MembershipProviders

I see that the membership provider listed in the web.config is:

Hi Joe,

OpenAccessMembershipProvider inherits from MembershipDataProvider. MembershipDataProvider has abstract methods that its inheritors should implement.

OpenAccessMembershipProvider - OpenAccess implementation of data provider for Sitefinity membership services. This provider creates, gets, deletes users for a given OA scope.

MembershipDataProvider is an abstract class. It includes abstract methods. OpenAccessMembershipProvider is a child class of the abstract MembershipDataProvider. MembershipDataProvider class might look uncompleted, but abstract classes are "generic" classes.

Best wishes,
Ivan Dimitrov
the Telerik team

One additional point of clarification is needed.... why is there a SitefinityMembershipProvider used in the web.config, and an OpenAccessMembershipProvider defined in the securityconfig.config?

Please explain why there are two.. is one used for front-end members and one used for back-end members?

I want to add additional functionalities during the validateuser method, will I need to be sure to extend both providers?

Hi Joe,

SitefinityMembershipProvider acts as the standard ASP.NET provider and in ASP.NET you declare the membership providers in the web.config.

OpenAccessMembershipProvider is a provider that inherits from SitefinityMembershipProvider and it is used for the backend and front end. If you implement a custom provider you should inherit from OpenAccessMembershipProvider and register it in SecurityConfig.config or replace the  default OpenAccessMembershipProvider.

For completely custom implementations ( for instance you want to store your user data in XML) you have to inherit from SitefinityMembershipProvider

You can override ValidateUser method in your custom provider - the method in the base class is virtual.

All the best,
Ivan Dimitrov
the Telerik team

Hi Joe,

Let me try to explain Membership implementation in little bit more details. The names are quite confusing and I see Ivan has mixed them a bit.

MembershipDataProvider is the base class for UserManager data providers. It represents standard Sitefinity data provider, note: it is not ASP.Net Membership provider. OpenAccessMembershipProvider is a concrete implementation of MembershipDataProvider which utilizes OpenAccess as underlying storage. Sitefinity's membership providers differ significantly from ASP.Net providers. The most obvious difference is that you can query using LINQ if use UserManager or MembershipDataProvider.

On the other hand SitefinityMembershipProvider is just a wrapper around MembershipDataProvider that provides a bridge to the standard ASP.Net Membership API. We do not use it in Sitefinity, but if you feel more comfortable with the ASP.Net Membership, you could use it. Also it might be used by other applications to access Sitefinity membership data.

There is another class named MembershipProviderWrapper, which does exactly the opposite of SitefinityMembershipProvider.  It wraps standard ASP.Net provider to allow Sitefinity to work with third party membership providers that were not specifically designed for Sitefinity. This class is internal and you cannot use it directly but Sitefinity will automatically wrap all membership providers that are declared in web.config and they will become available in Sitefinity. In other words, providers declared in both web.config and SecurityConfig.config will be merged and they all will be available in Sitefinity UI.

The wrappers in both directions are still incomplete and they are not included in our BAT tests yet. For the time being, your only option is to inherit form MembershipDataProvider and implement it the Sitefinity way.

I hope this information is helpful. Let me know if you have further questions.

All the best,
Bob
the Telerik team

I too am looking into these providers and here is some background information so that maybe someone can help me make the right choice for my customizations. We have an existing authentication infrastructure, where users authenticate with their email address and a password. We have several applications that use this single credential model, and we would to get this to work in SiteFinity. To accomplish this, how should I proceed?

Hello Mike,

1. There is no problem to use an email for username. In your case it looks like that it is better to create a custom membership provider that inherits from SitefinityMembershipProvider.

2. There is not out of the box implementation for Single Sign On in Sitefinity.

Kind regards,
Ivan Dimitrov
the Telerik team

Is it possible to create a SSO with Windows authentication.
What I mean is, if I log in in a windows operating system I don´t want to log in again, I want to be able to use my windows credentials to sitefinity web portal. Is it possible? And how?

I know we can use a AD provider in older 3.x version and with 4.0?

Thanks in advance.

Hi Filipe,

By default Sitefinity relies on FormsAuthentication cookie . We use our onw identity object SitefinityIdentity  - represents a user identity authenticated by Sitefinity and this class cannot inhereirted. SitefinityIdentity is
build againt HttpContextBase and FormsAuthenticationTicket

There is no problem to use Active Directory for which we have built-in provider. We are going to implement SSO out of the box, but this will happen after the official release of Sitefinity 4.0.

Greetings,
Ivan Dimitrov
the Telerik team

Actual SSO on final release?

Now I really want the membership provider code completed.

Where does the custom provider wrapper implementation fall on the priority scale at this point Ivan?

Thx

Hello Bill,

SSO and finishing the membership wrappers are scheduled for about Q1 next year. As you can see we started uploading weekly builds, so if something is done earlier you can benefit from the feature by patching your project through the Project Manager and its upgrade functionality.

Greetings,
Ivan Dimitrov
the Telerik team

Can you please tell me where Telerik.Framework.Security.IExtendedMembershipProvider has gone?

Hello Lorne,

IExtendedMembershipProvider is part of Sitefinity 3.x and we do not have this interface in Sitefinity 4.0. If you want to create a custom provider you should inherit from MembershipDataProvider and implement it the Sitefinity way.

Regards,
Ivan Dimitrov
the Telerik team

Hi Ivan,

Hi Lorne,

MembershipDataProvider is a base class from which our OpenAccessMembershipProvider inherits. OpenAccessMembershipProvider represents OpenAccess implementation of data provider for Sitefinity membership services. This provider creates, gets, deletes users for a given OA scope. If you want to use the out of the box implementation with OA you can inherit from OpenAccessMembershipProvider and override some of the methods.

All the best,
Ivan Dimitrov
the Telerik team

Do you have a bare-bones sample of how to create a custom MembershipProvider in Sitefinity 4? I understand I need to subclass Telerik.Sitefinity.Security.Data.MembershipDataProvider, however, there appears to be a lot more that needs to be done than simply implementing the abstract methods. Is there a guide somewhere?

Hello Lorne,

1. You have to implement the methods that will operate with your users

Ivan,

Hello Lorne,

Currently you cannot use other provider that this Sitefinity's mode for Membership and Role providers. We use specific objects which our code expects. When you call GetUsers() you can return ILIst of objects from your database and then cast it to IQueryable

Greetings,
Ivan Dimitrov
the Telerik team

Hi Ivan,

Hello Lorne,

There will be a standard ASP.NET Membership and Role providers wrappers after the official release that will allow you to plug a standard provider to Sitefinity. I hope that this will sort out issues related to integrating a custom provider in case you have an old one.

Greetings,
Ivan Dimitrov
the Telerik team

Okay. Never mind. I see that configuring the default membership and role providers for the backend is done on another node. Kind of confusing.

Hi Lorne,

I'm struggling to implement custom membership on Sitefinity 4.0 RC. Care to provide sample snippets / pointers on how you've managed to achieve it.

Thanks in advance,
Bobby

Bobby,

HI,

It seems that this may be the rute we have to take.  We cannot wait for the wrappers to be release if February or March.  If anyone has code or issues they can discuss with regard to custom membership please post.

David

Hey folks,

Given the fact that the standard ASP.NET Membership and Role provider wrappers won't be ready until some time in Q1, has anyone else solved the problem that Lorne described?  I too have a massive user list that I cannot query and have authentication handled via a webservice call.  Looks like that situation isn't easily solved as it was in 3.x and doesn't appear to be solved in the final release of 4.0.

Anyone willing to post code samples for a solution?

Thanks

- William

Hi Joe,

We made some changes to our code last week and currently there should not be a problem to use MembershipDataProvider class. GetUsers should return <User> objects.

Best wishes,
Ivan Dimitrov
the Telerik team

Hey all,

I'd already implemented my Membership (and Users, Role) providers (based on .Net's System.Web.Security.MembershipProvider, .MembershipUser, and RoleProvider) for our Sitefinity 3.7 implementation, and while digging through posts about  Telerik.Sitefinity.Security.Data.MembershipDataProvider I came across this and a list of comments about the availability of wrappers to the .net membership providers. As this code is already tested and in production, I'd like to try to continue to use my existing code.

Is there a wrapper that I need to look at to inherit from to update my original MembershipProvider code?

Thanks!
Joel

Hi Joel,

The wrappers will be available for the SP1.

Regards,
Ivan Dimitrov
the Telerik team

Hi Ivan,

Could you point me in the right direction for the membership wrappers?

Thank you!
Joel

Ivan was wrong....

The wrappers are available for Q1 and not SP1...

Hi Larry,

Yes, we will have membership, role and profile wrappers for Q1. I am sorry for the confusion.

All the best,
Ivan Dimitrov
the Telerik team