AbleCommerce Shopping Cart Software

I am in the process of integrating AbleCommerce with a CMS, another .NET solution.

The problem I am having is that when I add the AbleCommerceHttpModule to the httpModules section in the CMS web.config, the login for the CMS does not work. It uses .NET 2.0 Membership and has its own httpModules that are added to the web.config as well. (More details on this are posted at viewtopic.php?f=42&t=9545)

I would like to understand what the AbleCommerceHttpModule is doing, particularly with Membership, so I can forward that information on to the CMS vendor and hopefully find a work around for this login issue.

The CMS has aspnet_Membership, aspnet_Applications, aspnet_Roles, aspnet_Profiles, etc. SQL tables that it uses to manage its users (unlike AbleCommerce).

Here is a listing of the CMS’s membership-related web.config settings:
<membership defaultProvider="sitecore">
<providers>
<clear/>
<add name="sitecore" type="Sitecore.Security.SitecoreMembershipProvider, Sitecore.Kernel" realProviderName="sql" providerWildcard="%" raiseEvents="true"/>
<add name="sql" type="System.Web.Security.SqlMembershipProvider" connectionStringName="core" applicationName="sitecore" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="256"/>
<add name="switcher" type="Sitecore.Security.SwitchingMembershipProvider, Sitecore.Kernel" applicationName="sitecore" mappings="switchingProviders/membership"/>
</providers>
</membership>
<roleManager defaultProvider="sitecore" enabled="true">
<providers>
<clear/>
<add name="sitecore" type="Sitecore.Security.SitecoreRoleProvider, Sitecore.Kernel" realProviderName="sql" raiseEvents="true"/>
<add name="sql" type="System.Web.Security.SqlRoleProvider" connectionStringName="core" applicationName="sitecore"/>
<add name="switcher" type="Sitecore.Security.SwitchingRoleProvider, Sitecore.Kernel" applicationName="sitecore" mappings="switchingProviders/roleManager"/>
</providers>
</roleManager>
<profile defaultProvider="sql" enabled="true" inherits="Sitecore.Security.UserProfile, Sitecore.Kernel">
<providers>
<clear/>
<add name="sql" type="System.Web.Profile.SqlProfileProvider" connectionStringName="core" applicationName="sitecore"/>
<add name="switcher" type="Sitecore.Security.SwitchingProfileProvider, Sitecore.Kernel" applicationName="sitecore" mappings="switchingProviders/profile"/>
</providers>
<properties>
<clear/>
<add type="System.String" name="SC_UserData"/>
</properties>
</profile>

Please share any insights into how AbleCommerceHttpModule may be effecting the other system’s login.

Thanks!

This module is responsible for:

• Loading (and caching) the web.config settings (and ablecommerce.config settings)
• creating and disposing of the maintenance timer
• Configuring begin and end request event handlers
• rewriting urls
• switching request context between ssl and unencrypted
• Initializing the token with the user context
• updating last activity date for current user
• recording page views for page tracking module

Is there any way to figure out exactly what the URL rewriting does and when? This looks like a likely suspect...

Just trying to see what my options are for figuring this problem out.

Thanks.

After discussing with the problem with the technical staff at Sitecore, here are some questions they have:

It looks like there is a conflict between Sitecore and Able Commerce's security authentication. It is possible that Able Commerce and Sitecore are updating the same .NET objects and that is causing the security conflict. Can you find out from Able Commerce if they work with .NET Membership providers and whether or not that could be a preferred option?

The other possibility is that the issue is caused by the URL Rewriting. Can you find out from Able if they can turn off their URL rewriting feature for certain site directories?


Thank you for any details on how these two components (security authentication and URL rewriting) function.

krissato wrote:It looks like there is a conflict between Sitecore and Able Commerce's security authentication. It is possible that Able Commerce and Sitecore are updating the same .NET objects and that is causing the security conflict. Can you find out from Able Commerce if they work with .NET Membership providers and whether or not that could be a preferred option?

This is definitely the conflict. AbleCommerce and SiteCore both use ASP.NET membership providers. This probably has nothing to do with AbleCommerceHttpModule, and everything to do with CommerceBuilder.Users.AbleCommerceMembershipProvider and CommerceBuilder.Users.AbleCommerceRoleProvider.

We have created a custom provider implementation so that we can manage users via our own tables rather than the default aspnet_ schema. I am not sure how to merge the two together - there are probably some options ranging from merging the authentication of both products into a single provider, to having both providers listed in the web.config and altering an application (AbleCommerce?) to reference the correct one.

Would it be possible to have a discussion with Sitecore on the various options? I can set up a conference call at your convenience, or please let me know what other ways we can explore possible solutions.

Thank you!

sohaib wrote:This module is responsible for:

• Configuring begin and end request event handlers
• rewriting urls
• switching request context between ssl and unencrypted
• Initializing the token with the user context
• updating last activity date for current user

Looks like the problem is related to AbleCommerceHttpModule. As soon as we add the module to Sitecore web.config file, the login page stops working.
Could you clarify what kind of handlers you use for begin and end request event handlers?
How do you perform urls rewriting? What kind of urls does the module rewrite?
Also it looks like your http module depends on <anonymousIdentification /> section in web.config file. If I remove it or set it to false, it throws an error.

Thanks!

We have created a custom provider implementation so that we can manage users via our own tables rather than the default aspnet_ schema. I am not sure how to merge the two together - there are probably some options ranging from merging the authentication of both products into a single provider, to having both providers listed in the web.config and altering an application (AbleCommerce?) to reference the correct one.

After receiving this reply from Logan_AbleCommerce, I and others from my company have repeatedly tried to get more information from AbleCommerce as to how to move forward with this the options mentioned above. I am extremely frustrated and disappointed that we have not received any response, especially after having such a good experience with AbleCommerce in the past.

Is anyone going to respond?

If I were you, I would purchase the source code. That would answer all your questions and you could customize the code to meet your needs.

krissato wrote:Is anyone going to respond?

Merging two applications to run under a single application is an advanced kind of project. The questions you will start to pose go a little beyond what can be given here via free support in the forum. An integration between SiteCore and AbleCommerce is not something we support and currently there are not resources to spend investigating it.

As I stated before, I think one of your biggest issues will be the ASPNET membership framework. AbleCommerce relies on this heavily, and apparently so does SiteCore. Source for all of our membership implementations is included with the source code package.

I had asked through Customer Support if the source code for the AbleCommerceHttpModule is included with the source code purchase, and the answer was that it is not. This seems to be the module that is causing the problem, since as soon as we include it, the Sitecore login no longer works. So I was under the impression that the source code would not help us with our login issue.

Now after your reponse, I just want to clarify - all the membership framework code, including membership framework code that the AbleCommerceHttpModule calls, would be included in the source code? Is that correct?

I understand that integration support with a third party is beyond free support, so if there are other avenues we need to pursue, we just want to know what they are so we can move forward. If purchasing the source code will enable us to resolve our issue, that would be great. Please advise.

Thank you,
Kristine

krissato wrote:This seems to be the module that is causing the problem, since as soon as we include it, the Sitecore login no longer works.

I have wondered about this part. Just adding the httpmodule to an existing web.config would not be sufficient. The module relies on other settings from web.config and App_Data/database.config. In order to run AbleCommerce you would need to merge all settings from our config with the settings from the other application. We have never tested what happens when you add the module without the other expected configuration items.

It is true, source for AbleCommerceHttpModule itself is not included. I have looked through the source of AbleCommerceHttpModule. I do not anticipate any of the code there is directly responsible for the trouble. However source for some other important classes like Token and AbleCommerceMembershipProvider is included in our source package. These may be important and you would vastly increase your ability to debug the process.

Whether this will solve your problem I cannot say for certain. I do know if SiteCore relies on ASPNET membership, that is a conflict point with our software that has to be resolved somehow.

FYI - This is the procedure I followed to integrate AbleCommerce's module and settings:
viewtopic.php?f=42&t=9545

One other area of concern is the URL rewriting - is that code included with the source code as well?

Thanks,
Kristine

krissato wrote:One other area of concern is the URL rewriting - is that code included with the source code as well?

Yes

The AbleCommerce Marketplace sells a kit that integrates AbleCommerce and SiteCore:

http://www.ablesf.com/AbleSF-4-AbleComm ... n-P77.aspx

The projects are separate, but you can have products show up in SiteCore. Users are directed to AbleCommerce for products details and checkout.