1-888-365-2779
+1-888-365-2779
Try Now
More in this section

Forums / Developing with Sitefinity / Developing a Custom Membership Provider

Developing a Custom Membership Provider

13 posts, 0 answered
  1. Luc Baeten
    Luc Baeten avatar
    169 posts
    Registered:
    23 Sep 2005
    30 Oct 2007
    Link to this post
    At the moment we are busy with the development of an extranet website with Sitefinity. This extranet website uses a seperate dealer database for authentication of dealers.
    So I created a Custom Membership Provider to validate users with a user name and password that are stored in this seperate dealer database.
    This Custom Membership Provider works as it should be.

    In Sitefinity I defined two roles:
    - administrators who are able to manage the Sitefinity website
    • - dealers who are not able to manage the Sitefinity website but are able to look at specific pages in this extranet website. In other words this dealer role does have permissions on specific pages within the extranet website. When you are part of this role you should be able to see these pages.

    In Sitefinity I am able to list all the users in the dealer database by selecting the custom membership provider in the list.
    I am also able to show the Membership info of a selected user (Profile hyperlink).

    In the membership info the two roles are presented but when I select a role and save the user info the selected role is not stored.
    How should I store this Sitefinity role information?

    Regards
    Luc Baeten
  2. Yasen
    Yasen avatar
    121 posts
    Registered:
    18 May 2013
    31 Oct 2007
    Link to this post
    Hello Luc Baeten,

    The problem derives from the design of the TelerikRoleProvider (which is actually similar to the System.Web.Security.SqlRoleProvider). The provider makes queries against both the tables with users and with roles. So here is what happens in your case:
    • You choose to use a different membership provider from another database.
    • You choose to use our TelerikRoleProvider (or SqlRoleProvider).
    • You change your providers in the administration (probably from the dropdown list)
    • Your custom membership provider works fine (returns your users). So does the Role provider, however the role provider manages the users that are available in its database (the Sitefinity database).

    I can give you two ideas about how to manage these users. The first is to create another role provider that is located in your client's database, so when you change the providers in Sitefinity, you'll also change the role provider and roles will be adequate.

    Another possibility is to provide such membership - a role provider pair that saves membership data in one database and has a table with all users in the Sitefinity database. However, you'll probably have more troubles using this technique, so I recommend the first one.

    If  you have any other questions or need further assistance, feel free to ask again.

    Best wishes,
    Yasen
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  3. Luc Baeten
    Luc Baeten avatar
    169 posts
    Registered:
    23 Sep 2005
    31 Oct 2007
    Link to this post

    Hi Yasen

    Thanks for your info.
    I want to let Sitefinity manage the authentication and the authorization on the pages.

    If I create a custom role provider, can Sitefinity work with the roles that are defined with this role provider? With other words: if I define a dealer role with the developed custom role provider and add different dealers to this role, can I use this dealer role on the permission tab of the different pages? And is authorization handled correctly by Sitefinity?

    Every day the dealer table is imported on the production server of the extranet server. So another option would be that I create a new user with the (in Sitefinity) defined dealer role in the Sitefinity database (and with the Sitefinity Membership and Role Provider) for each imported dealer in the dealer table.
    Is this possible? And if so how can I do this?

    I hope you understand what I mean. Can you tell me what would be the best option. I have a preference for the second option.

    Regards
    Luc Baeten

    Milestre BV

  4. Yasen
    Yasen avatar
    121 posts
    Registered:
    18 May 2013
    31 Oct 2007
    Link to this post
    Hello Luc Baeten,

    Sitefinity is designed to work properly with other providers. The permissions sections will react to the current role provider set for the CMS administration. If you have a pair membership - role provider that works with a database, all you have to do are some settings in the web.config file.

    As I understand your second idea, you want to maintain the information about users (dealers) in both the Sitefinity database and the external database. You can import the user data (new users, which users to which roles belong) in these tables every day. This way you can use the default Sitefinity providers. The thing that bothers me is the synchronization between both databases, your responsibility would be to keep the information up to date.

    Here is a little more info about the Sitefinity database:
    We have a table for users, that also stores membership data (Telerik_Users) a table for Roles (Telerik_Roles) and an intermediate table Telerik_UsersInRoles. Permissions are saved by role name in other tables.

    I can't tell which method would be better in your case, however, I think the first one would be easier to maintain. If you have any other questions, we'll be happy to help.

    Best wishes,
    Yasen
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  5. Luc Baeten
    Luc Baeten avatar
    169 posts
    Registered:
    23 Sep 2005
    31 Oct 2007
    Link to this post
    Hi Yasen

    Now I have developed a custom Membership and Role Provider. Sitefinity sees the custom Membership provider (in the combobox at Administration > Users page). But how can I let Sitefinity know that when the custom membership provider is selected, Sitefinity should use the custom role provider also?

    Regards
    Luc Baeten
  6. Yasen
    Yasen avatar
    121 posts
    Registered:
    18 May 2013
    31 Oct 2007
    Link to this post
    Hello Luc Baeten,

    When you select from the dropdown list, you select both membership and role providers. They need to have the same names (as both the default membership and role providers are named "Sitefinity"). If your role provider is named differently, you set only the membership provider.

    Please note that when you change the providers from the dropdown, you change them only for the current session only for the Users section of administration. To change the provider for the entire CMS, you have to change the cms providers in the web.config. You have to change telerik => security => cmsProvidersName, and telerik => security => providers => DefaultSecurityProvider => MembershipProvider and RoleProvider

    All the best,
    Yasen
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  7. Luc Baeten
    Luc Baeten avatar
    169 posts
    Registered:
    23 Sep 2005
    31 Oct 2007
    Link to this post
    Hi Yasen

    Great. Thanks for the info. I had a different role provider name in relation to membership provider. Now I can see the roles of Sitefinity as well as of my custom role provider. We are almost at the end of this issue.

    Related to your second note: I do want to have the Sitefinity Membership and Role Provider for the authentication and authorization of the managers of  the CMS (the users who should be able to create new page, change new pages etc.)
    Our own custom Membership and Role provider should be used to authenticate and authorize people to see specific pages.
    So in fact when I am going to change the permissions of a page in the CMS I want to see the roles of the Sitefinity Role provider as well as the roles of the custom role provider. Is this not possible?
    If not I probably have to change the webconfig conform your note. But hat means that I have to create the administrators role in my custom role database?!

    Regards
    Luc Baeten
    Milestre BV

  8. Yasen
    Yasen avatar
    121 posts
    Registered:
    18 May 2013
    01 Nov 2007
    Link to this post
    Hi Luc Baeten,

    The administration of Sitefinity can use only one set of providers at a time, it is not possible to manage permissions for two role providers at the same time. Page permissions are not an exception, even though you need to have only "view" rights for the other set of users. The easiest way would be to add the administration roles in your provider (if this is an easy task in your case).

    There is another possible solution, however, it takes some more effort. You can create a custom page security implementation, parallel to the default one.
     
    A possible way is to create a "permissions" table in the database that holds information about the pages that can be accessed by a given role. Then create a control that sets permissions per page for the roles in your role provider. Eventually you can create a custom http module and on the "post authenticate" event to check if the user has permissions for the desired page. To make it compatible with the Sitefinity security, you may set "anonymous access" for all pages to "deny" and then give "view" permissions for "everyone".

    This way users from the default Sitefinity database will manage the CMS, based on their (Sitefinity) roles, depending on your implementation they would be able to manage page permissions for other users. The other set of users from your custom providers will have "view" permissions for pages, depending on their roles.

    However, I think this won't go smoothly and don't recommend it, unless it is inevitable. Sorry for the tentative answer, if you have any other ideas, we'll be glad to discuss them.

    Best wishes,
    Yasen
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  9. Luc Baeten
    Luc Baeten avatar
    169 posts
    Registered:
    23 Sep 2005
    02 Nov 2007
    Link to this post
    Hi Yasen

    Thanks for your information.
    I manage Sitefinity for this website with the custom membership and role provider now. I added the administrator role in my provider and added a admin user to it. With this user I was able to manage the CMS.
    I also added the dealers role to my provider and was able to define page permissions for this dealer role.

    With your help I was able to solve this problem. I will document this problem with presentation of sources on our website www.milestre.nl so that other users of Sitefinity can use this knowledge. 
    Although it is described in the developers manual already, maybe you can extend it with the information you gave to me.

    Kind Regards
    Luc Baeten
  10. Luc Baeten
    Luc Baeten avatar
    169 posts
    Registered:
    23 Sep 2005
    02 Nov 2007
    Link to this post
    Hi Yasen

    Because I have an extranet website, all pages must have set  'Anonymous access' to deny. But with the suggestion you gave Gabe on October 29th (http://www.sitefinity.com/support/forums/support-forum-thread/b1043S-bakggt.aspx) I am able to set this setting automatically for all new created pages.

    Thanks and regards
    Luc
  11. Sonya
    Sonya avatar
    231 posts
    Registered:
    24 Sep 2012
    02 Nov 2007
    Link to this post
    Hi Luc Baeten,

    We are glad that the information Yasen provided was sufficient to overcome difficulties in setting the security of your web site. We  are constantly  working on extending the developer manual and any feedback about what is not clear enough or needs more explanation is more than welcome. We will definitely include what was covered in this forum thread. Please, do not hesitate to ask for extension of any topic you consider incomplete in the developer manual.  

    Greetings,
    Sonya
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  12. Luc Baeten
    Luc Baeten avatar
    169 posts
    Registered:
    23 Sep 2005
    07 Nov 2007
    Link to this post
    Hi

    I documented the solution on our website. You can find it here: 

    http://www.milestre.nl/English/News/Latestnews/CustomMembershipAndRoleProvider.aspx

    Regards
    Luc Baeten
  13. Sonya
    Sonya avatar
    231 posts
    Registered:
    24 Sep 2012
    07 Nov 2007
    Link to this post
    Hello Luc Baeten,

    Thank you for sharing your programming experience with Sitefinity and sharing your code. Your Telerik points have been updated.

    All the best,
    Sonya
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
Register for webinar
13 posts, 0 answered