Article

Authentication not working with external authentication provider integrated with LDAP

« Go Back

Information

 
Article Number000093727
EnvironmentProduct: Sitefinity
Version: 11.1, 11.2
OS: All supported OS versions
Database: All supported Microsoft SQL Server versions
Question/Problem Description
After an upgrade to Sitefinity 11.1 and above, a custom authentication solution utilizing the external authentication providers and LDAP setup results with an error when users use the external provider for authentication. An error with message "String cannot be of zero length" is present in the error logs.
Steps to Reproduce
Clarifying Information
LDAP provider is used during the authentication with external providers.
Error MessageMessage: System.ArgumentException: String cannot be of zero length.
Parameter name: oldValue
at System.String.ReplaceInternal(String oldValue, String newValue)
at System.String.Replace(String oldValue, String newValue)
at Telerik.Sitefinity.Data.Linq.Ldap.LdapQueryTranslator`1.VisitAndAlso(BinaryExpression b)
at Telerik.Sitefinity.Data.Linq.Ldap.LdapQueryTranslator`1.VisitBinary(BinaryExpression b)
at Telerik.Sitefinity.Data.Linq.Ldap.LdapQueryTranslator`1.VisitSelectorMethod(MethodCallExpression m)
at Telerik.Sitefinity.Data.Linq.Ldap.LdapQueryTranslator`1.VisitMethodCall(MethodCallExpression m)
at Telerik.Sitefinity.Data.Linq.Ldap.LdapQueryProvider`2.GetLdapQuery(Expression expression)
at Telerik.Sitefinity.Data.Linq.Ldap.LdapQueryProvider`2.Execute[TResult](Expression expression)
at Telerik.Sitefinity.Data.Linq.Ldap.LdapQueryProvider`2.System.Linq.IQueryProvider.Execute[TResult](Expression expression)
at Telerik.Sitefinity.Authentication.IdentityServer.SitefinityUserService.GetUser(UserManager userManager, String externalProviderName, String externalId, String email)
at Telerik.Sitefinity.Authentication.IdentityServer.SitefinityUserService.<AuthenticateExternalAsync>d__1.MoveNext()
-- - End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at IdentityServer3.Core.Endpoints.AuthenticationController.<LoginExternalCallback>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Threading.Tasks.TaskHelpersExtensions.<CastToObject>d__3`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Controllers.ApiControllerActionInvoker.<InvokeActionAsyncCore>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Filters.ActionFilterAttribute.<CallOnActionExecutedAsync>d__5.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Web.Http.Filters.ActionFilterAttribute.<CallOnActionExecutedAsync>d__5.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Filters.ActionFilterAttribute.<ExecuteActionFilterAsyncCore>d__0.MoveNext()
Defect/Enhancement Number
Cause
During the authentication with an external provider, the ExternalProviderName and ExternalProviderId properties are used for user filtration. When LDAP provider is used, during the building of the LDAP query, Sitefinity cannot resolve the properties, as they are not part of the default user mappings for LDAP.
Resolution
Add the following dummy LDAP user mapping:
1. Go to Administration > Settings > Advanced > Security > LDAP Settings > LDAP Mappings > LDAP Types Mappings > UserMapping > LDAP Properties Mapping
2. Create a new property with:
PropertyName: ExternalProviderName
LdapField: ExternalProviderName
3. Restart the application

Note: If there is no access to the backend, add the mapping in the SecurityConfig.config:
<ldapMapping> 
    <typesMapping> 
        <type name="UserMapping" config:flags="1"> 
            <propertiesMapping> 
              ...
              <mapping ldapField="ExternalProviderName" propertyName="ExternalProviderName" config:flags="1" /> 
            </propertiesMapping> 
        </type> 
    </typesMapping> 
</ldapMapping>
Workaround
Notes
Attachment 
Last Modified Date1/10/2019 12:32 PM


Feedback
 
Did this article resolve your question/issue?

   

Your feedback is appreciated.

Please tell us how we can make this article more useful. Please provide us a way to contact you, should we need clarification on the feedback provided or if you need further assistance.

Characters Remaining: 1025