Sitecore 根据外部成员资格数据库对用户进行身份验证 [英] Sitecore authenticate users against external membership database
问题描述
我有一个 Sitecore 网站,我想将网站访问者帐户存储在外部 asp.net 会员数据库中,但让 Sitecore 内容编辑器/管理员通过 Sitecore 界面进行管理(因此存储在Core"数据库中).
我已阅读以下论坛帖子http://sdn.sitecore.net/SDN5/Forum/ShowPost.aspx?postid=35305
其中提到了以下文件http://sdn.sitecore.net/upload/sitecore6/62/membership_providers_sc62-a4.pdfhttp://sdn.sitecore.net/upload/sitecore6/62/security_api_cookbook_sc60-62-a4.pdfhttp://sdn.sitecore.net/upload/sdn5/modules/ad/low-level_sitecore_cms_security_and_custom_providers-a4.pdf
但这些似乎都没有提供我需要做什么的完整画面.
我目前已将
到目前为止,我只成功破解了 Sitecore 桌面中的用户管理器(它抛出异常 Item has been added. 字典中的键:'extranetAnonymous' 正在添加的键:'extranetAnonymous' 如果 Sitecore 创建了 extranetAnonymous 帐户,或者 未将对象引用设置为对象的实例. 如果我删除了该用户帐户.
作为背景信息,我使用的是 Sitecore 6.5,我的网络配置的相关部分如下
<提供者><清除/><添加名称=站点核心"type="Sitecore.Security.SitecoreMembershipProvider, Sitecore.Kernel"realProviderName="myProvider"providerWildcard="%"raiseEvents="true"/><添加名称=sql"type="System.Web.Security.SqlMembershipProvider"connectionStringName="核心"应用程序名称=站点核心"minRequiredPasswordLength="1"minRequiredNonalphanumericCharacters="0"requiresQuestionAndAnswer="false"requiresUniqueEmail="false"maxInvalidPasswordAttempts="256"/><添加名称=切换器"type="Sitecore.Security.SwitchingMembershipProvider, Sitecore.Kernel"应用程序名称=站点核心"mappings="switchingProviders/membership"/><添加名称=myProvider"type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"应用程序名称=站点核心"connectionStringName="myDatabase"minRequiredPasswordLength="1"minRequiredNonalphanumericCharacters="0"requiresQuestionAndAnswer="false"requiresUniqueEmail="false"maxInvalidPasswordAttempts="10"/></提供者></会员资格><roleManager defaultProvider="switcher" enabled="true"><提供者><清除/><添加名称=站点核心"type="Sitecore.Security.SitecoreRoleProvider, Sitecore.Kernel"realProviderName="myProvider"raiseEvents="true"/><添加名称=sql"type="System.Web.Security.SqlRoleProvider"connectionStringName="核心"applicationName="sitecore"/><添加名称=切换器"type="Sitecore.Security.SwitchingRoleProvider, Sitecore.Kernel"应用程序名称=站点核心"mappings="switchingProviders/roleManager"/><添加名称=myProvider"type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"应用程序名称=站点核心"connectionStringName="myDatabase"/></提供者></roleManager> 在自定义成员资格/角色提供者的情况下您应该遵循的想法类似于 AD 模块在它的列表中设置说明.整个过程可以分为几个步骤:
- 将连接字符串添加到 connectionstrings.config
- 将成员资格/角色提供程序定义添加到 web.config 的 system.web 部分
- 激活切换器
- 为自定义提供商的用户/角色创建新域
- 添加域/提供商映射
添加连接字符串
这非常简单,而且您似乎已经这样做了.关键是要有一个到数据库的连接字符串,然后您可以从自定义提供程序中引用.
添加成员资格/角色提供者定义
另一个简单的步骤 - 只需在 web.config 的 system.web/membership/providers 部分下添加成员资格提供程序定义(在您的情况下为 myProvider),并添加一个system.web/roleManager/providers 部分下的角色提供者定义.顺序并不重要.此时,您无需修改上述部分中的任何其他提供程序定义.
激活切换器
这就是它变得复杂的地方.首先,不要更改 @defaultProvider 属性值.默认情况下它是 'sitecore' 并且它应该保持原样.相反,找到名为 "sitecore" 的提供者,并将其 @realProviderName 属性值从 'sql' 更改为 'switcher'.
名为switcher"的提供者负责切换提供者和组合 GetAll/Find 方法的结果背后的所有魔法.
创建一个新域
您应该为您将通过自定义提供程序从自定义数据库中获取的用户/角色创建一个新域.像这样:
@ensureAnonymousUser 属性设置为 false 意味着 Sitecore 不会向您的域添加匿名用户,因此不会有 myDomainAnonymous.这通常是自定义域所需的行为.
添加域/提供商映射
这是让 Sitecore 知道每个提供商提供哪个域的最后一步.一个提供程序可以处理多个域(默认的 Sitecore SQL 提供程序存储来自sitecore"和extranet"域的用户),但反之则不行.
因此,打开主 web.config 文件并浏览到 configuration/sitecore/switchingProviders 部分.为会员小节添加类似这样的内容:
以及 roleManager 小节的类似内容:
此后,您数据库中的用户将在 UserManager 中显示为 'myDomainuser',角色也是如此.@storeFullNames='false' 意味着您的数据库存储没有域前缀的用户/角色,只有本地名称.如果您的自定义源是 SQL(显然是),通配符应该是默认值.
就是这样,现在它应该可以工作了!:-) 这篇文章中描述了上述步骤的详细信息.>
I have a Sitecore site where I want to have website visitor accounts stored in an external asp.net membership database but keep Sitecore content editors/admins managed via the Sitecore interface (and hence stored in the 'Core' database).
I've read through the following forum post http://sdn.sitecore.net/SDN5/Forum/ShowPost.aspx?postid=35305
in which the following documents are mentioned http://sdn.sitecore.net/upload/sitecore6/62/membership_providers_sc62-a4.pdf http://sdn.sitecore.net/upload/sitecore6/62/security_api_cookbook_sc60-62-a4.pdf http://sdn.sitecore.net/upload/sdn5/modules/ad/low-level_sitecore_cms_security_and_custom_providers-a4.pdf
but none of these seem to provide a complete picture of what I need to do.
I've currently got the the <membership> section set up to use the 'switcher' provider (with a corresponding provider pointing to my membership DB) and the <roleManager> section also set up to use the switcher provider again with a corresponding provider pointing to said membership DB.
So far I have only succeeded in breaking the user manager in the Sitecore desktop (it throws either the exception Item has already been added. Key in dictionary: 'extranetAnonymous' Key being added: 'extranetAnonymous' if Sitecore has created the extranetAnonymous account, or Object reference not set to an instance of an object. if I've deleted that user account.
As background information I'm using Sitecore 6.5 and the relevant section of my web config is as follows
<membership defaultProvider="switcher">
<providers>
<clear/>
<add name="sitecore"
type="Sitecore.Security.SitecoreMembershipProvider, Sitecore.Kernel"
realProviderName="myProvider"
providerWildcard="%"
raiseEvents="true"/>
<add name="sql"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="core"
applicationName="sitecore"
minRequiredPasswordLength="1"
minRequiredNonalphanumericCharacters="0"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="256"/>
<add name="switcher"
type="Sitecore.Security.SwitchingMembershipProvider, Sitecore.Kernel"
applicationName="sitecore"
mappings="switchingProviders/membership"/>
<add name="myProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
applicationName="sitecore"
connectionStringName="myDatabase"
minRequiredPasswordLength="1"
minRequiredNonalphanumericCharacters="0"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="10" />
</providers>
</membership>
<roleManager defaultProvider="switcher" enabled="true">
<providers>
<clear/>
<add name="sitecore"
type="Sitecore.Security.SitecoreRoleProvider, Sitecore.Kernel"
realProviderName="myProvider"
raiseEvents="true"/>
<add name="sql"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="core"
applicationName="sitecore"/>
<add name="switcher"
type="Sitecore.Security.SwitchingRoleProvider, Sitecore.Kernel"
applicationName="sitecore"
mappings="switchingProviders/roleManager"/>
<add name="myProvider"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
applicationName="sitecore"
connectionStringName="myDatabase" />
</providers>
</roleManager>
The idea you should follow in the case of custom membership/role providers is similar to what AD module lists in its setup instructions. The entire process can be split into several steps:
- Adding a connection string to connectionstrings.config
- Adding membership/role provider definitions to the system.web section of web.config
- Activating switchers
- Creating a new domain for the users/roles from custom provider
- Adding domain/provider mappings
Adding a connection string
This is pretty straightforward and it seems this is what you've done already. The point is to have a connection string to the database you can then reference from the custom providers.
Adding membership/role provider definitions
Another simple step - just add a membership provider definition (myProvider in your case) under system.web/membership/providers section in web.config, and add a role provider definition under system.web/roleManager/providers section. The order is not important. At this point, you do not modify any other provider definitions in the mentioned sections.
Activating switchers
This is where it becomes complicated. First off, DON'T CHANGE the @defaultProvider attribute value. It is 'sitecore' by default and it should stay as is. Instead, find the provider called "sitecore", and change its @realProviderName attribute value from 'sql' to 'switcher'.
The provider named "switcher" is responsible for all the magic behind switching the providers and combining the results of GetAll/Find methods.
Create a new domain
You should create a new domain for the users/role you'll take from your custom DB through your custom providers. Something like this:
<domain name="myDomain" ensureAnonymousUser="false"/>
The @ensureAnonymousUser attribute being set to false means that Sitecore won't add an anonymous user to your domain, so there won't be myDomainAnonymous. This is usually the desired behavior for the custom domains.
Adding domain/provider mappings
This is the last step to let Sitecore know which domain is served with each provider. One provider can handle multiple domains (default Sitecore SQL provider stores the users from 'sitecore' and 'extranet' domains), but not vice versa.
So, open the main web.config file and browse to the configuration/sitecore/switchingProviders section. Add something like this for memberhip subsection:
<provider providerName="myProvider" storeFullNames="false" wildcard="%"
domains="myDomain" />
and the similar thing for roleManager subsection:
<provider providerName="myProvider" storeFullNames="false" wildcard="%"
domains="myDomain" />
After this, the users from your DB will be visible as 'myDomainuser' in UserManager, the same is true for roles. The @storeFullNames='false' means that your DB stores the users/roles without domain prefixes, just the local names. Wildcard should be the default value in case your custom source is SQL (which obviously is).
That's it, and now it should work! :-) The details of the steps above are described in this article.
这篇关于Sitecore 根据外部成员资格数据库对用户进行身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
