Solved

Membership provider changes after successful login (multiple membership providers)

Posted on 2010-11-08
7
820 Views
Last Modified: 2012-05-10
Hello All,

I have a site in which I'm intending to use multiple membership providers.  I'm using my own custom membership provider to provide access to several data stores depending on the section in which the user's information resides.

The actual login functions correctly using the built-in ASP.NET Login component in which I've manually specified the membership provider it should validate against.  When I run a trace on it's actions, I can see that it attempts the 'validateuser' against the correct data store and continues to redirect the user to their applicable section.

The problem is that once they are logged in and the site (or I) call 'GetUser' to get the users information or permissions, the membership provider reverts to the site's default provider.

In my custom membership provider I'm only overriding the methods for GetUser and Validate user which is working perfectly fine for a singular membership provider, but not when using a different provider.

How can I ensure that the correct membership provider is retained with the user's membership details?  Is there a method that I need to override/append in order to achieve what I'm looking for?

Thanks

Anubis.
0
Comment
Question by:Anubis2005
  • 4
  • 2
7 Comments
 
LVL 19

Assisted Solution

by:Daniel Van Der Werken
Daniel Van Der Werken earned 250 total points
Comment Utility
The only way I can think of to do this right off the bat is to have some way to lookup the membership provider to use in the database.

For example, have a table that correlates the member_id with the provider.

So let's say we have:

tb_member

Member_id Name  Provider
1                    Anubis  0
2                    Daniel 1

Then, the GetUser( string username, bool userIsOnline )
now does this:

providerName = GetProvider( username );

switch (providerName )

case  FirstMembershipProvider:
  provider = new FirstMembershipProvider();

case SecondMembershipProvider:
  provider = new SecondMembershipProvider();

MembershipUser user = provider.GetUser( username );

Or something like that.

0
 
LVL 1

Author Comment

by:Anubis2005
Comment Utility
Hi Dan7el,

Thanks for the reply.  Although this might work, in a case where usernames are the same across multiple providers, it wouldn't work properly.

I've been looking at the methods/steps behind the scenes of how the login component authenticates a user, I'm successfully overriding the 'ValidateUser' part of this, but obviously .NET creates a MembershipUser object for the logged in user at some point.

If I can find at what exact point this is done, I could override it to ensure that my membership user maintains the appropriate provider.

I've been searching for 'behind the scenes' details of the login control's actions but I'm coming up empty.

Thanks
Anubis.
0
 
LVL 41

Assisted Solution

by:guru_sami
guru_sami earned 250 total points
Comment Utility
I don't know to override defaultprovider but you can always select which provider to use like:

Membership.Providers["yourprovidername"].GetUser("someusername", false);
yourprovidername and someusername can be passed via some variable.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 1

Author Comment

by:Anubis2005
Comment Utility
Hi guru_sami,

Thanks for the reply.

This is ok for when I manually want to call it, but asp.net when redirecting to protected pages it's calling the default provider instead of the correct provider and throws the user out.

I can't seem to find a way to tell asp.net that it should maintain the specified provider.

Thanks
Anubis.
0
 
LVL 41

Expert Comment

by:guru_sami
Comment Utility
-->asp.net when redirecting to protected pages it's calling the default provider
I didn't get that part...because once you set forms authentication cookie, it shouldn't matter unless you are talking of roles and roles provider.
0
 
LVL 1

Accepted Solution

by:
Anubis2005 earned 0 total points
Comment Utility
Hi guru_sami,

It matters when in the page you try to call some information about the authenticated user through the 'Membership.????' class.  This uses the default membership provider for the site as a whole.

I've since resolved my issue by writing my own 'Membership' helper class to use instead of the built-in membership class so that I can specify the provider I should be look in.  

I would have thought that .net would have been smart enough to 'remember' that if a user logs in from a specific membership provider, it would us this provider for all membership related calls beyond that point, but alas, it is not.

Thanks for all your help and comments.
Anubis.
0
 
LVL 1

Author Closing Comment

by:Anubis2005
Comment Utility
Solved the issue myself by writing a custom class to handle what I wanted.  Not a perfect solution, but it's working.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Shoutout to Emily Plummer (http://www.experts-exchange.com/members/eplummer26.html) for giving me this article! She did most of it, I just finished it up and posted it for her :)    Introduction In a previous article (http://www.experts-exchang…
Styling your websites can become very complex. Here I'll show how SASS can help you better organize, maintain and reuse your CSS code.
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now