.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

need help with sharepoint (wss 3.0) with Windows authentication and Custom Role provider

Posted By:      Posted Date: September 24, 2010    Points: 0   Category :SharePoint
I'm trying to setup sharepoint(wss 3.0) to use my custom role provider with Windows authentication. I've modified the web.config to enable role manager and I am able to select my custom roles when assigning permissions but it doesn't seem like sharepoint is check the permission again my custom roles. If I enable Forms authentication and use my custom membership provider it all works as expected but I do not want to use FBA because of the issues with Client Integration. Essentially I want all the features that comes with the default windows authentications but just have permission be control from my custom role provider. Can anyone offer any solution or suggestions?

View Complete Post

More Related Resource Links

Authorization Manager (AzMan) as role provider with Windows integrated authentication in SharePoint


Hi all,

First I will describe my environment: Windows Server 2008 R2 x64, IIS 7, SQL Server 2008 and MOSS 2007 Enterprise Edition SP2 x64.

I am trying to setup SharePoint 2007 portal to use Windows integrated authentication with Authorization Manager (AzMan) as role provider.

I have set up an authorization store and defined a set of roles in there. Further I configured the web.configs of my SharePoint environment to use AzMan as role provider.

In IIS I see the roles appearing, but unfortunately those roles are not available in my SharePoint portal. I also see notification in IIS stating that Forms authentication has to be used

What should I do to configure it correctly? Is it even possible to use AzMan with Windows authentication in SharePoint 2007?

Thanks in advance.

With kind regards,




Sharepoint 2007 Custom Role Provider

I have been trying to configure Sharepoint 2007 to use a custom role provider (using Forms based authentication) that we have developed.  I have been following the tutorial at http://www.andrewconnell.com/blog/articles/HowToConfigPublishingSiteWithDualAuthProvidersAndAnonAccess.aspx, so my configuration files look similar (only database connection string changes).   I have the Membership role provider working (able to add users to my site collection) but am not able to figure out what i have done wrong in setting up the role provider.   To verify that our code works, I setup an empty website project and called the asp.net configuation tool (as described in the above reference article) and am able to view/create/remove/etc... roles as expected, so I think the role provider is working correctly.   What is the recommended way to debug my problem?   Thanks Greg.

Custom Role Provider Issue In Sharepoint 2010



I have? migrated my existing wsp solution that contains working custom FBA membership and role providers to Sharepoint 2010. As stated in several migration or custom membership provider articles that I fround in Net for Sharepoint 2010, I followed the steps below:

  • Created my FBA login page under _layouts, I inherited it from FormsSignInPage.
  • Set authentication of the web application to Claims
  • Enabled forms based authentication for the application and set my custom provider names.
  • Added provider names to not only my application's web.config but also to central application web.config and securitytoken web service's web.config (which is located in [14 hive]\WebServices\Securitytoken).

The current issue I am having is as follows:

  • When user types in username and password and presses the login button in the FBA login page, yellow "screen of death" :) is displayed indicating: "The server was unable to process the request due to an internal error.  For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework 3.0 SDK documentati

Custom Role Provider Not Authenticating Users

I have created a custom role provider that is hard coded to say everyone is in a certain group (code below).  I have edited the webconfig of Central Admin, my Web Front End, and the Claims Service.  I can sucessuflly log in using the asp.net membership provider and configured access to the site by adding the "custom" role to the Owner Group.  With all of the above items setup I can launch visual studio and attach the to IIS process and verify that my custom role provider is being called.  Even with all this setup I cannot get another forms based user to be able to access the site.  The other user is getting a sharepoint access denied issues. Any Ideas?   public class IdBasedRoleProvider : RoleProvider { public const string AllAuthenticatedUsersRoleName = "custom"; public override string ApplicationName { get; set; } public override string[] GetRolesForUser(string username) { return new[] { AllAuthenticatedUsersRoleName }; } public override bool RoleExists(string roleName) { if (roleName == AllAuthenticatedUsersRoleName) return true; else return false; } #region Methods Not Implemented public override string[] GetAllRoles() { throw new NotImplementedException(); } public override bool IsUserInRole(string username, string roleName) { throw new NotImplementedException(); } public override void Ad

Integration of Windows live Id authentication with Sharepoint 2010?

Dear folks,   please give me some details about Integration of Windows Live Id authentication With SharePoint 2010? Thank you Regards Immanuel c

SharePoint crawling - Windows authentication failing for STS4?

In a Sharepoint 2010 installation, we are trying to crawl the content of a small, single-node SharePoint installation. The crawling is partially successful. We are able to retrieve data delivered from the web services (_vti_bin/sitedata.asmx), but when the crawler tries to access the full page contents, it fails. The error message shown in the Crawl Log is: The crawler could not communicate with the server. Check that the server is available and that the firewall access is configured correctly. The error which is logged in the ULS is: 08/27/2010 01:52:02.92     mssdmn.exe (0x0A7C)                         0x03E4    SharePoint Server Search          HTTP Protocol Handler             du54    High        CHttpAccessorHelper::InitRequestInternal - unexpected status (500) on request for 'http://staging.dsr.dk/_layouts/error.aspx' Authentication 1.  [httpacchelper.cxx:657]  d:\office\source\search\native\gather\protocols\http\httpacchelper.cxx      08/27/2010 01:52:02.92     mssdmn.exe (0x0A7C)          &n

user role on sharepoint custom list

hi, can i set up a user role for a custom list form in sharepoint services 3 i want to use the "submit new absence" form. but i need to modify the form in a way that when a user open the form it fills the user his name or login name in the fields. and that the approver or "assigned to field" also is filled with the approvers name. i think i need to use a query for that, but how can i apply it to the fields of the absence list form

Disable SharePoint Workspace alert on Windows 7 PC with Norton Firewall Provider.

My wife has a laptop with Windows 7 and Office 2010.  Recently she was playing with some settings on her PC and did something which now causes a "Microsoft SharePoint Workspace" alert to appear when she boots up the machine. She wants this message to go away.  I do not know how to do this, and searching for portions of the alert have lead nowhere.  Here is the exact message. SharePoint Workspace is unable to communicate through your firewall and will run with limited functionality.  To resolve this problem, enable SharePoint workspace as a Windows Firewall exception.  For assistance, contact your Windows administrator. To remedy this, here is what I attempted: Start > Control Panel > View by Small Icons > Windows Firewall This opens a dialog with the caption, "Help protect your computer with Windows Firewall".  Below that, there is an orange box with the notification, "These settings are being managed by vendor application NORTON FIREWALL PROVIDER." Of the half-dozen options that appear in the left navigation panel of that dialog, only 3 are enabled: control panel home, advanced settings, and troubleshoot my network.  The option to "Turn windows firewall on or off" is disabled. We have Norton 360, so I opened that program and chose the "Settings" tab, which displays a Firewall link to

Custom Login Page , with custom membership provider for sharepoint 2010


Dear All,

I am new to sharepoint, i am developing a custom application on sharepoint 2010. i need to create a custom login page in sharepoint 2010 with a custom membership provider which will authenticate against a 3rd party web service. 

Can anybody guide me with the steps i need to do for this. do i need to write a custom claims provider for this or is it enough if i write a custom authentication provider and use it for my login page which we do for asp.net.

i am confused about these. 

thanks in advanace 


Custom Role Provider - Roles.GetRolesForUser(userName) raises exception


Hi All,

We have configured Claims based authentication in our application and We have extented the RoleProvider. When we call the Roles.GetAllRoles() method it returns all the roles available in the aspnet_Roles table. When we call Roles.GetRoleForUser(userName) it raises the following exception.

Exception of type 'System.ArgumentException' was thrown.
Parameter name: encodedValue

   at Microsoft.SharePoint.Administration.Claims.SPClaimEncodingManager.DecodeClaimFromFormsSuffix(String encodedValue)
   at Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider.GetRolesForUserBestEffort(String username)
   at Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider.GetRolesForUser(String username)
   at System.Web.Security.Roles.GetRolesForUser(String username)
   at Dsp.SP.ContentManager.GenericPublishedContent.BindGridPublicGroup(String selectedNode)

When we debug our Custom Role Provider project the breakpoint hits the GetAllRoles() method and it does not hit the GetRolesForUser() method. So we are not sure whether the overridden method is called or not?

Windows or SQL Authentication with SharePoint

Does anybody know where there is information on which SQL Authentication method is best to use with SharePoint? I need to know which is best, if I use SQL authentication what are the limitations etc. Any help would be appreciated.

Custom Profile Provider and Role - Mysql


May I ask if how can I create a custom mysql profile provider with the following properties?

                <add name="ProjectID" type="Int" defaultValue="0"/>
                <add name="TeamID" type="Int" defaultValue="0"/>
                <add name="EmployeeID" type="String" serializeAs="String"/>
                <add name="LastName" type="String" serializeAs="String"/>
                <add name="FirstName" type="String" serializeAs="String"/>
                <add name="MiddleName" type="String" serializeAs="String"/>
                <add name="NickName" type="String" serializeAs="String"/>

Cusom Role + task provider that wotk with windows and claims identties


I have created a custom principal that is populated with roles from a custom role store (SQL database). I also use a custom SQL Role provider.

I need to implement tasks that are related to a role. These tasks should have a business rule attached to it. For example user's that belong to the Approver role and the batch approval task should only be allowed to approve for amount greater than 1000 and customer x.

I know Azman provides this functionality or NetSQAzman but I can't use it due to my custom authorization should work with both windows and claims identities.

Any ideas? 

Thank you


Sharepoint in DMZ and Windows Authentication problems



i'm trying to set up Sharepoint in DMZ. the sql server is in corporate domain, the sharepoint farm in perimeter domain (dmz).

A trust relationship is established in which the perimeter domain trusts the corporate domain

the problem is this: when i run sharepoint configuration wizard i cannot connect to sql server using windows authentication- i get those error messages on sql server:

error1: Login failed for user ''. The user is not associated with a trusted SQL Server connection. [CLIENT: xxx.xxx.xxx.xxx]

(please note the username does not show up, xxx - ip address )

error2: SPI handshake failed with error code 0x80090311 while establishing a connection with integrated security; the connection has been closed. [CLIENT:xxx.xxx.xxx.xxx]


so i run  "psconfig" per microsoft article   http://support.microsoft.com/kb/932376/en-us and used SQL authentication.


that worked fine. wizard completed, i'm able to conect to sharepoint configuration site, but when i want to create a new web application and use windows a

Sharepoint 2010 Custom Membership Provider



I'm trying to create a site with fba using my own memebership and role provider.
The problem i have is when i am creating the sitecollection from the central administration, my web app has windows and fba authenticacton turned od, in the membership provider and role mananer i put my own providers. When i am creating the sitecollection for that web app in the administrator textbox is not finding the windows user... I don't understand why...
My web application authorization is windows with FBA turn on. If i turn off the fba authentication in the web app, the windows user is working as the administration....
I don't understand why is happening this..


UpDate: I checked the eventviewer and i have this error when i want to put the windows user:

An exception occurred in Forms Auth claim provider when calling SPClaimProvider.FillResolve(): The configuration section cannot contain a CDATA or text element. (E:\inetpub\wwwroot\wss\VirtualDirectories\48079\web.config line 457).

This line on the web.config is where i have my membership provider:

 <add name="LMSMemberShipProvider" type="Company.LMS.LiveMembershipProvider, Company.LMS, Version=, Culture=neutral, PublicKeyToken=464df6932833bbb2" applicationName="/"/>



My custom role provider doesn`t work


Hi guys.

Have a little problem. I`ve developed my custom role provider to have my implementation of it logic. But during the process i have a problem with this.

I implemented class CustomRoleProvider:

namespace CSSA
    public class CustomRoleProvider : RoleProvider
        public override string ApplicationName
            get { return "xxx"; }
            set { }

        /// <summary>
        /// Add roles to users.
        /// </summary>
        /// <param name="usernames">list of member which need to accept roles</param>
        /// <param name="roleNames">The list of role, which will be apply to user List</param>
        public override void AddUsersToRoles(string[] usernames, string[] roleNames)
            throw new NotImplementedException();

        public override void CreateRole(string roleName)


        public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
            return true;

        public override string[] FindUsersInRole(string roleName, string usernameToMatch)
            throw new NotImplementedException();

        public override string[] GetAllRoles()

Custom role provider and RunWithElevatedPrivileges(recursive loop)


I've implemented custom role provider. i get users from sharepoint list. But i have problem. if user is loged and if i try call method with RunWithElevatedPrivileges, then RunWithElevatedPrivileges cause call of GetRolesForUser. but in GetRolesForUser i use RunWithElevatedPrivileges and this cause new call of GetRolesForUser.... Any one know how can i avoid this recursion? and why RunWithElevatedPrivileges calls GetRolesForUser? i use custom role provider for asp.net site not sharepoint site. Thx

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend