SharePoint Security - ARB SEcurity Solutions
Site Blog Home About ARBBlog SharePoint Dev Center Security Labs Contact
Oracle Membership, Role, Profile Provider


Oracle Membership, Role, Profile Provider

Introduction to Oracle/Microsoft Mixed Environments

It is fairly common within larger organization to leverage Oracle as the database for membership datastores because of its inherent clustering abilities along extending the ability to develop and manage heterogeneous IT systems and deliver on vendor-independent SOA strategies. For microsoft mixed technologies that talk with Oracle, there are other benefits that exist, such as mutual support for Web services standards such as BPEL (Business Process Execution Language) ensuring interoperability between Oracle BPEL Process Manager and Microsoft’s BizTalk servers and Oracle Fusion Middleware that assits enterpries in addressing productivity by connecting to native Microsoft Office products. Furthermore, this technology is engrained into several orgnaizations from intial networked computing deployment and therefore is not an option for conversion for membership data stores that may assimilate better to the membership providers that are rolled out by default by the Microsoft Office Server System.

Solving the Backend Oracle Data Store Dillema

This can prove rather constraining for organizations. However, using the pluggable architecture of the membership model in ASP.NET 2.0 which MOSS builds upon allows us to use Oracle as its datastore. The central job of the Oracle Membership Provider for SharePoint is built on the Unviersal Provider Framework and is targeted to define for the datasource code that will build all the relevant methods needed to interact with the membership, role, and profile provider.

Beginning Implementation of the Oracle Membership, Role, and Profile Provider

First thing is first, and there are some files that you are going to have to work with in order to get the provider implemented. The Visual Studio project file doesn't require any editing, and can simply be built into the Universal Provider Framework to procure the Oracle connection functionality.

SharePointMembershipProvider.cs - View Online | Download Class File
SharePointProfileProvider.cs - View Online | Download Class File
SharePointRoleProvider.cs - View Online | Download Class File
SharePointUsersProvider.cs - View Online | Download Class File
GeneralUtilities.cs - View Online | Download Class File
UserData.cs - View Online | Download Class File

To implement the provider in your MOSS environment it is neccesary like with all pluggable authentication providers to make some changes to the web.config file in your environment:

< configuration >
< connectionStrings >
< add name="SharePointOracleProvider" connectionString="User Id=Adam;password=buenz;Host=sharepointsecurity.com" />
< /connectionStrings >
< system.web >
...
< membership defaultProvider="SharePointOracleMembershipProvider "
userIsOnlineTimeWindow="15" >
< providers >

name="SharePointOracleMembershipProvider"
type="Universal.Provider.Framework.SharePointOracleProvider"
connectionStringName="YourOracleConnectionString"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
passwordAttemptWindow="10" / >
< /providers >
< /membership >
< /system.web >
< /configuration >





[ Go Back ]
Content ©
 MVP Remote Development

 MVP -- WSS




 TechNet Article

Read my article "7 New Features That Enhance Security In SharePoint" published in the Janurary issue of TechNet magazine Read Now

 Steps To SharePoint Security

Implement Internal SharePoint Security Model

Harden Your Environment With Tools and Policies

Monitor and Supervise With Server Utilities

 SharePoint Security Articles
The Definitive Guide To MOSS Pluggable Authentication Providers
The Active Directory Membership Provider and SharePoint Introduction
Introduction to and Building an ASP.NET 2.0 Custom Session State Provider
Considerations for Security Relating To Configuration Elements
Introduction to Microsoft Office SharePoint Server and WSSv3 Trust Levels and Code Access Security
 Example Attack on SharePoint With Chunked Encodes and Overflow

© 2006 ARB Security Solutions, LLC
ARB Security Solutions is not affiliated with or endorsed by Microsoft Corporation.
SharePoint is a trademark of Microsoft Corporation.     Legal Notices | Privacy 		SharePointSecurityFooter