Using Custom .Net 2.0 Membership and Role providers for SharePoint 2007

If you decide to build custom membership and role providers to use with .Net 2.0 web applications, you can find a lot of blogs and articles including code samples.

There are also quite a few articles about using SQLMembershipProvider and SQLRoleProvider (that are part of the .Net framework) with SharePoint 2007.

This article is about building custom membership and role providers to use with SharePoint 2007. The original reason for developing the custom providers versus using standard .Net SQL membership and role providers was the complexity of the aspnetdb database schema. The standard providers will work only with aspnetdb database (or a database with an absolutely identical schema). Importing data from different data sources to this database requires developing DTS or SSIS packages. The database used for the providers has the simplest schema for the task, and yet it has all necessary tables, fields, and relations to store all necessary information and keep it consistent.

The database schema

The database has the simplest schema to contain users, roles, and the relationships between them. It contains only three tables: Users, Roles, and the cross-reference table.

Figure 1. Database schema

Providers

The provider model is part of the .Net framework 2.0. From a development point of view, providers are just class libraries that have to inherit from specific abstract classes: MembershipProvider and RoleProvider.

Providers are basically used to pull all necessary data from the data storage and also to then modify (insert, delete, update) the data. For example, you can create a user or role using providers, you can update users and roles, delete them, change the membership information, and so on.

If you are going to use the providers exclusively with SharePoint 2007, you don’t need to implement the entire Insert/Update/Delete function because the SharePoint framework never uses it. To manage your roles and users you have to use some other application. When you create the application that will handle all data modification in your data storage, you have a choice of using the providers (in this case you will have to implement all methods that modify the data), or modifying the data from a business component.

When I say you don’t have to implement the method, I mean that the method doesn’t contain any code. The method itself has to be there, however, otherwise the code won’t compile (see the code attached).

Since I have mentioned it, I’ll digress to say a couple of words about an application that could be used to manage users and roles in the data storage:. Admin Pages (Asp.Net Administration Tool), which is part of the .Net 2.0 framework. The application is supposed to manage all security settings of web applications and also users and roles using the providers. Unfortunately, according to my experience, this application can’t be used in the production environment because it can’t handle large numbers of roles and users (tens of thousands) and besides, it has a very poor error handling. This application can be used for fewer users and roles or for testing the providers.

Tables 1 and 2, show the methods used by SharePoint.

Membership provider

Table 1. The functions of membership provider used by the SharePoint framework

Role provider

Table 2. The functions of the role provider (I put here only methods used by the SharePoint framework)

Debugging and troubleshooting the providers

The providers will work with any Asp.Net 2.0 application, and, therefore, it makes sense to test them without SharePoint 2007. You can test 100% of the provider’s functionality in your development environment using a test Asp.Net application that would call the provider’s methods listed in Table 1 and Table 2.

Here are the choices you have to test the custom providers:

· You can create an Asp.Net application that would call the methods one by one.

· You can use IIS 7.0.

· You can use the .Net Administration Tool application (mentioned above in Providers section ).

In each of these cases, you will need to create a test Asp.Net application that will define the providers in the web.config file as your default providers.

Creating a test Asp.Net application

Using IIS MMC, create a virtual folder, for example TestProviders. The physical folder of the application can be empty except for one file: web.config and a bin subfolder. In the web.config file, you will have the definition of the providers. In the bin subfolder, you will have the assembly that contains the providers.

Revolutionize Your Business With Generative AI

From product design and software development to virtual agents, content creation, and reporting, GenAI is transforming business. Our AI experts help you unlock GenAI’s full potential and drive growth.

Let’s Get Started

Figure 2 The sample of web.config file for the test application

<?xml version="1.0"?>

<configuration>

<connectionStrings>

<add name="SqlServer2" connectionString="Server=YourServerName;Database=YourDatabaseName; uid=YourUserID;pwd=YourPassword;Connect Timeout=100" providerName="System.Data.SqlClient" />

</connectionStrings>

<system.web>

<authentication mode="Forms" >

<forms loginUrl="SiteMInder_Login.aspx" name=".ASPXFORMSAUTH" timeout="30" slidingExpiration="false"/>

</authentication>

<identity impersonate="true"/>

<membership defaultProvider="SiteMinder_MembershipProvider1">

<providers>

<add connectionStringName="SqlServer2" name="SiteMinder_MembershipProvider1" type="PointBridge.Providers.SiteMinder_MembershipProvider1" />

</providers>

</membership>

<roleManager enabled="true" defaultProvider="SiteMinder_RoleProvider">

<providers>

<remove name="AspNetSqlRoleProvider" />

<add connectionStringName="SqlServer2" name="SiteMinder_RoleProvider" type="PointBridge.Providers.SiteMinder_RoleProvider" />

</providers>

</roleManager>

<customErrors mode="Off"/>

<trace enabled="true" requestLimit="10" pageOutput="true" traceMode="SortByTime" localOnly="true"/>

</system.web>

</configuration>

Using the Asp.Net Administration Tool

· You can use the Asp.Net Administration Tool from Visual Studio 2005. Open your test application in Visual Studio 2005 and open the web.config file. Then, go to Project->Asp.Net configuration.

· You can create an Asp.Net web application with the physical folder that references the location of the application files. The physical location of the files (including the source code) is: C:WindowsMicrosoft.NETFrameworkv2.0.50727ASP.NETWebAdminFiles. To run the application, you have to pass two parameters, applicationPhysicalPath and applicationUrl, should be the physical path and URL of your test application (TestProviders). For example: http://localhost/asp.netwebadminfiles/default.aspx?applicationPhysicalPath=E:Development TestProviders&applicationUrl=/TestProviders

Using IIS 7.0

Open IIS MMC and click on the test application folder you created in #1 (TestProviders). Make sure that you are using a features view (not a contents view). In the features, view click on .Net Users or .Net Roles (both of them under the Asp.Net header). You should be able to browse your users (or roles) and see the users-roles relationship.

Configuring the providers for SharePoint applications

These two blogs describe perfectly the process of configuring .Net SQL membership and role providers for SharePoint applications:

Configuring Multiple Authentication Providers for SharePoint 2007

How to Configure Publishing Site With Dual Authentication Providers and Anonymous Access

Please note that you have to configure the providers for all SharePoint applications that will use these providers and for the SharePoint Central Administration application. To make changes in the web.config files, you can just copy and paste the <connectionStrings> node and <providers> nodes from the web.config file of your test application (TestProviders).