Hi, I just ran into a weird problem when writing a custom membership provider for a wss site.
This is how we validate user, since the authentication is using webserivce, we need to call the web user and passing user name and password to the webserice then update the WSS Profile based on the webservice call. This is how we do for ValidateUser(string username, string password)
public override bool ValidateUser(string username, string password)
{
edwsusermaintWS.edwsusermaint usermgt_ws = new ASP.NET.CustomMembership.edwsusermaintWS.edwsusermaint();
bool isvalid = false;
try
{
string userinfo = usermgt_ws.validatePassword(username, password);
if (userinfo != null && userinfo.Length > 0)
{
SPWeb siteEval = null;
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite siteCollection = new SPSite(SPContext.GetContext(System.Web.HttpContext.Current).Site.Url))
{
SPWeb site = siteCollection.OpenWeb();
siteEval = site;
}
});
siteEval.AllowUnsafeUpdates = true;
//This is not efficient process, because everytime, people logs in,it queries the webservice to update
//the user profile. The problem is once we validate the username password from webservice,it only returns
//DN name without profile info.It calls getuserprofile webservice eventually in order to detect if the
//user full name is updated or not.
SPUser usrAssignedTo = siteEval.EnsureUser(this.Name + ":" + username);
usrAssignedTo.Name = GetUserInfo(username).FormattedName;
usrAssignedTo.Update();
siteEval.Groups["Anonymous Group"].AddUser(usrAssignedTo);
siteEval.Update();
siteEval.AllowUnsafeUpdates = false;
}
catch (SPException exp)
{
System.Diagnostics.Debug.WriteLine(exp.InnerException);
}
finally
{
if (siteEval != null)
siteEval.Dispose();
}
isvalid = true;
}
}
catch (System.Web.Services.Protocols.SoapException exp)
{
System.Diagnostics.Debug.WriteLine(exp.InnerException);
}
return isvalid;
}
This has NO problem at all when we disable the role provider. But when we enabled Role provider, the problem occurs. Some times, it says SPWeb web = site.OpenWeb() is Object Reference is NULL. Sometimes, it says,new SPSite(SContext.Current.Web.Url)=>Operation is not valid due to the current state of the object. To me, it seems like I didnt release the resource properly, but i really cannot figure out how to release the object properly. Please help....Thank you in advance.
public override string[] GetRolesForUser(string username)
{
List<string> domainGroups = new List<string>();
SPWeb siteEval = null;
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
SPContext.Current.Web.Dispose();
using (SPSite site = new SPSite(SPContext.Current.Web.Url))
{
siteEval = site.OpenWeb();
//using (SPWeb web = site.OpenWeb())
//{
foreach (SPGroup group in siteEval.Groups)
{
foreach (SPUser user in group.Users)
{
if (user != null)
{
if (user.IsDomainGroup)
{
edwsgroupmaintWS.edwsgroupmaint search = new ASP.NET.CustomMembership.edwsgroupmaintWS.edwsgroupmaint(); ;
edwsgroupmaintWS.AuthenticationCredentialsType cred = new EDWS().GetED_GroupWSSearchCred();
if (search.isUserInGroup2(username, user.Name, cred).BooleanResult == true)
domainGroups.Add(user.Name);
}
}
}
}
//}
}
});
}
catch (Exception ex)
{
}
finally
{
if (siteEval != null)
siteEval.Dispose();
}
return domainGroups.ToArray();
}