.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Cusom Role + task provider that wotk with windows and claims identties

Posted By:      Posted Date: October 19, 2010    Points: 0   Category :ASP.Net

I have created a custom principal that is populated with roles from a custom role store (SQL database). I also use a custom SQL Role provider.

I need to implement tasks that are related to a role. These tasks should have a business rule attached to it. For example user's that belong to the Approver role and the batch approval task should only be allowed to approve for amount greater than 1000 and customer x.

I know Azman provides this functionality or NetSQAzman but I can't use it due to my custom authorization should work with both windows and claims identities.

Any ideas? 

Thank you


View Complete Post

More Related Resource Links

need help with sharepoint (wss 3.0) with Windows authentication and Custom Role provider

I'm trying to setup sharepoint(wss 3.0) to use my custom role provider with Windows authentication. I've modified the web.config to enable role manager and I am able to select my custom roles when assigning permissions but it doesn't seem like sharepoint is check the permission again my custom roles. If I enable Forms authentication and use my custom membership provider it all works as expected but I do not want to use FBA because of the issues with Client Integration. Essentially I want all the features that comes with the default windows authentications but just have permission be control from my custom role provider. Can anyone offer any solution or suggestions?

Authorization Manager (AzMan) as role provider with Windows integrated authentication in SharePoint


Hi all,

First I will describe my environment: Windows Server 2008 R2 x64, IIS 7, SQL Server 2008 and MOSS 2007 Enterprise Edition SP2 x64.

I am trying to setup SharePoint 2007 portal to use Windows integrated authentication with Authorization Manager (AzMan) as role provider.

I have set up an authorization store and defined a set of roles in there. Further I configured the web.configs of my SharePoint environment to use AzMan as role provider.

In IIS I see the roles appearing, but unfortunately those roles are not available in my SharePoint portal. I also see notification in IIS stating that Forms authentication has to be used

What should I do to configure it correctly? Is it even possible to use AzMan with Windows authentication in SharePoint 2007?

Thanks in advance.

With kind regards,




Windows with C++: Task Scheduler 2.0


The new Task Scheduler in Windows Vista can do so much more than previous versions. We introduce some basic concepts and building blocks you can put to use in your own scheduled task projects.

Kenny Kerr

MSDN Magazine October 2007

Timers: Implement a Continuously Updating, High-Resolution Time Provider for Windows


The timestamps that you can obtain from Windows NT are limited to a maximum resolution of 10 or 15 milliseconds, depending on the underlying hardware. At times, such as when you need to timetag frequent events, it is desirable to achieve a higher resolution. For example, what if you want to be able to contact a thread or perform some other task at intervals more frequent than 10 milliseconds? Suggested ways of achieving better resolution include using performance counters in conjunction with the sytem time to calculate smaller time increments. But using performance counters is a technique that presents its own problems. This article shows one possible way of overcoming limitations inherent in this approach.

Johan Nilsson

MSDN Magazine March 2004

Walkthrough: Writing a Claims Provider in SharePoint 2010

By using claims authentication, you can assign rights based on claims without knowing who a user is, or how they are authenticated. You have to know only the attributes of the user.

Sample: SharePoint 2010 Claims Provider

Download a code sample that shows how to write a claims provider in SharePoint 2010 to augment claims and provide name resolution.

FTP Task working in XP but not working in Windows 7/2008 machines

Hey , A FTP Task in IS pkg is working fine when executed through BIDS in my Win XP machine ..but the same package is not working in Win 7/2008 machine. FTP task fails with the error : [FTP Task] Error: Unable to connect to FTP server using "FTPFolder.TempData.com". Here are few facts about my troubleshooting : 1) From my XP machine... I am able to connect to the FTP Server using DOS Cmds but fails in 2008 machine saying "Unknown host" I did : Run>Cmd>FTP>Open FTPFolder.TempData.com 2) I can view the files on the FTP server through a browser ( URL was given )on both the machines with no issues. 3) I created Port exception for 20 & 21 Ports for 2008 machine ...still no luck. 4) When I PING the FTP server --Cmd>PING FTPFolder.TempData.com On XP Machine...though FTP Server Name is resolved to IP... I still receive "Request timed out." On 2008 Machine ...the IP is not even resolved and error is thrown "Ping request could not find host FTPFolder.TempData.com. Please check the name and try again." 5) I am connecting to FTP Server from my Office machines. I have searched all the threads on this FTP error topic and haven't found the apt thread..so I have opened a new one.

Adding an OpenID Claims Provider

Hi, I have to implement OpenID to our SharePoint2010 farm. I found this blog http://blogs.pointbridge.com/Blogs/nielsen_travis/Pages/Post.aspx?_ID=34 but I just cant find the solution to overcome the compile errors. I can't complete the "Configure the WS-Fed Protocol Transition STS" step. After coping all surce I get error and warning in file _STS/Default.aspx ---- E. line 24: Unknown server tag 'idfx:FederatedPassiveTokenService'. W. Line 24: Element 'FederatedPassiveTokenService' is not a known element. ----  And after visiting the site I get error could not load assembly 'Microsoft.IdentityModel, version....' The system cannot find the file specified. Then After I change in line 4 the Version to "" I get the same w & e like before, just on site get error "Unknown server tag 'idfx:FederatedPassiveTokenService'" I'm working on SharePoint2010,VS2010,ADFS2.0 none of them is beta but the post in blog was written  when the betas where only available, so I assume that this is the main reason for my errors. Thanks for any help!  

Claims to windows token service wont start in Central administration

Not sure if this is a bug or some setting I just dont understand but I cannot get the claims to windows token service from manage services to show as started. When I click start I get this error in the event viewer: An attempt to start/stop instance of service Claims to Windows Token Service on server <SERVERNAME> did not succeed. Re-run the action via UI or command line on the specified server. Additional information is below. c2wts (DOMAIN\sp_farm) I have searched and searched for an answer. This thread http://social.technet.microsoft.com/Forums/en-US/sharepoint2010setup/thread/6b865ead-970b-4460-9dcf-1cc6d6d8530b talks about needing a connection to the internet, but my server is connected to the internet so i think i can rule that out. Also I have read that c2wts depends on the crypto service. I have run this command with no success: sc config c2wts depend= cryptsvc I can start the c2wts service through services.msc and it is succesful. But central administration still shows it is stopped. I have also re-run the installer in repair mode, and re-run the initial configuration wizard, maintaining all of the same settings as the previous installation. That didn't help. Basically, I'm out of ideas and I cant find much about this on the web. Any ideas?

Custom Role Provider Not Authenticating Users

I have created a custom role provider that is hard coded to say everyone is in a certain group (code below).  I have edited the webconfig of Central Admin, my Web Front End, and the Claims Service.  I can sucessuflly log in using the asp.net membership provider and configured access to the site by adding the "custom" role to the Owner Group.  With all of the above items setup I can launch visual studio and attach the to IIS process and verify that my custom role provider is being called.  Even with all this setup I cannot get another forms based user to be able to access the site.  The other user is getting a sharepoint access denied issues. Any Ideas?   public class IdBasedRoleProvider : RoleProvider { public const string AllAuthenticatedUsersRoleName = "custom"; public override string ApplicationName { get; set; } public override string[] GetRolesForUser(string username) { return new[] { AllAuthenticatedUsersRoleName }; } public override bool RoleExists(string roleName) { if (roleName == AllAuthenticatedUsersRoleName) return true; else return false; } #region Methods Not Implemented public override string[] GetAllRoles() { throw new NotImplementedException(); } public override bool IsUserInRole(string username, string roleName) { throw new NotImplementedException(); } public override void Ad

Sharepoint 2007 Custom Role Provider

I have been trying to configure Sharepoint 2007 to use a custom role provider (using Forms based authentication) that we have developed.  I have been following the tutorial at http://www.andrewconnell.com/blog/articles/HowToConfigPublishingSiteWithDualAuthProvidersAndAnonAccess.aspx, so my configuration files look similar (only database connection string changes).   I have the Membership role provider working (able to add users to my site collection) but am not able to figure out what i have done wrong in setting up the role provider.   To verify that our code works, I setup an empty website project and called the asp.net configuation tool (as described in the above reference article) and am able to view/create/remove/etc... roles as expected, so I think the role provider is working correctly.   What is the recommended way to debug my problem?   Thanks Greg.

Disable SharePoint Workspace alert on Windows 7 PC with Norton Firewall Provider.

My wife has a laptop with Windows 7 and Office 2010.  Recently she was playing with some settings on her PC and did something which now causes a "Microsoft SharePoint Workspace" alert to appear when she boots up the machine. She wants this message to go away.  I do not know how to do this, and searching for portions of the alert have lead nowhere.  Here is the exact message. SharePoint Workspace is unable to communicate through your firewall and will run with limited functionality.  To resolve this problem, enable SharePoint workspace as a Windows Firewall exception.  For assistance, contact your Windows administrator. To remedy this, here is what I attempted: Start > Control Panel > View by Small Icons > Windows Firewall This opens a dialog with the caption, "Help protect your computer with Windows Firewall".  Below that, there is an orange box with the notification, "These settings are being managed by vendor application NORTON FIREWALL PROVIDER." Of the half-dozen options that appear in the left navigation panel of that dialog, only 3 are enabled: control panel home, advanced settings, and troubleshoot my network.  The option to "Turn windows firewall on or off" is disabled. We have Norton 360, so I opened that program and chose the "Settings" tab, which displays a Firewall link to

Sharepoint 2010 WorkFlow Task AssignedTo Windows Group doesnt send email notification

Hi, Which configuration would prevent sharepoint to send a notification when a workFlow task is assigned to a Windows Group with an email ? The same task with a single User send a notification. Thanks, Patrice      

provider can not be found OLEDB in windows 7

The 'Microsoft.Jet.OLEDB.4.0' provider is not registered on the local machine also provider can not be found it may not be properly installed I am getting this error I am using windows 7 everything was working fine on XP but on windows 7 i am getting this error I dont understand what to do since I need to run the code as it is very urgent can u please help me with what do I need to do and from where to download the content so that my laptop works properly.... I need to run my project on laptop which is installed with windows 7 -- 64 bits and the project was developed on XP thank u in advance

Same Role provider (ASP.NET Services database) for various WCF services


Hi there,

Service Authetnication

Have configured WCF service to implement authentication using AD(Active Directory), when a request comes from the client it is authenticated aginst active directory and either allow access or deny based on the credentials passed to the service.

Authorization using ASP.NET Role provider

Have implemented the method level authorization using SecurityPermission attribute, which checks the role data in ASP.NET Services database( in other words Membership database) against aspnet_roles, aspnet_Users_InRoles tables to allow / deny access to particular method.

It works well with single instance of service, where the request is from mutliple client applicaitons.

In the above implementation, WCF service is configured to use ASP.NET Membership database to implement authorization to authorize access to particular methods.


Would like to know if it is feasible/best practice to utilise the same instance of ASP.NET Membership databse to implement Role based authorization on number of WCF services.

[PrincipalPermission(SecurityAction.Demand, Role = <

Role Provider mess up Welcome [username] on wss


Hi,I have a role provider, and this is how i wrote for my GetRolesForUser(string username), now the problem is on the wss page, on the top right corner, it shows Welcome "System Account" Instead of the logged in user. And I checked it, after RunWithElevatedPrivilage, The CurrentUser is System Account,How can I make the welcome to show the current logged user?

Thank you

public override string[] GetRolesForUser(string username)
      //string[] s = ws.GetRolesForUser(username);
      //return s;
      List<string> domainGroups = new List<string>();
      var webContext = SPContext.Current.Web;


          using (SPSite site = new SPSite(webContext.Site.ID))
            //siteEval = site.OpenWeb(site.
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend