ValidateUser of Forms Authentication issue

views:

302

answers:

+1 Q:

ValidateUser of Forms Authentication issue

Hello everyone,

I am using SharePoint 2007 Enterprise + Publishing portal template + Windows Server 2008. And I am developing using ASP.Net + C# + .Net 3.5 + VSTS 2008 on SharePoint Server 2007. I am developing a custom Forms authentication based on Forms authentication interface. I am learning using Forms Authentication with SharePoint and my confusion is about this method -- ValidateUser of Forms Authentication, here is MSDN link,

http://msdn.microsoft.com/en-us/library/system.web.security.membershipprovider.validateuser.aspx

My confusions are about which component will call ValidateUser method?

Do I need to call ValidateUser by myself (my application code), or depends on my needs (not always needed, depends on my application scenario);
Is ValidateUser is called by SharePoint code (not my own application code), if yes, when (i.e. in what situations will SharePoint calls ValidateUser method, or say in other words, what operation in SharePoint will trigger invocation of this method)?

thanks in advance, George

+1 A:

The ValidateUser method is called to verify that a username and password have been correctly entered for a user. It is called during the authentication process.

If your web.config file is configured to use your custom membership provider ValidateUser is called automatically if

You use a standard control (like the ASP.NET Login control) for authentication in your page (this applies to both regular ASP.NET and SharePoint); or
You use the default SharePoint Forms Authentication page (/_layouts/login.aspx). SharePoint will redirect unauthenticated users to this page if the content being accessed is blocked for anonymous users.

You will have to call ValidateUser yourself if you customize the default SharePoint login page and you don't use the ASP.NET Login control.

dariom 2009-11-22 22:40:34

Thanks dariom! My question is, if I customize SharePoint login page and not using ASP.Net Login control, and for anonymous user, if the anonymous user access specific content which is blocked for anonymous users, will ValidateUser be called automatically?

George2 2009-11-23 09:51:55

When an anonymous user encounters blocked content SharePoint will redirect to the URL defined in the `web.config` (`loginUrl` attribute of the `forms` element). If this is a custom login page that **doesn't** use the ASP.NET Login control **you** will have to call `ValidateUser`. I hope that clears things up.

dariom 2009-11-23 10:04:58

Thanks! My situation is, I have a customized login page (making some UI enhancements compared to SharePoint built-in login page) and use ASP.Net login control in the customized login page. And for anonymous user, if the anonymous user access specific content which is blocked for anonymous users, will ValidateUser be called automatically or just be redirected to my custom login page?

George2 2009-11-23 10:32:45

Thanks for clearing up your scenario. In your case, SharePoint will redirect to your custom login page when an anonymous tries to access restricted content. When the user submits the login page, the ASP.NET Login control will call `ValidateUser` for the membership provider configured in the `web.config`.

dariom 2009-11-23 11:25:02

Cool, question answered!

George2 2009-11-23 15:36:12

ansaurus

tags:

views:

answers:

ValidateUser of Forms Authentication issue

related questions