, 0 answered
  1. Artur Okolity
    Artur Okolity avatar
    3 posts
    Registered:
    22 Jun 2008
    15 Aug 2008
    Link to this post
    Hello,

    I have a problem with Security in Sitefinity. I'm using next schema: many instances and only one database.
    I've read page 67 in UserManual(Working with Multiple Web Sites) and have set all parameters that were defined in that document: <cms> and <cmsEngine> sections. Static conent(Pages, Templates) everything is ApplicationName specific, but Roles and Users are shared amoung all instances. And this is terrible.
    For example we have instance A, B, C and shared DB. All these instances will see whole list of Users and their Roles. Security block IS NOT ApplicationName specific.

    Maybe I don't know something, maybe I'm missing some parameters.
    Guys can you help me?
  2. Georgi
    Georgi avatar
    3583 posts
    Registered:
    28 Oct 2016
    18 Aug 2008
    Link to this post
    Hi Developer,

    Thank you for contacting us.
    applicationName attribute for the security and the membership providers actually exists:
    <system.web> 
    .. 
      <roleManager enabled="true" cacheRolesInCookie="true" defaultProvider="Sitefinity"
          <providers> 
            <clear /> 
            <add connectionStringName="DefaultConnection"  
              applicationName="/" 
              name="Sitefinity"  
              type="Telerik.DataAccess.AspnetProviders.TelerikRoleProvider, Telerik.DataAccess" /> 
          </providers> 
        </roleManager> 
        <membership defaultProvider="Sitefinity"  
         userIsOnlineTimeWindow="15" hashAlgorithmType="" > 
          <providers> 
            <clear /> 
            <add name="Sitefinity"  
             connectionStringName="DefaultConnection"  
             type="Telerik.DataAccess.AspnetProviders.TelerikMembershipProvider, 
             Telerik.DataAccess"  
             enablePasswordRetrieval="false"  
             enablePasswordReset="true"  
             requiresQuestionAndAnswer="false"  
             applicationName="/"  
             requiresUniqueEmail="false"  
             passwordFormat="Hashed"  
             maxInvalidPasswordAttempts="5"  
             passwordAttemptWindow="10" passwordStrengthRegularExpression=""            
             minRequiredPasswordLength="1"  
             minRequiredNonalphanumericCharacters="0" /> 
          </providers> 
        </membership> 
        <profile defaultProvider="Sitefinity"
          <providers> 
            <clear /> 
            <add name="Sitefinity"  
             connectionStringName="DefaultConnection"  
             applicationName="/"  
             type="Telerik.DataAccess.AspnetProviders.TelerikProfileProvider, Telerik.DataAccess" /> 
          </providers> 
          <properties> 
            <add name="FirstName" /> 
            <add name="LastName" /> 
          </properties> 
        </profile> 

    Please don't hesitate to contact us again if you have any other questions.

    Greetings,
    Georgi
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
  3. Artur Okolity
    Artur Okolity avatar
    3 posts
    Registered:
    22 Jun 2008
    18 Aug 2008
    Link to this post
    Hi Georgi,

    I saw that there is
    applicationName attribute for the security and the membership providers.
    I must create new Admin for the system when I'm installing new Sitefinity instance. And applicationName will be "/" by default.
    So my new Admin will be created and record with default application will be recorded in DB.
    For example the insert operation will put in telerik_Users next record:
    ApplicationId,
    Password
    ect.

    What is important:
    ApplicationId. In DB this is uniqueidentifer.
    So please tell me how "/" and
    ApplicationId are connected?

    Next we have telerik_Applications table and it contains our default applicationName. But this table isn't connected to
    telerik_Users, telerik_Roles etc.

    When I'm changing applicationName in web.config I can't login to the system using Admin's credentials. And I can't see my "MyApplicationName" in any of these tables that are responsible for Security.

    Please, tell me what you think?
  4. Georgi
    Georgi avatar
    3583 posts
    Registered:
    28 Oct 2016
    21 Aug 2008
    Link to this post
    Hi Developer,

    You are right that when you change the applicationName in the web.config, you will not be able to log in the system using Admin's credentials. This is because the application is searching for a user associated with the current applicationName. What you could do is create a new Admin user for this applicationName:

    1. Change the applicationName to the desired identifier.
    2. Open the following URL in your browser: http://<yourhost>/<yourproject>/Sitefinity/cmsstartup.aspx
    3. Choose the database you currently use.

    The system will check for existing administrators under the current applicationName, and will ask you to create a new administrator.

    After these steps, you should be able to log in with the newly-created user.

    I hope this helps.

    Greetings,
    Georgi
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
  5. Artur Okolity
    Artur Okolity avatar
    3 posts
    Registered:
    22 Jun 2008
    24 Sep 2008
    Link to this post
    Ok. This is not helping too.
    After changing the applicationName I can't reach http://<yourhost>/<yourproject>/Sitefinity/cmsstartup.aspx.

    System is redirecting me to the nopermissions.aspx.
    It seems that we MUST login first.

    Any ideas?
  6. Joe
    Joe avatar
    138 posts
    Registered:
    24 Sep 2012
    26 Sep 2008
    Link to this post
    Hi Artur,

    Thanks for contacting us.

    Based on your input, you should add multiple providers instead of changing the default provider to suit your needs. If you add multiple data providers, you can use multiple sources for membership information, which you are trying to do. Take a look at this article on using multiple membership providers for more information.

    Feel free to contact us if you need further assistance.

    Best wishes,
    Joe
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
Register for webinar
6 posts, 0 answered