Before 7.3 came out we had a lot of site running where the backend users was checked in an external database before logging in. We used a custom MembershipProvider. If the user exists in our external db it was created in the Umbraco db.
After the redo of the login in 7.3 we can't use MembershipProvider anymore, it seems. We have tried this: https://our.umbraco.org/Documentation/Reference/Security/
but because our users not necessarily exists in the Umbraco db to begin with, this doesn't work for us.
Does anyone have any ideas?
What we need to do:
1. Validate login (username+password) in an external database.
2. Create or disable users that are missing or in excess.
Yes, I have overridden IBackOfficeUserPasswordChecker and Im using my own membership provider, but because the user doesn't exist in Umbraco, it never gets executed.
If I create an user manually, it works perfectly, so apparently the user needs to be in Umbracos database.
In our membership provider we have some code to create missing user accounts based on our external database. But after Umbraco 7.3 this seems impossible?
Custom login authentication after 7.3
Hi
Before 7.3 came out we had a lot of site running where the backend users was checked in an external database before logging in. We used a custom MembershipProvider. If the user exists in our external db it was created in the Umbraco db.
After the redo of the login in 7.3 we can't use MembershipProvider anymore, it seems. We have tried this: https://our.umbraco.org/Documentation/Reference/Security/ but because our users not necessarily exists in the Umbraco db to begin with, this doesn't work for us.
Does anyone have any ideas?
What we need to do: 1. Validate login (username+password) in an external database. 2. Create or disable users that are missing or in excess.
Thanks! /Tom
Hi Tom,
Did you try to override the IBackOfficeUserPasswordChecker ? And did you use your own membership provider in point 3 of the link ?
Dave
Hi Dave
Yes, I have overridden IBackOfficeUserPasswordChecker and Im using my own membership provider, but because the user doesn't exist in Umbraco, it never gets executed.
If I create an user manually, it works perfectly, so apparently the user needs to be in Umbracos database.
In our membership provider we have some code to create missing user accounts based on our external database. But after Umbraco 7.3 this seems impossible?
Thanks! /Tom
Hmm,
I think this would mean you need to implement your own Identity Usermanager / Userstore to get this working.
May it's possible with just overriding some methods on the built in one.
https://github.com/umbraco/Umbraco-CMS/blob/c1a8ea9df3f8cac037e3c1b64831612bf433cf65/src/Umbraco.Core/Security/BackOfficeUserManager.cs
Dave
Yeah, we figured as much. We hoped to make an easy fix. But seems that we need to get our hands dirty :)
Thanks, Dave!
Hi Tom,
You can always try to ping Shannon Deminick. He's the expert on the Identity implementation
Dav
is working on a reply...