In this short post, we are going to discuss about an issue that happened to us in a project which was using ASP.NET Identity as the default security provider in the Episerver CMS. We were creating roles for reviewers in the admin section of the CMS without any issues.
Unfortunately, when we tried to give access rights to this new role, we could not see it in the list of current roles.
We tried several approaches and even try to create a new custom provider so we can query the roles correctly. After sometime we realized that inside the Episerver framework section, security entity sub section in the web.config file, we had a property that for our scenario should not have been there.
<episerver.framework createDatabaseSchema="true"> <securityEntity> <providers> <add name="SynchronizingProvider" type="EPiServer.Security.SynchronizingRolesSecurityEntityProvider, EPiServer" /> </providers> </securityEntity> ... </episerver.framework>
We identify that removing the provider Synchronizing Provider or removing the whole security section was enough to solve our ASP.NET identity roles issue. We realized that this provider is used in federated contexts as explained here, but for our scenario this was not needed.
<episerver.framework createDatabaseSchema="true"> <securityEntity> <providers> </providers> </securityEntity> ... </episerver.framework>
We then tested again the solution and try to add the access rights to the role and magic!! it worked.
And that is it. Now, your solution should be able to add access rights to your newly created roles. If you have any question let me know. I hope it will help someone and as always keep learning !!!