Configuring the Switching Providers (Pre-Sitecore 9)
Enabling the Switching Providers
For the security providers to work together with the standard Sitecore security providers (and other custom providers) the following changes should be made in the web.config:
- Change the realProviderName attribute value of the sitecore provider element under system.web » membership » providers from "sql" to "switcher". It should look like this:
<add name="sitecore" type="Sitecore.Security.SitecoreMembershipProvider, Sitecore.Kernel" realProviderName="switcher" providerWildcard="%" raiseEvents="true" />
- Change the realProviderName attribute value of the sitecore provider element under system.web » membership » roleManager from "sql" to "switcher”. It should look like this:
<add name="sitecore" type="Sitecore.Security.SitecoreRoleProvider, Sitecore.Kernel" realProviderName="switcher" raiseEvents="true" />
- Change the defaultProvider attribute value of the system.web » profile element to "switcher". It should look like this:
<profile defaultProvider="switcher" enabled="true" inherits="Sitecore.Security.UserProfile, Sitecore.Kernel">
Enabling the Providers
For contact authentication, with the multi-role package, the security providers should be configured by adding the following elements (Multi-Role Only):
- to the sitecore » switchingProviders » membership element (the order is not important)
<provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" isMultiRole="true" />
- to the sitecore » switchingProviders » roleManager element (the order is not important)
<provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" />
- to the Sitecore » switchingProviders » profile element (it must come before the "sql" definition in this group)
<provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" />
Configuration Example
<switchingProviders> <membership> <provider providerName="sql" storeFullNames="true" wildcard="%" domains="*" /> <provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" isMultiRole="true" /> </membership> <roleManager> <provider providerName="sql" storeFullNames="true" wildcard="%" domains="*" /> <provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" /> </roleManager> <profile> <!-- This line must go before the SQL provider which can handle all requests --> <provider providerName="salesforceContact" storeFullNames="false" wildcard="%" domains="salesforce" /> <provider providerName="sql" storeFullNames="true" wildcard="%" domains="*" />
Please view the Low-Level Sitecore Security and Custom Providers article for details:
https://sdn.sitecore.net/Articles/Security/Low_level_Sitecore_Security_and_Custom_Providers.aspx
Importance or Order
The phrase “the order is not important” means that the definition will work in any case. The only difference the order makes is the order of users/roles in Sitecore security tools. For instance, if you put the Salesforce membership mapping before the sql one, you’ll see the represented Salesforce users in User Manager before the default Sitecore ones.
Next Step
Configuring the Membership Provider (Pre-Sitecore 9)
Steps
- Adding a New Salesforce Domain (Pre-Sitecore 9)
- Backwards Compatibility (Pre-Sitecore 9)
- Configuring ASP.NET Security Providers (Pre-Sitecore 9)
- Configuring the Switching Providers (Pre-Sitecore 9)
- Configuring the Membership Provider (Pre-Sitecore 9)
- Configuring the Role Provider (Pre-Sitecore 9)
- Configuring the Profile Provider (Pre-Sitecore 9)
- Extending the Sitecore Profile Item Template (Pre-Sitecore 9)
- Configuring UniqueKeyCaseSensitiveProperty (Optional) (Pre-Sitecore 9)
- Configuring UniqueKeyProperty (Optional) (Sitecore 9 and over)