.NET Authentication Extensions

Use this type of extension to implement any authentication scheme. .NET Authentication Extensions are known as authenticators. The server calls methods in your class to find out whether or not a particular user-name/password combination or user/public key combination is valid. Your class can do whatever it needs to do to work out whether or not it is valid, such as calling a webservice or invoking an RPC.

Creating a .NET Authentication Extension

General instructions on building CompleteFTP .Net extensions may be found here.

.NET Authentication Extension classes must extend EnterpriseDT.Net.FtpServer.Core.Authenticator.

CompleteFTP includes a number of predefined authenticators, such as the external database authenticator, the gateway authenticator (Enterprise MFT only), the automatic Windows users (AWU) authenticator, and the SAML single sign-on authenticator.

Note that the order of precedence for authentication is as follows:

  1. users explicitly defined within CompleteFTP (both non-Windows and Windows).
  2. external database users, gateway users, SAML single sign-on users, and custom authentication extensions
  3. automatic Windows users (AWU).

So if a user is explicitly defined in CompleteFTP and also in an extension, then the extension will never be used to authenticate the user.

When a .NET Authentication Extension is used, the defaultExtension user (which may be found in Users panel and by selecting "Show system users/folders/sites" in the main form's Options menu) is used as a template for user details once login has been successful (shown below).

There are two ways to implement a .NET Authentication Extension. The simple .NET Authentication Extension is the most straightforward, and should be attempted first. If more flexibility is required, consider writing an advanced .NET Authentication Extension.

Note that once an authenticator has been written, it must be registered in CompleteFTP with an Extension Type of authenticator. This is done via the CompleteFTP manager. It must then be enabled by selecting the Enabled check box in the General User Settings dialog box, accessible from the Users tab in the manager.

Enable Authenticator