This project is read-only.

ScrewTurn ASP.NET Proxy Membership Provider

Project Description
Plugin for the ScrewTurn Wiki System to use Standard ASP.NET Membership and Role providers.

It works, except that some of the assumptions that ScrewTurn makes about the userprovider end up making things VERY slow: the Admin homepage and Accounts page both make a call to GetAllUsers. In our case, we've got 40k users and everything freaks out.

My new UserStoreProvider is an almost-perfect proxy for the System.Web.Security.Membership Sql provider, Roles Sql provider, and Profile Sql provider.

I've been reading about the ActiveDirectory plugin (where is it?) that sounds like it does what I've done in previous projects, using GetUser to store a copy of the user in the factory-default location while checking passwords against the AD and using the SQL tables for all else. This works well enough to get things working, but as long as the system I'm plugging into is well-written, using the provider instead of going direct to the DB tables, then I prefer a more "full featured" provider.

The SystemWebMembershipProxyProvider (whew, a mouthful) completely implements (natively) all necessary logic to pull users, groups, and profile data from any ASP.NET compliant combination of Membership, Role, and Profile providers ....Even if you aren't using SQL storage for your Wiki data. (in our case, we'd previously written a provider that authenticates against our CRM package that we wanted to reuse)


No configuration necessary. Just install it. Multiple User providers seems to work too.
Of course, configure your providers as you would any other .NET site. Remember your connection string!
Make sure that your Profile provider is configured with at least these fields:
          <add name="displayName" type="System.String" />
          <add name="culture" type="System.String" />
          <add name="PageChanges" type="System.String" />
          <add name="DiscussionMessages" type="System.String" />
          <add name="NamespacePageChanges" type="System.String" />
          <add name="NamespaceDiscussionMessages" type="System.String" />
          <add name="Timezone" type="System.String" />

To use pass-through authentication/single sign-on:
If you want to use a parent site for authentication and login (running ScrewTurn.Wiki as a child Application), and the login form from the parent site, edit the web.config file like this.
    <authentication mode="Forms">
      <forms loginUrl="/Login.aspx" path="/" enableCrossAppRedirects="true" />


  • Log in as a user with admin rights (or as the special "admin" user)
  • Go to the "Providers" page of the admin section
  • Use the "Upload a new DLL" feature to upload Db4objects.SystemMembership.dll
  • WAIT for the page to say "DONE"
  • Click on the "Users Providers" radio button.
    • If you don't see the "System.Web.Membership Proxying User Provider", refresh the page.
  • Click "Select" next to the provider. This opens an unlabeled box.
  • If it's not greyed out, click the "Enable" button.


I'm not sure how the auto-upgrade works. So for now:
  • Go to the providers section
  • Click the "Users Provider" radio button
  • Click "select" next to the "System.Web.Membership Proxying User Provider"
  • Click "Disable"
  • WAIT, I'm not sure what's supposed to happen, but you'll probably be logged out. It's best to try reloading the page here, since the Ajax bit totally throws up if you try to do anything else.
  • Log in as the "admin" superuser.
  • Retrace your steps
  • Now that the "System.Web.Membership Proxying User Provider" is greyed out, we can delete it. Use the dropdown to select the DLL and click delete.
  • Refresh the page. If it is still listed in the "Users Providers" list, then go in there and "Unload" it.
  • Install the new version like above.

Version Changes

  • Version 1.0.3 - Initial release

What Dosn't Work

The GetUsers() and GetUsersForGroup(string) methods are evil and used way too often in the ScrewTurn platform. Since I have thousands of users, this method returns null. Meaning that these known features won't work:
  • Admin Homepage: The system user count always says 0.
  • Mass E-Mail
  • Admin - Accounts tab: use the ASP.NET user manager or your own external tools instead.
  • Admin - UserGroups tab: Shows 0 members for all groups.
  • Admin - Namespaces - Editing Permissions: You can add permissions for groups, but not users. (Again, to search for users, ScrewTurn has to retrieve ALL of them from the data store.)
  • Admin - Pages - Permissions: Same thing
  • Admin - Providers: By now it should be clear that migrating AWAY from this provider won't work, since it dosn't return a complete list of users.
  • Email notification on page changes. The System.Web.Profile provider is notoriously bad at this kind of query. It's possible, but horribly
  • Logout: Sometimes leaves you logged in.

Last edited Jun 6, 2010 at 6:06 PM by efalsken, version 2