There are a lot of pages out there describing the basics of a .NET custom membership provider, while others describe configuring a ready-made custom provider for EPiServer. Here's a two-part tutorial that combines this info into a practical example.

Part 1 introduces the basic concept of a membership provider. Jump to part 2 for the technical stuff.

Why implement a custom membership provider?

You'll need a custom membership provider if:

How does a membership provider work?

A membership provider offers a set of methods for retrieving, adding, updating, authenticating and deleting user accounts. The providers that ship with .NET use Stored Procedures (prefixed "dbo.aspnet_Membership_") to interact with SQL Server database tables (prefixed "dbo.aspnet_")

  The default .NET Membership tables
Above: The default .NET Membership tables.

The default .NET Membership Stored Procedures

Above: The default .NET Membership Stored Procedures.

How does EPiServer interact with the membership providers?

EPiServer is built on the .NET Membership model and uses the active membership providers for interaction with database/storage. For instance, the "Search Users/Groups" feature in EPiServer admin mode uses provider methods to retrieve and interact with user accounts (here shown using the SqlMembershipProvider which ships with EPiServer/.NET):

Flowchart using a .NET Membership provider

Above: Flowchart using a .NET Membership provider.

Note that EPiServer will call different provider methods depending on the input in the search fields:

When searching, EPiServer will call these methods on all active providers, one by one. This means that the search will fail with a "Method not implemented" error if one of the providers does not support the method in question. So if you want to let EPiServer handle your users, make sure you implement all the methods required.

The "Edit User" screen also uses several common provider methods that you might want to include in your custom provider:

The EPiServer "Edit user" screen uses several provider methods

Provider methods and attributes required for this feature to work properly:

Feature Method/attribute involved
"Change Password"
+ Save
GetUser
RequiresUniqueEmail
ResetPassword
ChangePassword
ChangePasswordQuestionAndAnswer
UpdateUser
 
Toggle "Active"
+ Save
GetUser
RequiresUniqueEmail
UpdateUser
 
Toggle "Account Locked"
+ Save
GetUser
RequiresUniqueEmail
UnlockUser
UpdateUser
 
 Delete GetUser
DeleteUser 

The technical stuff

In part 2, we'll create a simple custom SQL-based membership provider.