New Authentication Framework

[i-love-code]

Is there any documentation around the interaction between the authentication frameworks being used?

It seems to be a mix of Identity and Membership but the interaction between the two is unclear. Roles created in the Commerce Manager are not synchronized within EPiServer and therefore are unable to be used with personalization of content in the CMS. Logging out through the CMS doesn't clear the new Identity sessions, rendering it useless.

Is there an ETA for when Identity is fully supported between CMS/Commerce?

[mrahl]

I haven't verified if it is responsible for (all of) your issues, but the current Commerce Manager version used in Quicksilver (8.15) does not support asp.net identity in Commerce Manager. That support was released in version 8.16, so if you update the nuget packages for the projects in your quicksilver site you should get better support for this.

We will of course continue to update Quicksilver including the package requirements, but probably not "just" to up package requirements. So often a package update will be required to have "latest and greatest" even in a newly cloned Quicksilver repo.

[i-love-code]

Thanks for the suggestions. Unfortunately, I've spent a few days attempting to get this to work, including updating to the 8.16 package and using the "Commerce.Owin" nuget package available without any luck. The commerce manager is completely tied to Forms Authentication, I'm not sure it can be easily separated.

[lunchin]

As of 8.16.0 Commerce Manager is not tied to forms. All of the commerce manager permissions are based on Permission to Functions explained here.

There is a bug that the web.config in the commerce manager needs to be updated with the following code. I will add the bug so it is updated in next version.

<episerver.framework>
    <securityEntity>
      <providers>
        <add name="SynchronizingProvider" type ="EPiServer.Security.SynchronizingRolesSecurityEntityProvider, EPiServer"/>
      </providers>
    </securityEntity>
    <virtualRoles addClaims="true">
       //existing virtual roles
    </virtualRoles>

Finally, as of 8.16.0, roles are no longer managed in commerce manager. They are managed in admin mode for roles and permission to functions. Since there is no support for managing asp.net identity roles in admin mode as of yet, you will need to create some views to manage roles by editors or administrators. You can find some sample code here

[garethkelly-dev]

Did anyone manage to get this working? Struggling getting Commerce Manager to authenticate using OWIN as described here even after installing SynchronizingProvider

[magnusstrale]

Did you upgrade to 8.16.0 or later? Quicksilver will shortly be updated with some fixes and upgraded to Commerce 8.17.0 (to be released on Monday) - so if the actual upgrade has been a problem then hold off until Monday / Tuesday and pull down the latest Quicksilver then.

[i-love-code]

If this did not resolve your issues, I was able to get commerce 8.16 working with OWIN and ASP Identity 2.2 including synchronization of sessions and roles between the applications. I can provide source code if the release mentioned Monday doesn't work for you.

On Sep 18, 2015, at 8:16 AM, Magnus Stråle notifications@github.com wrote:

Did you upgrade to 8.16.0 or later? Quicksilver will shortly be updated with some fixes and upgraded to Commerce 8.17.0 (to be released on Monday) - so if the actual upgrade has been a problem then hold off until Monday / Tuesday and pull down the latest Quicksilver then.

— Reply to this email directly or view it on GitHub.