Re: Problem implimenting a Custom Active Directory Role Provider
- From: "AndersR" <anders.rask@xxxxxxxxx>
- Date: 24 Jan 2007 13:38:01 -0800
Hi,
sounds weird.
first of all did you try and debug the issue? as in stepping through
the code line by line?
that would give you an idea on whats happening.
to do so you need to fire up VS.NET on the server, attach the right
worker process in debug menu (use IISAPP from prompt to sort out what
worker process you need to attach), set a breakpoint in Initialize
method and since assembly is in the GAC you need to right-click
assembly, select Location and check "allow source code to differ....".
now the breakpoint should be hit when you log on.
i have created custom membership/role providers that validate against
AD and users in custom database, and it works fine.
Also be sure to add your custom providers in web.config of the central
administration so that you can add custom provider member/roles to the
site after you set the zone to form based auth. Here it is important
NOT to change the default provider in the roles section, since that
will leave the CA site almost unusable!
Another thing to consider is to either remove the providers set in
machine.config since these can interfer with your settings in
web.config.
Theres several walkthroughs available on the subject on different
blogs. The most thorough being on the sharepoint team blog
http://blogs.msdn.com/sharepoint
hth
AndersR
On Jan 24, 9:24 pm, Christian Brown <Christian
B...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Afternoon,
I have implemented a custom Role Provider that access Active Directory in
order to expose the roles (AD Groups) that a client is a member of.
My reasons for this are that I am attempting to use the Active Directory as
a store for authentication and authorization for a Share Point Server 2007
site that will be completely accessible from the Internet. The site MUST be
accessible through Forms Authentication and cannot use Windows Authentication
(The little grey login screen is forbidden :)).
This being said, the Role Provider works 100% when used within the context
of a standard ASP.NET application. However when I attempt to use it with
SharePoint the behavior is unpredictable.
AD Groups are not returned by the Provider as expected, in fact the people
Picker simply echoes back to me the Group that I search for (i.e were I to
search for group BillyBob, which does not exist within my AD, the people
picker will indicated that indeed ADRoleProvider:BillyBob does exist and can
be selected.)
Also, when I attempt to access the Role object through a Web Part an
Exception is thrown with the message below;
------------------------------------------------------------------------------
Request for the permission of type
'System.DirectoryServices.DirectoryServicesPermission,
System.DirectoryServices, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a' failed.
------------------------------------------------------------------------------
If however, in the same Web Part I simply use DirectoryServices to read from
the AD that code executes without error and return what I expect.
Does anyone at all have any experience attempting to implement a custom Role
Provider of any sort with SharePoint 2007?
Effectively I am looking for guidance regarding the security concerns that I
need to be aware of as it appears that it is a security issue that I am
having.
Any help at all would be greatly appreciated,
Christian Brown
.
- Prev by Date: for riobard: very fantabulous spam free nntp access - tip vigzo on - (1/1)
- Next by Date: Calendar issues - I need advice
- Previous by thread: for riobard: very fantabulous spam free nntp access - tip vigzo on - (1/1)
- Next by thread: Re: Problem implimenting a Custom Active Directory Role Provider
- Index(es):
Relevant Pages
|
