stackoom
  简体   繁体   中英

Sitecore - Switching Provider for Role Provider not respecting domain

 原文  2016-05-10 09:36:29       asp.net/ sitecore/ asp.net-membership/ membership-provider

Question

We have multiple sites running off one instance of sitecore. One of the sites requires the users & roles to be managed through an external back end system and as such, we have configured custom membership & role providers along with domains for each site. However, for some reason the switcher on the role provider does not seem to be being respected. If I log into the CMS as sitecore user, it still calls my custom role provider to try and get roles for this user, despite the role provider being configured against a different domain?

The role provider is working fine when actual users log into the site, but it shouldn't be being hit when CMS users are editing pages etc.

Config in our Web.config: 

<roleManager defaultProvider="sitecore" enabled="true" cookieRequireSSL="false" createPersistentCookie="false" cookieSlidingExpiration="true" cacheRolesInCookie="false">
  <providers>
    <clear />
    <add name="sitecore" type="Sitecore.Security.SitecoreRoleProvider, Sitecore.Kernel" realProviderName="switcher" raiseEvents="true" />
    <add name="sql" type="System.Web.Security.SqlRoleProvider" connectionStringName="core" applicationName="sitecore" />
    <add name="MyProvider" type="MyApp.Web.Infrastructure.Security.RoleProviders.MyProvider, MyApp.Web" applicationName="sitecore" />
    <add name="switcher" type="Sitecore.Security.SwitchingRoleProvider, Sitecore.Kernel" applicationName="sitecore" mappings="switchingProviders/roleManager" />
  </providers>
</roleManager>

Plus our patched in sitecore config: 

<switchingProviders>
  <roleManager>
    <provider providerName="MyProvider" storeFullNames="false" wildcard="%" domains="mydomain" patch:after="provider[@providerName='sql']"/>
  </roleManager>
</switchingProviders>

1 answers

solution1
 9 ACCPTED  2016-05-10 10:34:13

This appears to be a quirk/bug of Sitecore. When you use the SwitchingRoleProvider the domain property is ignored and the implemented provider gets called across all domains.

There are 2 undocumented properties that are added when using this Role Provider:

ignoredUserDomains - comma separated list of domains that the provider won't be applied to.

and

allowedUserDomains - comma separated list of domains that the provider will only be applied to.

You can only specify one of these for the role provider, and providing both will throw an exception.

In the example you have used, the following should resolve your issue: 

<switchingProviders>
  <roleManager>
    <provider providerName="MyProvider" storeFullNames="false" wildcard="%" allowedUserDomains="mydomain" patch:after="provider[@providerName='sql']"/>
  </roleManager>
</switchingProviders>

( source )

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Role provider and Role management Blazor default role provider Sql Role Provider Custom Role Provider Custom Role Provider with Windows Authentication Custom Role Provider with ActiveDirectory Authentication How to use Membership and Role provider? Update role with aspnet membership provider Role Provider In ASP.net How to set a role provider at runtime?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM