In the Sitefinity CMS security space, all user and role management is handled through the ASP.NET Membership APIs. Sitefinity's backend uses its own custom membership and role providers, which utilize OpenAccess ORM to persist the users and roles into the Sitefinity CMS database.
If you are moving an existing solution, you've probably already performed this step. For the purposes of this sample, you are going to use the database from a Sitefinity CMS project made with the Project Manager and create the tables needed by the SqlMembershipProvider to store data. The most convenient step to do this is to use the aspnet_regsql.exe tool that ASP.NET provides for us. If you run it, it opens a wizard that guides us through the process:
This wizard is used by ASP.NET to either create the needed tables needed by the provider, or remove them if they are no longer necessary. You need to select the former option in the second step.
The only information that the wizard needs is a connection string to the database it is going to work with. If you provide a name of a non-existing database, the wizard will create it for you. In this case you are using the same database that you have in one of your projects in Project Manager.
Following the steps you will be prompted to confirm the settings in the previous step:
When you complete these steps, the database will be ready for use by the SqlMembershipProvider.
Now you can proceed with registering the provider with Sitefinity.
These steps are done exactly like you would do them in a regular ASP.NET application. You need to include elements in the web.config file indicating the role and membership providers you are going to use. Also, you need to provide the connection string to the database you created in the previous step. Here are the new sections are added to the web.config file:
Once you have created the membership database and registered the provider in Sitefinity CMS, you can create a new user directly in Sitefinity CMS.
NOTE: The default Sitefinity CMS passwords must be at least 7 characters long and is recommended to contain at least one number and one special character, for example, admin@3.
Default password requirements can be configured in Advanced settings » Securty » Membership Providers » Default » Parameters.
The password parameters of the AspNetSqlMembershipProvider are configured in the web.config file.
Using profile types, you can configure all other fields, add or remove fields, or make them required or not.
If the provider you have chosen has more than one profile types associated, they all appear on Crate a user page.
NOTE: Some of the fields, such as first and last name, have been hidden from the Basic profile.
You manage profile types by clicking Manage Profile types link in the Users by role section of the Users page..
For more information, see Administration: User profiles.
NOTE: After you have assigned roles to the user, you can change them. For more information, see Administration: Modify users.
This sample demonstrates the scenario by using the ASP.NET SqlMembershipProvider. However, you can implement any membership provider and still use it with Sitefinity CMS.
Sign up for our free beginner training. Boost your credentials through advanced courses and certification. Register for Sitefinity training and certification.
To submit feedback, please update your cookie settings and allow the usage of Functional cookies.
Your feedback about this content is important