IFtpAuthenticationProvider.AuthenticateUser Method

IIS 7.0
 

Checks if a user name and password are valid.

bool AuthenticateUser(  
   string sessionId,  
   string siteName,  
   string userName,  
   string userPassword,  
   out string canonicalUserName
)  

Parameter NameDescription
sessionIdA string that contains the session ID.
siteNameA string that contains the site name.
userNameA string that contains the user name.
userPasswordA string that contains the password.
canonicalUserNameA string that will contain the canonical name of the user.

True if the user is validated; otherwise, false.

The canonicalUserName parameter can be used to canonicalize user names; the suggested canonical form is domain\user because previous versions of IIS FTP servers required the user name to be in the domain\user form.

A windows authentication based provider cannot be implemented with this method because it does not allow user tokens to be returned.

The following code example illustrates using the IFtpAuthenticationProvider and IFtpRoleProvider interfaces to create a custom authentication module for the FTP service that implements both user name and role checks.

using System;  
using Microsoft.Web.FtpServer;  
  
namespace FtpAuthentication  
{  
      public class FtpAuthDemo : BaseProvider,  
      IFtpAuthenticationProvider,  
      IFtpRoleProvider  
   {  
      bool IFtpAuthenticationProvider.AuthenticateUser(  
         string sessionId,  
         string siteName,  
         string userName,  
         string userPassword,  
         out string canonicalUserName)  
      {  
         // Note: You would add your own custom logic here.  
         canonicalUserName = userName;  
         string strUserName = "MyUser";  
         string strPassword = "MyPassword";  
  
         // Verify that the user name and password are valid.  
         // Note: In this example, the user name is case-insensitive  
         // and the password is case-sensitive.  
         if (((userName.Equals(strUserName,  
            StringComparison.OrdinalIgnoreCase))==true) &&  
            userPassword == strPassword)  
         {  
            return true;  
         }  
         else  
         {  
            return false;  
         }  
      }  
      bool IFtpRoleProvider.IsUserInRole(  
      string sessionId,  
         string siteName,  
         string userName,  
         string userRole)  
      {  
         // Note: You would add your own custom logic here.  
         string strUserName = "MyUser";  
         string strRoleName = "MyRole";  
  
         // Verify that the user name and role name are valid.  
         // Note: In this example, both the user name and  
         // the role name are case-insensitive.  
         if (((userName.Equals(strUserName,  
            StringComparison.OrdinalIgnoreCase))==true) &&  
            ((userRole.Equals(strRoleName,  
            StringComparison.OrdinalIgnoreCase))==true))  
         {  
            return true;  
         }  
         else  
         {  
            return false;  
         }  
      }  
   }  
}  

For an additional example, see Create an FTP Authentication and Authorization Provider using an XML Database.

TypeDescription
Client- IIS 7.5 on Windows 7
- IIS 8.0 on Windows 8
- IIS 10.0 on Windows 10
Server- IIS 7.5 on Windows Server 2008 R2
- IIS 8.0 on Windows Server 2012
- IIS 8.5 on Windows Server 2012 R2
- IIS 10.0 on Windows Server 2016 Technical Preview
Product- IIS 7.0, IIS 7.5, IIS 8.0, IIS 8.5, IIS 10.0
ReferenceMicrosoft.Web.FtpServer.dll

IFtpAuthenticationProvider Interface

IFtpAuthorizationProvider Interface

IFtpRoleProvider Interface

Show: