Default FTP Custom Authorization Provider <provider>
Overview
The <customAuthorization>
element specifies the default settings for custom authorization of FTP sites. This form of authorization uses custom authorization providers to validate user access.
If you enable a custom authorization provider, the built-in authorization provider will not be used, and you will not be able to manually add an allow rule or a deny rule to the configuration.
For information about how to create a custom provider, see How to Use Managed Code (C#) to Create a Simple FTP Home Directory Provider.
Compatibility
Version | Notes |
---|---|
IIS 10.0 | The <provider> element was not modified in IIS 10.0. |
IIS 8.5 | The <provider> element was not modified in IIS 8.5. |
IIS 8.0 | The <provider> element was introduced in IIS 8.0. |
IIS 7.5 | N/A |
IIS 7.0 | N/A |
IIS 6.0 | N/A |
Setup
To support FTP authorization using a custom provider on your Web server, you must install the FTP Service with FTP Extensibity.
Windows Server 2012
Press the Windows logo key, and then click Server Manager.
In Server Manager, click Manage and then click Add Roles and Features.
In the Add Roles and Features wizard:
- On the Before You Begin page, click Next.
- On the Installation Type page, select the installation type, and then click Next.
- On the Server Selection page, select the appropriate server, and then click Next.
- On the Server Roles page, ensure that Web Server (IIS) is selected, and then expand it.
- Expand FTP Server, then select both FTP Service and FTP Extensibility, and then click Next.
- On the Features page, click Next.
- On the Confirm Installation Selections page, click Install.
- On the Results page, click Close.
Windows 8
- Open the Windows Control Panel.
- In the Windows Control Panel, open Programs and Features.
- In Programs and Features, click Turn Windows features on or off.
- In the Windows Features dialog box, expand Internet Information Services, and then expand FTP Server.
- Under FTP Server, select FTP Service and FTP Extensibility, and then click OK.
How To
How to configure default FTP authorization based upon a custom provider
Open Internet Information Services (IIS) Manager:
If you are using Windows Server 2012 or later:
- On the taskbar, click Server Manager, click Tools, and then click Internet Information Services (IIS) Manager.
If you are using Windows 8 or later:
- Hold down the Windows key, press the letter X, and then click Control Panel.
- Click Administrative Tools, and then double-click Internet Information Services (IIS) Manager.
In the Connections pane, select the server name.
In the Home pane, double-click the FTP Authorization Rules feature.
In the Actions pane, click Edit Feature settings.
In the Authorization Feature Settings dialog box, select Choose a custom authorization provider to enable FTP authorization by a custom provider. In the associated drop-down list, select a custom provider from the list.
Note
When a custom FTP authorization provider has been enabled, the FTP Authorization Rules feature is disabled.
Click OK.
Configuration
The <provider>
child element of the default FTP <customAuthorization>
element is configured at the server level.
Attributes
Attribute | Description |
---|---|
name |
Optional string attribute. Specifies the name of the custom provider that will be used as the default for FTP authorization. |
enabled |
Optional Boolean attribute. Enables the custom provider to be used as the default for FTP authorization. The default is True . |
Child Elements
N/A
Configuration Sample
The following sample displays a <provider> element.
Configuration Samples
The following sample displays a <customAuthorization>
element with a <provider>
child element:
<siteDefaults>
<ftpServer>
<security>
<customAuthorization>
<provider name="MyProvider" enabled="true" />
</customAuthorization>
</security>
</ftpServer>
</siteDefaults>
Sample Code
The following code samples configure a default custom FTP authorization provider.
AppCmd.exe
appcmd.exe set config -section:system.applicationHost/sites /siteDefaults.ftpServer.security.customAuthorization.provider.name:"MyCustomProvider" /commit:apphost
appcmd.exe set config -section:system.applicationHost/sites /siteDefaults.ftpServer.security.customAuthorization.provider.enabled:"True" /commit:apphost
Note
You must be sure to set the commit parameter to apphost
when using AppCmd.exe to configure these settings. This commits the configuration settings to the appropriate location section in the ApplicationHost.config file.
C#
using System;
using System.Text;
using Microsoft.Web.Administration;
internal static class Sample {
private static void Main() {
using(ServerManager serverManager = new ServerManager()) {
Configuration config = serverManager.GetApplicationHostConfiguration();
ConfigurationSection sitesSection = config.GetSection("system.applicationHost/sites");
ConfigurationElement siteDefaultsElement = sitesSection.GetChildElement("siteDefaults");
ConfigurationElement ftpServerElement = siteDefaultsElement.GetChildElement("ftpServer");
ConfigurationElement securityElement = ftpServerElement.GetChildElement("security");
ConfigurationElement customAuthorizationElement = securityElement.GetChildElement("customAuthorization");
ConfigurationElement providerElement = customAuthorizationElement.GetChildElement("provider");
providerElement["name"] = @"MyCustomProvider";
providerElement["enabled"] = true;
serverManager.CommitChanges();
}
}
}
VB.NET
Imports System
Imports System.Text
Imports Microsoft.Web.Administration
Module Sample
Sub Main()
Dim serverManager As ServerManager = New ServerManager
Dim config As Configuration = serverManager.GetApplicationHostConfiguration
Dim sitesSection As ConfigurationSection = config.GetSection("system.applicationHost/sites")
Dim siteDefaultsElement As ConfigurationElement = sitesSection.GetChildElement("siteDefaults")
Dim ftpServerElement As ConfigurationElement = siteDefaultsElement.GetChildElement("ftpServer")
Dim securityElement As ConfigurationElement = ftpServerElement.GetChildElement("security")
Dim customAuthorizationElement As ConfigurationElement = securityElement.GetChildElement("customAuthorization")
Dim providerElement As ConfigurationElement = customAuthorizationElement.GetChildElement("provider")
providerElement("name") = "MyCustomProvider"
providerElement("enabled") = true
serverManager.CommitChanges
End Sub
End Module
JavaScript
var adminManager = new ActiveXObject('Microsoft.ApplicationHost.WritableAdminManager');
adminManager.CommitPath = "MACHINE/WEBROOT/APPHOST";
var sitesSection = adminManager.GetAdminSection("system.applicationHost/sites", "MACHINE/WEBROOT/APPHOST");
var siteDefaultsElement = sitesSection.ChildElements.Item("siteDefaults");
var ftpServerElement = siteDefaultsElement.ChildElements.Item("ftpServer");
var securityElement = ftpServerElement.ChildElements.Item("security");
var customAuthorizationElement = securityElement.ChildElements.Item("customAuthorization");
var providerElement = customAuthorizationElement.ChildElements.Item("provider");
providerElement.Properties.Item("name").Value = "MyCustomProvider";
providerElement.Properties.Item("enabled").Value = true;
adminManager.CommitChanges();
VBScript
Set adminManager = CreateObject("Microsoft.ApplicationHost.WritableAdminManager")
adminManager.CommitPath = "MACHINE/WEBROOT/APPHOST"
Set sitesSection = adminManager.GetAdminSection("system.applicationHost/sites", "MACHINE/WEBROOT/APPHOST")
Set siteDefaultsElement = sitesSection.ChildElements.Item("siteDefaults")
Set ftpServerElement = siteDefaultsElement.ChildElements.Item("ftpServer")
Set securityElement = ftpServerElement.ChildElements.Item("security")
Set customAuthorizationElement = securityElement.ChildElements.Item("customAuthorization")
Set providerElement = customAuthorizationElement.ChildElements.Item("provider")
providerElement.Properties.Item("name").Value = "MyCustomProvider"
providerElement.Properties.Item("enabled").Value = true
adminManager.CommitChanges()
PowerShell
Set-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.applicationHost/sites/siteDefaults/ftpServer/security/customAuthorization/provider" -name "name" -value "MyCustomProvider"
Set-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.applicationHost/sites/siteDefaults/ftpServer/security/customAuthorization/provider" -name "enabled" -value "True"
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for