Custom Role Provider with ActiveDirectory Authentication
-
22-09-2019 - |
Question
I'm creating a custom Role provider based on the ASP.NET Role provider. I have 3 tables. One for Users, one for Roles, one for UsersInRoles.The Users table has no password column because the users are authenticated with ActiveDirectory. That's my approach so far. I can't get the cusstom Role Provider to work, anyone has the same situation like me. How do you make a custom Role provider works with AD?
Solution
What I did: create a class which inherits from System.Web.Security.RoleProvider
, and choose "Implement abstract class" from the context menu when clicking on : Roleprovider
. I only implemented the method GetRolesForUser
(the other methods throw NotImplementedException
).
At a certain point I thought I also needed to implement the MembershipProvider, but a simple addition to web.config fixed it (since the assembly is not in the GAC, in the type-attribute, you only need to mention the namespace+type-name; not the assembly name and other parameters):
<configuration>
<system.web>
<roleManager enabled="true" defaultProvider="MyRoleProvider">
<providers>
<clear />
<add name="MyRoleProvider" type="Namespace.To.MyRoleProvider" />
</providers>
</roleManager>
</system.web>
</configuration>
There is no need to implement the ValideUser
method on a MembershipProvider
.
OTHER TIPS
You should be able to write the role provider in a manner to where you override the ValidateUser() method and force it to perform the AD lookup there. After that, most of the built in stuff should take over.