+1-888-365-2779
Try Now
More in this section

Forums / Sitefinity Desktop Application / Supported Membership Providers

Supported Membership Providers

20 posts, 0 answered
  1. BoaMike
    BoaMike avatar
    51 posts
    Registered:
    25 Sep 2009
    07 Feb 2013
    Link to this post

    Does Lightning support the LdapUsers membership provider?  I am trying to test using Lightning on a site set up with SSO via Windows auth through an external STS, but I'm unable to connect.  The error returned is invalid username or password.  I can't find any log file generated by Lightning that might provide more info.  The only thing I can think is that this configuration is not yet supported by Lightning.  Can anyone confirm/deny this?

  2. Ivaylo Angelov
    Ivaylo Angelov avatar
    68 posts
    Registered:
    13 Sep 2016
    11 Feb 2013
    Link to this post
    Hello Michael,

    Thank you for contacting us!

    We are currently working on Windows Authentication through Lightning and it is expected to be one of the features in our next release.
    As far as your current configuration is concerned, what comes to mind is the following:
    Try changing the settings of your LDAP connection, section "LDAP authentication type" to Basic.
    If everything is alright with the LdapUsers, try to connect to the site through Lightning.

    I hope this information helps and I will be glad to assist you further.

    Regards,
    Ivaylo Angelov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. BoaMike
    BoaMike avatar
    51 posts
    Registered:
    25 Sep 2009
    11 Feb 2013 in reply to Ivaylo Angelov
    Link to this post

    Thanks for the suggestion, but unfortunately it didn't work for me.  

  4. Ivaylo Angelov
    Ivaylo Angelov avatar
    68 posts
    Registered:
    13 Sep 2016
    13 Feb 2013
    Link to this post
    Hello again Michael,

    I think we managed to solve the issue you've been facing.
    The reason for your inability to connect to the site through Lightning is that our client currently supports only the default backend membership provider. We'll work on this to allow you select the provider from Lightning in future. For the time being, follow these steps:
    1. Go to your Sitefinity site - Administration - Settings - Advanced - Security and set DefaultBackendMembershipProvider to LdapUsers.
    2. In Security - SecurityTokenIssuers, make sure you have added
      http://<your site url>/Sitefinity/Authenticate/SWT with the very same key value like the other entries.
    3. Restart Sitefinity.

    This should do the trick and allow you to connect successfully from Lightning.
    I hope this will aid you to solve the problem. Let me know if I can further assist you.
    Thank you!

    Greetings,
    Ivaylo Angelov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  5. BoaMike
    BoaMike avatar
    51 posts
    Registered:
    25 Sep 2009
    13 Feb 2013 in reply to Ivaylo Angelov
    Link to this post

    Ok, did that... still getting invalid username and password.... Do I need to add matching key to the web.config of my STS site?

  6. Ivaylo Angelov
    Ivaylo Angelov avatar
    68 posts
    Registered:
    13 Sep 2016
    14 Feb 2013
    Link to this post
    Well, that's strange since we tried this over and over again to make sure it works.
    As far as the web.config file of the STS site is concerned, there is no need to add anything there (it should only have the <add key="(the address of your Sitefinity website)" value="(the key you created in Step 5b)"/> which is described here and you have probably done this when setting up the configuration).
    Is the name of your membership provider LdapUsers or it is changed? Perhaps, there is a mismatch in the configuration.
    I would suggest the following approach:
    Would you be so nice to give us the configuration settings related to Security in your Sitefinity site - some screenshots for example. Or you can create a test user for us and we'll log in your site and go through the settings.

    Thank you very much for your patience and cooperation.

    Kind regards,
    Ivaylo Angelov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  7. Ivaylo Angelov
    Ivaylo Angelov avatar
    68 posts
    Registered:
    13 Sep 2016
    21 Feb 2013
    Link to this post
    Hello Michael,

    I am very excited to tell you that we now support Windows Authentication through Lightning and you can choose whether to use your Windows credentials or not when you connect to a site.
    As far as your issue is concerned, what could be still causing the trouble is the url to your Sitefinity site which you gave in your STS web.config file.
    Make sure it points to the domain itself and not just 'localhost'.

    Still, if you continue to observe the issue, we'll be glad to further investigate it.

    Regards,
    Ivaylo Angelov
    the Telerik team
  8. BoaMike
    BoaMike avatar
    51 posts
    Registered:
    25 Sep 2009
    21 Feb 2013 in reply to Ivaylo Angelov
    Link to this post

    Hmm... I'm still unable to connect... It's now displaying the message: Site cannot be added because there is no connection to the server.  I've attached screenshots of the web.config of my STS site, and security token issuers section of the SecurityConfig.config of my Sitefinity site.  The STS definitely seems to be working, as I have no issues authenticating to the backend... I just can't connect via Lightning...

  9. BoaMike
    BoaMike avatar
    51 posts
    Registered:
    25 Sep 2009
    21 Feb 2013 in reply to BoaMike
    Link to this post

    The previously attached SecurityConfig.config had a typo... I had tried using the IP address, instead of hostname...and made a typo, when changing it back.  Attached is the correction.... sorry 'bout that...

  10. Ivaylo Angelov
    Ivaylo Angelov avatar
    68 posts
    Registered:
    13 Sep 2016
    26 Feb 2013
    Link to this post
    Hello Michael,

    Thank you very much for the provided screenshots.
    From what we saw, all seems to be alright.
    However, the message you are now given from Lightning make us think that more thorough investigation of the web.config is needed.
    Would you be so nice to provide us with a screenshot of the section <federatedAuthentication> located under <microsoft.identityModel> in your site's web.config or the whole config file itself?

    Thank you for the patience and cooperation.

    All the best,
    Ivaylo Angelov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  11. BoaMike
    BoaMike avatar
    51 posts
    Registered:
    25 Sep 2009
    26 Feb 2013 in reply to Ivaylo Angelov
    Link to this post

    Attached is the web.config from my SF site, with only some connection string passwords edited... It's not really a .png, I just gave it a .png extension because it wouldn't let me attach it otherwise.  So, just remember to rename it before viewing

  12. Ivaylo Angelov
    Ivaylo Angelov avatar
    68 posts
    Registered:
    13 Sep 2016
    01 Mar 2013
    Link to this post
    Hello again Michael,

    Thank you for the config file you have sent.
    Unfortunately, we are unable to locate the issue.
    Still, we cannot reproduce the behavior you described locally.

    What we managed to do is implement a small tool to test the connection and authentication to your site.
    Please, extract the archive file from the attached files and run the application on the machine you are trying to use Lightning from. As soon as you test the connection to your site (either with or without Windows credentials) and there is any information provided by the tool (section Connection Log), we would ask you to copy/paste and send it right to us so we can investigate it.

    Thank you in advance!

    Regards,
    Ivaylo Angelov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  13. BoaMike
    BoaMike avatar
    51 posts
    Registered:
    25 Sep 2009
    01 Mar 2013 in reply to Ivaylo Angelov
    Link to this post

    Thanks for providing the tool.  Here's what shows in the connection log.  This shows when Use Windows Credentials is both checked AND unchecked.... It made no difference either way.

    Connecting... 
    Unsupported authentication.

  14. Ivaylo Angelov
    Ivaylo Angelov avatar
    68 posts
    Registered:
    13 Sep 2016
    06 Mar 2013
    Link to this post
    Hello Michael,

    Thank you very much for helping us investigating this issue and trying to improve Lightning.

    As we are a desktop client connecting to Sitefinity, we depend on the site responding with specific security header which provides us with an information about the security protocol used. Based on what you have given us as a feedback from the tool, the issue might be caused by either Sitefinity returning a wrong header  (which we don't parse successfully) or there is a custom security implementation
    on your site.

    By this time, we have already made a lot of improvements in the way Lightning connects to Sitefinity. All these new features will be part of our next release.

    As far as your case is concerned, we extended the tool's functionality so it can provide more details about the security header returned from Sitefinity. 

    Would you be willing to run the new improved tool we are sending to you and give us one more time the result given?

    Thank you on behalf of Lightning team!

    Kind regards,
    Ivaylo Angelov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  15. BoaMike
    BoaMike avatar
    51 posts
    Registered:
    25 Sep 2009
    06 Mar 2013 in reply to Ivaylo Angelov
    Link to this post

    The tool crashes upon trying to connect.  Debugging it in VS yields this:

    Could not load file or assembly 'Newtonsoft.Json, Version=4.5.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' or one of its dependencies. The system cannot find the file specified.

  16. Ivaylo Angelov
    Ivaylo Angelov avatar
    68 posts
    Registered:
    13 Sep 2016
    06 Mar 2013
    Link to this post
    Please excuse us for this negligence.
    We have tested the tool locally where the mentioned assembly resides in the GAC of our machines.
    You can find the missing *.dll in the attached zip file together with the tool itself.
    You can run it directly from there.

    All the best,
    Ivaylo Angelov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  17. BoaMike
    BoaMike avatar
    51 posts
    Registered:
    25 Sep 2009
    06 Mar 2013 in reply to Ivaylo Angelov
    Link to this post

    Ok, well, I don't know if the latest results will help much.  Pasted below is what I get after clicking 'Connect'.   That's all that's displayed....

    Connecting... 
    Unsupported authentication. 
    The authentication header contains:

  18. Ivaylo Angelov
    Ivaylo Angelov avatar
    68 posts
    Registered:
    13 Sep 2016
    07 Mar 2013
    Link to this post
    Hello again Michael,

    Thank you for all the cooperation so far.
    Actually, what you gave us is a vital information - Sitefinity returns no header at all.
    The absence of this header is quite mysterious because this is a core Sitefinity
    functionality which we depend on. Sitefinity must set it no matter what.
    This unexpected behavior leads to lack of ideas from our side and means that there is a issue related to your Sitefinity site. The only thing we can think of is to get your project and investigate it locally.
    If this is not an option for you, then you could create a new site and reuse all security
    related settings from your current project. Then, if the problem still exists, you can send us this empty project.

    Kind Regards,
    Ivaylo Angelov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  19. BoaMike
    BoaMike avatar
    51 posts
    Registered:
    25 Sep 2009
    20 Mar 2013 in reply to Ivaylo Angelov
    Link to this post
    Sorry for my delayed response... Can you elaborate on what you mean by "reuse all security related settings"?  I just want to make sure I get everything needed...  Is there anything else I can do to investigate why Sitefinity returns no header?  Perhaps using Fiddler2 or something like that?
  20. Ivaylo Angelov
    Ivaylo Angelov avatar
    68 posts
    Registered:
    13 Sep 2016
    21 Mar 2013
    Link to this post
    Hello Michael,

    What we could suggest is to try is the following:
    1. Create an empty Sitefinity project.
    2. Install Lightning module there and try to connect from Lightning. (if it's okay, go on, this will mean that it's not a local system security or other problem)
    3. Duplicate all security related settings from your current site (which you can't connect to from Lightning) to the freshly created one, including membership providers, security token issuers, relying parties, etc.
    4. Try to connect again from Lightning. Based on the result we will reduce the cases to two:
      - if successful, then there is a site related problem or there is a specific security setting on your server (could be a firewall on the machine itself, etc.)
      - if still unsuccessful, then you can send us right away the whole empty site project so we can investigate it at our side

    As far as Fiddler is concerned, you can send us the session as a text file with the headers only
    File - Save - Selected Sessions -  as Text (Headers only)...

    Greetings,
    Ivaylo Angelov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
20 posts, 0 answered