I am always challeging Sitecore and Sitecore unfornunately often breaks to all the weird stuff Im doing to it every day.
Ill create blogs about all the weird stuff I meet and struggles to solve every day.
And this is the first in many.
Im at the moment developing a solution in Sitecore 6.1.0 which is currently the latest Sitecore release (not recommended version).
One of the new things in Sitecore 6 is that all security (rights, roles and other membership related stuff) are implemented using standard asp.net security rather than using Sitecores own security.
This should in itself be an approvement but sitecore has for one thing decided to implement the Sitecore domain functionality as part of the username which I personally think is pretty stupid.
Im using a third party member system that supplies users to the website (username, email, name etc).
In order to be able to log out this user, after login, using FormsAuthentication.SignOut() the user NEEDS to be added to the asp.net
Membership and therefore is visible in Sitecore security editor. With more than 5000 users this makes the security editor a bit crowded.
In order to put the users in a customer specific domain I need to prefix the user with the domain name followed by a backslash (\)
This makes it hard to map the sitecore user with the third pary member system or at least makes it more complicated because I now need to remove
the domain name from the sitecore user or append the domain name to the third party username.
I can live with this but the latest issue I have found is not easy to solve.
When redirecting from a page in my website (to login page due to user not logged in) sitecore throws an error looking like this
System.InvalidOperationException: user at Sitecore.Caching.UserProfile.UserProfileCache.GetRecord(String userName, String propertyName)
at Sitecore.Security.UserProfile.GetPropertyValueCore(String propertyName)
at Sitecore.Security.UserProfile.get_SerializedData()
at Sitecore.Security.UserProfile.get_CustomProperties()
at Sitecore.Security.UserProfile.SerializeCustomProperties()
at Sitecore.Security.UserProfile.Save()
at System.Web.Profile.ProfileModule.OnLeave(Object source, EventArgs eventArgs)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) This exception is thrown in another thread than the request is executing in because no Session is available when I pick up the exception in Global.asax.
No user is logged in when the exception is thrown and it makes sense that the GetRecord() failes due to username is empty.
I have added a profile provider and a profile property that makes it possible to get a DB instance of the user logged in. This might be the trigger of the exception but I havnt been able to solve the bug.
This is the profile section of the web.config
<profile defaultProvider="sql" enabled="true" inherits="Sitecore.Security.UserProfile, Sitecore.Kernel">
<providers>
<clear/>
<add name="sql" type="System.Web.Profile.SqlProfileProvider" connectionStringName="core" applicationName="sitecore"/>
<add name="switcher" type="Sitecore.Security.SwitchingProfileProvider, Sitecore.Kernel" applicationName="sitecore" mappings="switchingProviders/profile"/>
<add name="CommunityProfileProvider" applicationName="Community" type="Netmester.Profile.GenericProfileProvider" connectionStringName="Community"/>
</providers>
<properties>
<clear/>
<add type="System.String" name="SC_UserData"/>
<add name="CommunityProfile" provider="CommunityProfileProvider" type="Netmester.Framework.Community.DomainObjects.User"/>
</properties>
</profile> 
Just found out that Response.Write(Profile.IsAnonymous); can force this exception to be thrown. No need for custom property so all indicates that Sitecore has introduced a major bug.
SvarSletSitecore has registered this issue as bug and the bugfix will be part of the next release.
SvarSlet