Security Providers

Security Providers

Security Providers

  • Entities that serve account information for a Sitecore installation or specific Web site
  • Sitecore supports membership, role, and profile providers for .NET

Membership Providers

  • Abstract user authentication
  • Implement methods for creating, updating, and deleting users
  • Implement method for managing user credentials and validation
  • Only one membership provider can be configured for a security domain

Role Providers

  • Abstract group or role membership
  • Implement methods for creating, updating, and deleting roles

Profile Providers

  • Abstract user profiles
  • Implement methods for managing user profiles

Setting Up a Custom Provider

  1. Add the MembershipProvider class and required methods
  2. Add the custom provider to the membership/providers element in Web.config
  3. Change the realProviderName of the sitecore membership provider in Web.config

Switching Providers

  • Used to configure a separate membership provider for each security domain
  • All user accounts in all domains are visible in the User Manager tool once it is set up
  • When you create, edit, or delete users in the User Manager, they are updated in the location (XML file, core database, Active Directory, etc) that you configured for your custom membership provider

Switching Provider Example

  • User accounts for registered site visitors (extranet domain) can be stored in the core database 
  • User accounts for non-employee business users (sitecore domain) can be stored in a users.xml file in the /App_Data folder
  • User accounts for employees (corporate domain) can be stored in an Organizational Unit of Active Directory

Setting Up a Switching Provider

  1. All duplicate user accounts must be removed before setting it up
  2. Implement a custom role provider for your custom membership provider
  3. Add the custom role provider to the roles/providers elements
  4. Change the realProviderName of the Sitecore role and membership providers to switcher
  5. Add the switching membership and role providers

Sitecore Security Providers Guidelines

  • You can implement a read-only membership provider to use Sitecore to authenticate users in an existing system