A Custom Membership Provider in Sitecore (Part 1)

Configuration Details

Sometimes it is desirable not to use Sitecore to store user details directly, but rather to inplement custom providers for membership and roles. Essentially you replace the membership provider if you want to customise the Authentication of users (is the user valid?), and the role provider if you want to customise the Authorisation of users (what can the user do?).

By default Sitecore provides support for Authentication and Authorisation via SitecoreMembershipProvider and SitecoreRoleProvider, configured in the web.config. Any Membership Provider must support and may support the methods defined here: .

The following shows the initial configuration using Sitecore’s own providers and the new required configuration for custom providers for contrast:

<!-- SWITCHING PROVIDERS -->
<switchingProviders>
<membership>
    <provider providerName="sql" storeFullNames="true" wildcard="%" domains="*"/>
</membership>
...
</switchingProviders>

<switchingProviders>
  <membership>
    <provider providerName="MyMembershipProvider" storeFullNames="true" wildcard="%" domains="extranet" />
    <provider providerName="sql" storeFullNames="true" wildcard="%" domains="*" />
  </membership>
...
</switchingProviders>

As you can see from the configuration, the default “sql” switching provider is retained, but in addition Custom membership, role and profile providers can be added. Note that the domain to which these providers apply is specified in the configuration. The storeFullNames parameter is used to identify the form or usernames used by the provider: true, means that the username is stored as domain\username, and false stores username alone. Within the switching provider configuration the domains to which a provider applies can be configured. Either the domain (which will be referenced in the domains.config, too), or a wildcard (*) meaning all domains.

The domain referenced should exist in the domains.config of the site:

<domain name="sitecore" ensureAnonymousUser="false" />
<domain name="extranet" />
<domain name="default" isDefault="true" />

By default Sitecore ships with three providers: “sitecore”, “sql” and “switcher”. Custom providers work by replacing the “switching” provider. See the default providers, below:

<membership defaultProvider="sitecore" hashAlgorithmType="SHA1">
  <providers>
    <clear/>
    <add name="sitecore" type="Sitecore.Security.SitecoreMembershipProvider, Sitecore.Kernel" realProviderName="sql" providerWildcard="%" raiseEvents="true"/>
    <add name="sql" type="System.Web.Security.SqlMembershipProvider" connectionStringName="core" applicationName="sitecore" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="256"/>
    <add name="switcher" type="Sitecore.Security.SwitchingMembershipProvider, Sitecore.Kernel" applicationName="sitecore" mappings="switchingProviders/membership"/>
  </providers>
</membership>

In a Custom provider scenario the new provider would be configured as below (“MyMembershipProvider”):

<membership defaultProvider="sitecore">
  <providers>
    <clear />
    <add name="sitecore" type="Sitecore.Security.SitecoreMembershipProvider, Sitecore.Kernel" realProviderName="switcher" providerWildcard="%" raiseEvents="true" />
    <add name="sql" type="System.Web.Security.SqlMembershipProvider" connectionStringName="core" applicationName="sitecore" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="256" />
    <add name="switcher" type="Sitecore.Security.SwitchingMembershipProvider, Sitecore.Kernel" applicationName="sitecore" mappings="switchingProviders/membership" />
    <add name="MyMembershipProvider" type="MyUsers.Service.MyMembershipProvider, MyUsers.Service" connectionStringName="MPEntities" applicationName="sitecore" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" minRequiredNonalphanumericCharacters="0" enablePasswordReset="true" passwordFormat="Hashed" passwordStrengthRegularExpression="^(?=.*[A-Za-z])(?=.*[0-9])[A-Za-z0-9]{2,}$" minRequiredPasswordLength="6" />
  </providers>
</membership>

The specific configuration for these providers specifies:
1.) The class name of the provider
2.) The assembly containing it
3.) The connection string used by it
4.) Any standard provider defaults or parameters used

Bookmark the permalink.

Comments are closed