Home > MOSS 2007 > Central Admin Can’t See My Authentication Provider!

Central Admin Can’t See My Authentication Provider!

February 22nd, 2008 Leave a comment Go to comments

Received today from CodePlex:

“Hi Reza, I have created a custom membership provider for my MOSS site [ it checks creds against a propriteray store]. I have implemented these methods in the CustomProviderClass public class MyCustomProvider:MembershipProvider
* GetAllUsers
* ValidateUser
* GetUser
* FindUsersByName
I followed the technet links to register the custom provider in the sharepoint Admin site as well as my custom website on which I would like to have FBA. Unfortunately I am struggling at the point where I am not able to add users….. Central Administration > Application Management > Policy for Web Application > Add Users the user is not found when I check names, yes I use MyProvider:username BTW I tested my custom provider in ASP.NET 2.0 and it works super Please advice, thanks a lot”

First of all , you don’t need to specify MyProvider:username for the user to be resolved. In a healthy FBA configuration putting username alone should be okay. However , when you hover over the username , it must show MyProvider:username as the tooltip. This is one of the ways that you can make sure your user belongs to your custom authentication provider , not a similar name in AD or any other authentication providers.

Secondly, the fact that your custom authentication provider works in your ASP.NET application or even in your SharePoint web application (whatever zone you specify for your FBA stuff ) doesn’t guarantee that it should work in Central administration or SSP. They are different web applications running under different application pools (they better be ;)) with different web.config files. Here are two things that I’d check:

1) FBA settings ( Are they the same in SharePoint Web Application and Central admin) – You don’t need to include role provider settings in central admin.

2) Debug your authentication provider to see if it gets initialized. Then step through your various methods and see if there is an exception thrown somewhere in GetUser method that is not propagated up in the call stack or you have handled it without logging it (bad bad idea). Make sure you do an IISRESET and browse to your site once before you attach to the worker process, because your auth provider might have been already initialized and you don’t see the initialized method get hit again – GetUser gets hit everytime a name is resolved. This is where a good instrumented code comes to light to nail down the issue. Please Please make sure that you write plenty of tracing code in every piece of functionality you develop. I guarantee that you won’t regret it. Debugging can be done in two ways. One way is what I described above or you can place a trace on the SQL server side to see if the communication with back-end database ever happens and what gets transmitted. Many people would prefer the latter one.

Hope this helps,

Categories: MOSS 2007 Tags:
  1. mettlus
    February 25th, 2008 at 11:11 | #1

    Thanks, put a lot of tracing in the code, I see that ValidateUser routine never gets called when I try to sign in through the FBA on the site? weird….
    I am able to resolve/check the username etc…

  2. Reza Alirezaei
    February 25th, 2008 at 14:12 | #2

    Validate user is when you login , if you are not logging then why should validate user gets hit? 🙂

    When a name is resolved can you see that GetUser gets hit, can you debug through?

  3. Raghavendra
    October 31st, 2009 at 00:49 | #3

    Hello Sir,

    I’ve the same problem. I created a membership provider database using aspnet_regsql and created a new authentication provider for my publishing site. I have changed the web.config for both the web application and Central Administration. I want to set a user in the database as the site collection administrator for my application in central administration. But CA is not picking my provider and the people picker is not resolving the users in the database.

    But it worked fine in my development environment but i’m not able to get it working in a testing environment. How to debug it?

  4. May 20th, 2012 at 12:09 | #4

    Hi Dustin,This information is gerlnaley applicable for situations where you are using SharePoint hosted by a 3rd-party (i.e. you are not using integrated Active Directory authentication because your local computer is not in the same domain as the server running SharePoint). If your SharePoint site is hosted off-site, it should not matter whether they are in your office or at home, as it is still accessed the same. So I don’t have any specific advice for your situation, as there could be a lot of different factors involved. Good luck; I hope you are able to work through the problem!