Sharepoint 2013 FBA permission issues

Question

I have implemented a custom FBA solution in SharePoint 2013 
using this link <http://sivarajan.me/post/sharepoint-2013-custom-claims-fba-based-mixed-mode-authentication-part-1>

1)FBA users got "sorry this site has not been shared with you"

i followed the belwo steps and now all fba users can view the site 

On Central Administration, navigate to Application Management -> Under Web Applications: Manage web applications
Select your My Site -web application by clicking it, and open Permission Policy
Click Add Permission Policy Level
Enter at least the Name for your Permission Policy
Select following Permissions:
Create Subsites  -  Create subsites such as team sites, Meeting Workspace sites, and Document Workspace sites.
View Pages  -  View pages in a Web site.
Browse User Information  -  View information about users of the Web site.
Open  -  Allows users to open a Web site, list, or folder in order to access items inside that container.
Leave other parts unmarket and click Save
Make sure your My Site -web application is selected and open User Policy
Click Add Users, and on first view leave Zones: (All zones) selected, then click Next >
On Choose Users -part click Browse (the catalogue type of icon). Click All Users and select Everyone activated. Press Add -> and OK
On Choose Permissions, select the Permission Policy you recently created, and finally click Finish

I have 3 documents libraries directory under the root 

partners.contoso.com/documents1
partners.contoso.com/documents2
partners.contoso.com/documents3 

I have following FBA users test1, test2,test3 

When test1 logs in it should only be able to see documents1 
test2 --> documents2
test3 --> documents3 

I have not implemented the asp.net role manager as I am controlling that in SharePoint user group  

When test1 logs in it is able to view all the document libraries (documents1,documents2,documents3) 

is it because asp.net role  is not implemented ?

Thanks

Answer 1

Is the following your requirement you want to achieve or is there anything you've in place to accomplish this that isn't working in an FBA site?

When test1 logs in it should only be able to see documents1 

test2 --> documents2
test3 --> documents3 

If that's your requirement then you can achieve this using item level permissions on the individual documents to the respective users.

---

These postings are provided "AS IS" with no warranties, and confers no rights.

Answer 2

Do I have  to implement the role class which derives from system.web.security.roleprovider or is it ok that i do not implement role class and use SharePoint security group and add users to that ?

eg 

I have partners.contoso.com 

root level I have 3 document libraries not Folders

walmart

target

costco 

I can access that particular document library directly by using 

http://partners.contoso.com/walmart

http://partners.constoso.com/target .. so on 

I have 100 partners like this , each partner has a document library and should one be able to see his document library (walmart...)

each document library (walmart) contains subfolders and files > 100 files 

so i create a sharepoint group walmart users with read permissions then i go to that particular document library and the stop inheriting parent and only leave walmart users in there and then when I log in FBA using test2 (fba user) then that user should not be able to see the walmart folder because it has unique permissions and only test1 should be able to see that . I have done this in SP2013 so many times and it works but it does not work for FBA users 

Answer 3

I am not 100% sure but I think SharePoint groups themselves are not identities but container of them.  You can implement role provider.  I am positive that should work.

---

These postings are provided "AS IS" with no warranties, and confers no rights.