Friday, April 25, 2008

Custom Membership

Limits of Anonymous Access
  • No Authenticated Identity
  • No permission levels
  • No web application policy
  • Can add list items, but not documents or attachments
  • Cannot initiate a workflow (if you want to use the workflow engine to put a form on the site for an anonymous user to request some information, out of box, there is no way to do that.)

Filling the gaps in Anonymous Access

  • SharePoint 2007 is based on ASP.NET 2.0
  • ASP.NET 2.0 allows MembershipProviders
  • Global.asax provides events to augment FBA
  • It is possible to handle FormsAuthentication_OnAuthenticate event and log a user in


1. Open a new C# Class Library Project in VS2005, name it AnonymousMembershipProvider
2. Add a new cs file called AnonymousMembershipProvider.cs
3. Add using statements: using System.Web; using System.Web.Security;
4. This class needs to inherit from MembershipProvider class
5. Override the ValidateUser method to return true if username is "Anon"
6. Create a method called GetMembers method, set the return type to MembershipUserCollection, add "Anon" to the AnonymousMembershipProvider, and return it.
7. Override the FindUsersByName method, set the totalRecords = 1, return GetMembers();
8. Override the GetAllUsers method, set the totalRecords = 1, return GetMembers();
9. Override the GetUser method, return "Anon" as a new MembershipUser. Same for the GetUser overload method.
10. For all other override methods, just throw new NotSupportedException.
11. Give it a strong name.
12. Go to Visual Studio 2005 Command Prompt, cd your assembly folder. Take a look at the options of by typing gacutil -? Then install the dll into GAC by typing gacutil -i AnonymousMemberShipProvider.dll
13. Use reflector to open AnonymousMemberShipProvider.dll, get the version,culture and PublicKeyToken information.
14. Assume you have already got a anonymous site extended from a default zone. Go to your anonymous site's web.config, add the membership tag, and add the provider in.
15. Go to the default zone's web.config, add the same.
15. Go to central admin, application management, authentication providers, change the anonymous site from windows to forms, uncheck enable anonymous acess, add the provider name, save
16. Go to the anonymous site, you will see a sign in page.
17. Go to the default zone, people and groups, go to site members, add the user, type "Anon" in the user textbox, click ok
18. Go back to the anonymous site, type "Anon" in the user name textbox, no password, sign in, now you can be signed in.
19. Go to the anonymous site's global.asax, add a script, add the FormsAuthentication_OnAuthenticate handler, if "Anon" is validUser, then setAuthCookie, save the file.
blog comments powered by Disqus