Configuring the Switching Providers

Owned by FuseIT OA
Last updated: Nov 16, 2020 by Paul Carter (Deactivated)

Enabling the Switching Providers

For the security providers to work together with the standard Sitecore security providers (and other custom providers) the following changes should be made in the web.config:

  • Change the realProviderName attribute value of the sitecore provider element under system.web » membership » providers from "sql" to "switcher". It should look like this:
<add name="sitecore" type="Sitecore.Security.SitecoreMembershipProvider, Sitecore.Kernel" realProviderName="switcher" providerWildcard="%" raiseEvents="true" />


  • Change the realProviderName attribute value of the sitecore provider element under system.web » membership » roleManager from "sql" to "switcher”. It should look like this:
<add name="sitecore" type="Sitecore.Security.SitecoreRoleProvider, Sitecore.Kernel" realProviderName="switcher" raiseEvents="true" />


  • Change the defaultProvider attribute value of the system.web » profile element to "switcher". It should look like this:
<profile defaultProvider="switcher" enabled="true" inherits="Sitecore.Security.UserProfile, Sitecore.Kernel">

Enabling the Providers

For contact authentication security providers should be configured by adding the following elements to the App_Config/Sitecore.config file:

  • to the sitecore » switchingProviders » membership element (the order is not important)
<provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" isMultiRole="true" />


  • to the sitecore » switchingProviders » roleManager element (the order is not important)
<provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" />


  • to the Sitecore » switchingProviders » profile element (it must come before the "sql" definition in this group)
<provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" />

Configuration Example


<switchingProviders>
  <membership>
      <provider providerName="sql" storeFullNames="true" wildcard="%" domains="*" />
    <provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" isMultiRole="true" />
  </membership>
  <roleManager>
    <provider providerName="sql" storeFullNames="true" wildcard="%" domains="*" />
    <provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" />
  </roleManager>
  <profile>
    <!-- This line must go before the SQL provider which can handle all requests -->
    <provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" />
    <provider providerName="sql" storeFullNames="true" wildcard="%" domains="*" />


Please view the Low-Level Sitecore Security and Custom Providers article for details:

https://sdn.sitecore.net/Articles/Security/Low_level_Sitecore_Security_and_Custom_Providers.aspx

Importance of Order

The phrase “the order is not important” means that the definition will work in any case. The only difference the order makes is the order of users/roles in Sitecore security tools. For instance, if you put the Salesforce membership mapping before the sql one, you’ll see the represented Salesforce users in User Manager before the default Sitecore ones.

Next Step

Configuring the Membership Provider

Steps