asp.net - umbraco public access error when authenticated -


i have issue public access in umbraco 7.

i use custom membership provider authenticate users crm database. set rule let access authenticated (front-end) users only , used custom role provider define authenticated users have visitors role. if not authenticated, redirected login page.

public access

when debug website user has role :

role test

i authenticated , role current user one.

role test

but still redirected login page ! don't understand.

my role provider: 

public class customroleprovider : umbraco.web.security.providers.membersroleprovider {     const int site_id = 6;      public override string applicationname     {                 {             return "site";         }     }      public override string[] getallroles()     {         return new[] { const.visitors_label };     }      public override string[] getrolesforuser(string username)     {         return new[] { const.visitors_label };     }      /// <summary>     ///      /// </summary>     /// <param name="username"></param>     /// <param name="rolename"></param>     /// <returns></returns>     public override bool isuserinrole(string username, string rolename)     {         //every user visitor         if(rolename == const.visitors_label)         {             return true;         }          else         {             return base.isuserinrole(username, rolename);         }     }      public override string[] getusersinrole(string rolename)     {         if(rolename == const.visitors_label)         {             using (var db = new crmentities())             {                 var usersemails = db.customer_view.where(x => x.siteid == site_id).select(x=>x.email).toarray();                 return usersemails;             }         }         else         {             return base.getusersinrole(rolename);         }     } }

here controller use authentication: 

public class memberloginsurfacecontroller : umbraco.web.mvc.surfacecontroller {     // memberlogin action returns view, create later. instantiates new, empty model our view:      [httpget]     [actionname("memberlogin")]     public actionresult memberloginget()     {         return partialview("memberlogin", new memberloginmodel());     }      // memberlogout action signs out user , redirects site home page:      [httpget]     public actionresult memberlogout()     {         session.clear();         formsauthentication.signout();         return redirect("/");     }      // memberloginpost action checks entered credentials using standard asp net membership provider , redirects user same page. either logged in, or message set in tempdata dictionary:     [httppost]     [actionname("memberlogin")]     public actionresult memberloginpost(memberloginmodel model)     {         if (membership.validateuser(model.username, model.password))         {             formsauthentication.setauthcookie(model.username, model.rememberme);              return redirecttocurrentumbracopage();         }          else         {             tempdata["status"] = "invalid username or password";             return redirecttocurrentumbracopage();         }     } }

my role provider in web.config , visitors role detected role in administration panel. 

<rolemanager enabled="true" defaultprovider="customroleprovider">   <providers>     <clear />     <add name="umbracoroleprovider" type="umbraco.web.security.providers.membersroleprovider" />     <add name="customroleprovider" type="*.ui.helpers.customroleprovider" />   </providers> </rolemanager>

edit: forgot membership provider : 

 public class mymembershipprovider : umbraco.web.security.providers.membersmembershipprovider {  const int site_id = 6;     //we dont let user change password using rc website     public override bool allowmanuallychangingpassword     {                 {             return false;         }     }      public override bool enablepasswordreset     {                 {             return false;         }     }      public override bool enablepasswordretrieval     {                 {             return false;         }     }      public override bool validateuser(string username, string password)     {         customer_view user;          //just avoid errors uppercase letters         username = username.tolowerinvariant();          using (var db = new crmentities())         {             user = db.customer_view.singleordefault(x => x.email == username && x.siteid == site_id);              //no user email             if (user == null)                 return false;              //check if password same             return user.password == password;         }     }      public override membershipuser getuser(string username, bool userisonline)     {         //just avoid errors uppercase letters         username = username.tolowerinvariant();         membershipuser toreturn;          using (var db = new crmentities())         {             customer_view user = db.customer_view.singleordefault(x => x.email == username && x.siteid == site_id);              toreturn = user != null ? new membershipuser(                 //provider name                 "mymembershipprovider", string.format("{0} {1}", user.firstname, user.lastname),                 username, username, string.empty, string.empty, true, true, user.createdate, new datetime(), new datetime(), new datetime(), new datetime()) :                  null;          }          return toreturn;     }      public override membershipuser getuser(object provideruserkey, bool userisonline)     {         return this.getuser(provideruserkey string, userisonline);     }   }

every time try access page has specific access redirected login page if authenticated:

login page

how can solve ?

why want add custom role provider. keep simple. if have registration page site can assign member type , member role programmatically

and if add member backend, can add "visitor" role easily.

so in both cases "visitor" role can applied members , can keep page behind login visitor role(all authenticated) easily.

edit: have removed code of adding role user programmatically not needed , solution below:

as know custom role provider , custom membership provider go hand in hand. have added custom membership provider , overrided validateuser method, work need override 2 more methods of getuser see code custom provider below , work

membershipprovider

public class mymembershipprovider : membersmembershipprovider {     public override bool validateuser(string username, string password)     {         if (base.validateuser(username,password))         {             //if umbraco user validate base method             return true;         }         else         {             var allow = //add validation code crm, have checked if username "tester" , allowed testing purpose.             return allow;         }     }     // these 2 methods below have not overridden , need override public access work      public override membershipuser getuser(object provideruserkey, bool userisonline)     {         if(base.getuser(provideruserkey, false)!=null)             //if umbraco user add is.             return base.getuser(provideruserkey,userisonline);         else             //add crm user, not have database, added test user             return new membershipuser("umbracomembershipprovider", "tester", 1233, "tester@test.com", null, null, true, false, datetime.now, datetime.now, datetime.now, datetime.now, datetime.now);     }     public override membershipuser getuser(string username, bool userisonline)     {         if (true)//check if crm user here         {             return new membershipuser("umbracomembershipprovider", "tester", 1233, "tester@test.com", null, null, true, false, datetime.now, datetime.now, datetime.now, datetime.now, datetime.now);             //i adding test user, should create user crm database         }         else             return base.getuser(username,false);      }  }

edit2

okay, have debugged every bit of code in roleprovider , membershipprovider, after user logged in when user tries access protected page, first getuser(string username, bool userisonline) gets called which, if failed, returns login page, after success getuser(object provideruserkey, bool userisonline) gets call. if returns null, insufficient access page shown else getrolesforuser(string username) gets called. , upon success page shown. have set break point on each method of both files, these 3 methods involved. see login page, guess getuser(string username, bool userisonline) first call failing somewhere.

below files if helps

roles config part

<rolemanager enabled="true" defaultprovider="umbracoroleprovider">   <providers>     <clear />     <!--<add name="umbracoroleprovider" type="umbraco.web.security.providers.membersroleprovider" />-->     <add name="umbracoroleprovider" type="assembly.providers.myrolesprovider" />   </providers> </rolemanager>

membership config part

<membership defaultprovider="umbracomembershipprovider" userisonlinetimewindow="15">   <providers>     <clear />     <add name="umbracomembershipprovider" type="assembly.providers.mymembershipprovider, assembly" enablepasswordretrieval="false" enablepasswordreset="false" requiresquestionandanswer="false" defaultmembertypealias="member" passwordformat="hashed" />     <!--<add name="usersmembershipprovider" type="umbraco.web.security.providers.usersmembershipprovider, umbraco" minrequirednonalphanumericcharacters="0" minrequiredpasswordlength="4" uselegacyencoding="true" enablepasswordretrieval="false" enablepasswordreset="true" requiresquestionandanswer="false" passwordformat="hashed" />-->     <add name="usersmembershipprovider" type="assembly.providers.myusermembershipprovider, assembly" minrequirednonalphanumericcharacters="0" minrequiredpasswordlength="4" uselegacyencoding="true" enablepasswordretrieval="false" enablepasswordreset="true" requiresquestionandanswer="false" passwordformat="hashed" />   </providers> </membership>

accountcontroller

public class accountsurfacecontroller : umbraco.web.mvc.surfacecontroller {     [httppost]     public actionresult loginform(loginmodel model)     {         //model not valid, not save, return current umbraco page         if (!modelstate.isvalid)         {             //perhaps might want add custom message tempdata or viewbag             //which available on view when renders (since we're not              //redirecting)                       return currentumbracopage();         }          // login         if (membership.validateuser(model.username, model.password))         {             formsauthentication.setauthcookie(model.username, false);             return redirecttocurrentumbracourl();         }         else         {             modelstate.addmodelerror("username", "username not valid");             return currentumbracopage();         }     } }  public class loginmodel {     [required]     public string username { get; set; }      [required]     [datatype(datatype.password)]      public string password { get; set; } }

rolesprovider

public class myrolesprovider : membersroleprovider {     const string visitors_label = "visitor";      public override string[] getallroles()     {         var roles = base.getallroles().tolist();         roles.add(visitors_label);         return roles.toarray();     }     public override string[] findusersinrole(string rolename, string usernametomatch)     {         if(rolename== visitors_label)         {             var users = applicationcontext.current.services.memberservice                 .getallmembers().select(m => m.email).tolist();             users.add("tester@test.com");             return users.toarray();         }         return base.findusersinrole(rolename, usernametomatch);     }     public override bool roleexists(string rolename)     {         if(rolename == visitors_label)         {             return true;         }         return base.roleexists(rolename);     }     public override string[] getrolesforuser(string username)     {         var roles = base.getrolesforuser(username).tolist();         roles.add(visitors_label);         return roles.toarray();     }     public override bool isuserinrole(string username, string rolename)     {         if(rolename == visitors_label)         {             return true;         }         return base.isuserinrole(username, rolename);     }     public override string[] getusersinrole(string rolename)     {         if(rolename == visitors_label)         {             var list = applicationcontext.current.services.memberservice                 .getallmembers().select(m => m.email).tolist();                 list.add("tester@test.com");             return list.toarray();         }         return base.getusersinrole(rolename);     } }

edit3:

i reproduced scenario, related web.config configuration

when kept web config membership below did not hit provider unless called

<membership defaultprovider="mymembershipprovider" userisonlinetimewindow="15">   <providers>     <clear />     <add name="umbracomembershipprovider" type="umbraco.web.security.providers.membersmembershipprovider, umbraco" minrequirednonalphanumericcharacters="0" minrequiredpasswordlength="4" uselegacyencoding="true" enablepasswordretrieval="false" enablepasswordreset="true" requiresquestionandanswer="false" defaultmembertypealias="member" passwordformat="hashed" />     <add name="mymembershipprovider" type="umbraco724.providers.mymembersmembershipprovider, umbraco724" />     <add name="usersmembershipprovider" type="umbraco.web.security.providers.usersmembershipprovider, umbraco" minrequirednonalphanumericcharacters="0" minrequiredpasswordlength="4" uselegacyencoding="true" enablepasswordretrieval="false" enablepasswordreset="true" requiresquestionandanswer="false" passwordformat="hashed" />   </providers> </membership>

but when changed given below worked. please check difference in config carefully.

<membership defaultprovider="umbracomembershipprovider" userisonlinetimewindow="15">   <providers>     <clear />     <add name="umbracomembershipprovider" type="umbraco724.providers.mymembersmembershipprovider, umbraco724"  minrequirednonalphanumericcharacters="0" minrequiredpasswordlength="4" uselegacyencoding="true" enablepasswordretrieval="false" enablepasswordreset="true" requiresquestionandanswer="false" defaultmembertypealias="visitor" passwordformat="hashed" />     <add name="usersmembershipprovider" type="umbraco.web.security.providers.usersmembershipprovider, umbraco" minrequirednonalphanumericcharacters="0" minrequiredpasswordlength="4" uselegacyencoding="true" enablepasswordretrieval="false" enablepasswordreset="true" requiresquestionandanswer="false" passwordformat="hashed" />   </providers> </membership>

i think umbraco takes 1 provider members users. when name should umbracomembershipprovider only. when kept different there error.


Comments

Post a Comment

Popular posts from this blog

android - MPAndroidChart - How to add Annotations or images to the chart -

i working latest mpandroidchart library , looking way add annotations or images clickable. example: once data reaches value event occurs want able display user - there multiple events can occur annotations (not sure if right word) or image added @ point in chart. any pointers welcome. check documentation of yaxis . focus on setspacetop(...) , setaxismaxvalue(...) methods. for background: bar-shadow , disable calling: barchart.setdrawbarshadow(false) or change color: bardataset.setbarshadowcolor(int color)
Read more

javascript - Add class to another page attribute using URL id - Jquery -

i have attached id url. ex: when click link 1 , has #tab-2 id , takes me landing page. in landing page have find element has #tab-2 id have add class .active . i tried no luck. please 1 correct code. thanks js fiddle link html <div class="menu"> <ul> <li><a href="http://jsfiddle.net/gscyoa0j/1/#tab-2">link 1</a></li> <li><a href="http://jsfiddle.net/gscyoa0j/1/#tab-44">link 2</a></li> <li><a href="http://jsfiddle.net/gscyoa0j/1/#tab-74">link 3</a></li> </ul> </div> landing page <div class="tab"> <ul> <li><a id="tab-2" class="active" >link 1 content</a></li> <li><a id="tab-44" >link 2 content</a></li> <li><a id="tab-74" >link 3 content</a></l
Read more

firefox - Where is 'webgl.osmesalib' parameter? -

i'm trying webgl running on firefox (v37.0.2) via software acceleration mesa. tried following steps have been stated in article: http://www.binarytides.com/enable-webgl-firefox-ubuntu/ however, unable find parameter named ' webgl.osmesalib ' in about:config section? has been removed (or renamed)? if yes, how should instruct firefox use mesa's software acceleration webgl? looks support osmesa removed in favour llvmpipe.
Read more