Sitecore Virtual Users on a CD scaled environment

How many times you worked with virtual users in Sitecore? Do you know what is Sitecore virtual users? have you ever run into issues with virtual users on your production environment? In this post I would like to share my experience with virtual users in a scaled production users, if you don't know virtual users or when/how to use it, or if you run into issues with it I highly suggest you keep reading!

 

What is Sitecore virtual users? 

If you don't know Sitecore virtual users, its It is possible to create user objects in memory that do not physically exist in the database. The user objects can be assigned administrative rights, roles etc. and can be used for login.  Once a virtual user has been logged in, it is used by the system as if it was a 'real' user. Thus, API code that has special security needs can use virtual users to accomplish these.

 Why/When I need to use virtual users?

I've seen a different usages of virtual users, commonly used when you have users stored in a third party database or system, these users may exist in NetForum or Personify or any other system, and you would need to build a front end site login and assign permissions (roles) to these users at runtime, and you don't want to manage these users in Sitecore. 

Is virtual user working fine on a CD scaled environment? 

In a recent project I worked on, Sitecore 10.0, I had an issue with user Virtual users on a CD scaled environment, the virtual login functionality worked as expected on Local, Dev, QA and even CM, but when tested on a CD scaled and out of process session, it failed. in the following couple of sections, I will go through the different related points that we went through to validate and how we fixed these. 

 What's the correct way of building/implementing sitecore virtual users? 

I've been using Sitecore virtual users for years now, and for a long time I've been using the following code to build a virtual user and assign properties to it:

While the above worked find for me for a long time, it looks like its not the best, instead of using the Profile property, The RuntimeSettings property is a only place for virtual users to store profile and role data. When a virtual user logs in, the method StoreMetaData(), which is called from the Login() method, serializes the user's runtime settings and stores them in the cache. Then, the cache is accessed to retrieve the user data. No other datasource is used. following is a sample of how it should look like:

Is there an issue with syncing roles between the CD servers for virtual users roles? 

The short answer is yes its possible, you have two choices to overcome this issues:

• Setup Solution: You would need to enable sticky session on your load balancer to keep the logged in user on the same CD server. 
• Custom Code: Adding a custom processor and verify if user is logged in and roles count is zero, reload the needed user's roles.

What was the solution of my issue? 

Even after going through the above, I still has the issue when trying to log in a virtual user, checking the log files, I found the following error (only on scaled CD when session is serialized to the session database): 

After back and forth with Sitecore support we found the issue, which was caused by the fact that we are using a number as the username, this is registered as a bug and the fix or the workaround is to add a prefix or postfix string to the username. 

Hope this will help someone, if you have any comments or question, please feel free to comment down there, or reach out to me through Email.