Sitecore Custom Membership Provider

2
votes

We have a need to use an existing external database for our membership needs. This database will contain all the basic information needed to authenticate and authorize users. I'm looking to see if you have documentation that can guide me through this process. I've seen posts online for custom membership providers implementation. But I haven't seen examples on how to integrate the custom membership provider with Sitecore API so Sitecore.Context.User will return the information of the logged in user.

Also, is there a way to access the custom profile information via Sitecore API?

Thanks

2
sitecoremembership-provider
Will this DB also be authenticating editors for the sitecore backend or only for website access? Because it is important that you do not break Sitecore functionality of course and setting up the Switching Membership Provider isn't as straightforward since there's some information missing from the documentation (or I couldn't find it at least)IvanL
This is for website authentication only. Sitecore logins need to stay as is.Gabbar
In that case you're best off setting up Switching Membership providers. I'll post an answer with how we did this for a project I'm currently working on.IvanL

2 Answers

2
votes

As promised in my comment here is our setup for enabling the Sitecore setup to stay the same while adding an extra membership provider to use in your website specifically.

First this can be found inside of our web.config transform file under the <system.web>:

<membership hashAlgorithmType="SHA256" xdt:Transform="SetAttributes(hashAlgorithmType)">
  <providers>
    <add name="sitecore" type="Sitecore.Security.SitecoreMembershipProvider, Sitecore.Kernel" realProviderName="switcher" providerWildcard="%" raiseEvents="true" xdt:Locator="Match(name)" xdt:Transform="Replace" />
    <add name="myprovider" type="MyProject.SecurityProviders.MembershipProvider, MyProject.SecurityProviders" applicationName="sitecore" xdt:Transform="Insert"/>
  </providers>
</membership>
<roleManager>
  <providers>
    <add name="sitecore" type="Sitecore.Security.SitecoreRoleProvider, Sitecore.Kernel" realProviderName="switcher" raiseEvents="true" xdt:Locator="Match(name)" xdt:Transform="Replace" />
    <add name="myprovider" type="MyProject.SecurityProviders.RoleProvider, MyProject.SecurityProviders" applicationName="sitecore" xdt:Transform="Insert"/>
  </providers>
</roleManager>

Next this is found in a separate config include file directly under <sitecore>:

<switchingProviders>
  <membership>
    <provider providerName="myprovider" storeFullNames="false" wildcard="%" domains="websitedomain" patch:before="*"/>
  </membership>
  <roleManager>
    <provider providerName="myprovider" storeFullNames="false" wildcard="%" domains="websitedomain" patch:before="*"/>
  </roleManager>
</switchingProviders>

These 2 changes in configuration will enable you to create a custom membership and role provider (in case you need one). As you can see the tricky part is not making the switching membership provider of sitecore the default provider (as stated in the documentation 2.6.2) but setting the realProviderName of the sitecore provider to switcher.

From hereon it is straightforward implementation of ASP.NET Membership.

1
votes

You have seen this document already?

A Developer's Guide to Integrating Authentication Systems with Sitecore

It talks you through the whole process of creating an ASP.net membership provider. The whole point of the provider is that it abstracts the API from the implementation, so you can definitely achieve what you need.

Essentially, you need to override all the relevant methods from the base ASP.Net provider, using them to "wrap" around equivalent calls to your external database.