Topics

All topics

Implement an ASP.NET SQL membership provider

In the Sitefinity CMS security space, all user and role management is handled through the ASP.NET Membership APIs. Sitefinity's backend uses its own custom membership and role providers, which utilize OpenAccess ORM to persist the users and roles into the Sitefinity CMS database.

Create the Membership database needed by SqlMembershipProvider

If you are moving an existing solution, you've probably already performed this step. For the purposes of this sample, you are going to use the database from a Sitefinity CMS project made with the Project Manager and create the tables needed by the SqlMembershipProvider to store data. The most convenient step to do this is to use the aspnet_regsql.exe tool that ASP.NET provides for us. If you run it, it opens a wizard that guides us through the process:

Capture1

This wizard is used by ASP.NET to either create the needed tables needed by the provider, or remove them if they are no longer necessary. You need to select the former option in the second step.

Capture2

The only information that the wizard needs is a connection string to the database it is going to work with. If you provide a name of a non-existing database, the wizard will create it for you. In this case you are using the same database that you have in one of your projects in Project Manager.

Capture3

Following the steps you will be prompted to confirm the settings in the previous step:

Capture4

When you complete these steps, the database will be ready for use by the SqlMembershipProvider.

Capture5

Now you can proceed with registering the provider with Sitefinity.

Register the provider in Sitefinity CMS

These steps are done exactly like you would do them in a regular ASP.NET application. You need to include elements in the web.config file indicating the role and membership providers you are going to use. Also, you need to provide the connection string to the database you created in the previous step. Here are the new sections are added to the web.config file:

Create a new user

Once you have created the membership database and registered the provider in Sitefinity CMS, you can create a new user directly in Sitefinity CMS.

In Sitefinity CMS, navigate to Administration » Users.
In the Users page, click Create a user in the toolbar of the page.
The Create a user page appears.
At the bottom of the page, set the membership provider to AspNetSqlMembershipProvider.
This dropdown box appears only if you have more than one created membership provider.
Fill out the fields.
The username, password, and email fields are always present and required.

NOTE: The default Sitefinity CMS passwords must be at least 7 characters long and is recommended to contain at least one number and one special character, for example, admin@3.
Default password requirements can be configured in Advanced settings » Securty » Membership Providers » Default » Parameters.
The password parameters of the AspNetSqlMembershipProvider are configured in the web.config file.

Using profile types, you can configure all other fields, add or remove fields, or make them required or not.
If the provider you have chosen has more than one profile types associated, they all appear on Crate a user page.

NOTE: Some of the fields, such as first and last name, have been hidden from the Basic profile.

You manage profile types by clicking Manage Profile types link in the Users by role section of the Users page..
For more information, see Administration: User profiles.
If the user you are creating is going to manage content or settings, select This user can access site backend checkbox.
Select the roles you want to assign to the new user in the Roles checkboxes list.
The checkbox list contains all roles that you have created together with the Administrators role, which is created by default.
For more information, see Overview: Roles.
NOTE: After you have assigned roles to the user, you can change them. For more information, see Administration: Modify users.
Click one of the following:
- Create this user
  The system creates the users and returns you to Users page.
- Create and add another
  The system creates the user and displays a new Create a user page.

This sample demonstrates the scenario by using the ASP.NET SqlMembershipProvider. However, you can implement any membership provider and still use it with Sitefinity CMS.

Increase your Sitefinity skills by signing up for our free trainings. Get Sitefinity-certified at Progress Education Community to boost your credentials.

Get started with Integration Hub | Sitefinity Cloud | Sitefinity SaaS

This free lesson teaches administrators, marketers, and other business professionals how to use the Integration hub service to create automated workflows between Sitefinity and other business systems.

Web Security for Sitefinity Administrators

This free lesson teaches administrators the basics about protecting yor Sitefinity instance and its sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.

Foundations of Sitefinity ASP.NET Core Development

The free on-demand video course teaches developers how to use Sitefinity .NET Core and leverage its decoupled architecture and new way of coding against the platform.

Was this article helpful?

Yes No

Would you like to submit additional feedback?

Your feedback about this content is important

How helpful is this article?

Very helpful Somewhat helpful Not helpful

How can we improve this article?(Optional)

Fix typos or links

Fix incorrect information

Add or update code samples

Add or update illustrations

Add information about...

Send feedback Cancel

Customize the email notification for password change