Creating a Custom Membership Provider with MVC 4

Creating a Custom Membership Provider with MVC 4

Old forum URL:

drobisonoh posted on Tuesday, August 13, 2013

I am creating a web site in VS2012 using ASP.NET MVC 4.  I am trying to implement the CustomMembershipProvider as Rocky describes on page 74 of the "UsingCSLA4-06-AspMvc" chapter Using CSLA 4 book series.

What I did:

1.  Created the CustomMembershipProvider class .  This implements the 'MembershipProvider' interface.

2.  Added the following to the system.web element of the web.config file to change the default provider for membership services to my CustomMembershipProvider.

<membership defaultProvider="CustomMembershipProvider">


<add name="CustomMembershipProvider" type="webPACE.CustomMembershipProvider, webPACE" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" applicationName="/" requiresUniqueEmail="false" passwordFormat="Clear" description="Retrieves membership data using CSLA .NET business objects."/>



3.  Added the following code the Application_AuthenticateRequest method in Global.asax.cs to set the principal on each request to the server.

protected void Application_AuthenticateRequest(Object sender, EventArgs e)


if (Csla.ApplicationContext.User != null && Csla.ApplicationContext.User.Identity.IsAuthenticated && Csla.ApplicationContext.User.Identity is FormsIdentity)

{ PACE.Library.Security.PacePrincipal.Load(Csla.ApplicationContext.User.Identity.Name);



I believe I followed the guidance in the book exactly; however, I get the following error when the Login method is called.

"To call this method, the "Membership.Provider" property must be an instance of "ExtendedMembershipProvider".

I have a feeling this is somehow related to a change made in MVC 4 (as the book was written with MVC 3 in mind); however, my internet searches on the subject are just leaving me more confused. 

Has anyone else run into this when trying to create custom provider that uses CSLA business objects and what was the resolution?

Thanks for any assistance.



Brad Rem replied on Wednesday, August 14, 2013

I've recently done the same thing.

Try this:

Add a reference to WebMatrix.Data and WebMatrix.WebData.

Inherit instead from ExtendedMemberShipProvider:

    public class CustomMembershipProvider : ExtendedMembershipProvider

I don't remember exactly, but I think I might have had to delete everything that was there and re-implement all the members.

Something else I had to change was in the AccountController, I had to change the Login to look like this:

    public ActionResult Login(LoginModel model, string returnUrl)
        if (ModelState.IsValid)
            if (System.Web.Security.Membership.ValidateUser(model.UserName, model.Password))
                System.Web.Security.FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
                if (Url.IsLocalUrl(returnUrl))
                    return Redirect(returnUrl);
                    return RedirectToAction("Index");

        // If we got this far, something failed, redisplay form
        ModelState.AddModelError("", "The user name or password provided is incorrect.");
        return View(model);

In your views you might see `User.Identity.Name` which should change to `Context.User.Identity.Name`.

In Global.asax.cs, I ended up commented out `AuthConfig.RegisterAuth();`

There might be a few more changes but that should get you rolling again.


JonnyBee replied on Thursday, August 15, 2013

Jon Galloway has a nice blog post with more details on authorization and membership providers. 

drobisonoh replied on Friday, August 16, 2013

Thanks for the input.  That solved the problem.  I did not have to recreate all the existing methods in my CustomMembershipProvider but I did have to add methods introduced by ExtendedMembershipProvider.

Copyright (c) Marimer LLC