I'm creating a custom Role provider based on the ASP.NET Role provider. I have 3 tables. One for Users, one for Roles, one for UsersInRoles.The Users table has no password column because the users are authenticated with ActiveDirectory. That's my approach so far. I can't get the cusstom Role Provider to work, anyone has the same situation like me. How do you make a custom Role provider works with AD?
What I did: create a class which inherits from System.Web.Security.RoleProvider, and choose "Implement abstract class" from the context menu when clicking on : Roleprovider. I only implemented the method GetRolesForUser (the other methods throw NotImplementedException).
At a certain point I thought I also needed to implement the MembershipProvider, but a simple addition to web.config fixed it (since the assembly is not in the GAC, in the type-attribute, you only need to mention the namespace+type-name; not the assembly name and other parameters):
<configuration>
<system.web>
<roleManager enabled="true" defaultProvider="MyRoleProvider">
<providers>
<clear />
<add name="MyRoleProvider" type="Namespace.To.MyRoleProvider" />
</providers>
</roleManager>
</system.web>
</configuration>
There is no need to implement the ValideUser method on a MembershipProvider.
You should be able to write the role provider in a manner to where you override the ValidateUser() method and force it to perform the AD lookup there. After that, most of the built in stuff should take over.
来源:https://stackoverflow.com/questions/2307063/custom-role-provider-with-activedirectory-authentication