There are not a lot of differences with configuring FBA for SharePoint 2010 compared to 2007, but there are a few.  For instance, SharePoint 2010 no longer supports “classic FBA”, rather forms based authentication is provided through Claims Authentication.  There is also the introduction of the Secure Store Service which is the next-gen of the Single Sign On service of old.

Both of these come into play when configuring Forms Based Authentication.

1 . Configure SQL for membership store

The membership store is still created using the ASP.NET SQL Server Setup Wizard.  This is launched from the .NET 2.0 Framework folder on the server at:

C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe

This wizard will take you thorough the steps and will build out the SQL database for you.




2. Configure Central Admin Web Site to use SQL Membership Provider

SharePoint web sites out of the box are configured to use Active Directory.  So you may be wondering why we’re configuring Central Admin to use FBA when we don’t really want to login in as an FBA user.  Well, we actually don’t want to configure it to to login as a forms user, but we do need to be able to add users from out membership database when configuring site collection admins, and the like.

So all we want to do is tell the Central Admin web application to use our SQL membership provider as well as AD, so when you use the people picker to select users, it will provide results from our membership database.

Open IIS Manager and locate central administration site


Open the Connection Strings Page.  Under Actions menu on the right, select Add… to create a new connection string.  Provide the details for the membership database for the new connection string.



Add Role Provider

Go back to the Web Application page and open up Providers page.  Here we will create a provider for Roles and Users.  Set feature to .NET Roles and click Add… in the Actions pane to add a new role provider.  I called it FBARoleProvider and selected the right type and connection string.



Add Membership Provider

Now set feature to .NET Users and click Add… from the actions pane to add a membership provider.


Select the correct type and connection string, and whatever behaviors you choose.

That’s it for the providers for Central Admin.

To verify that all looks ok, we can check the web.config of the web application.  To get to the right web.config, right-click on the web application under sites, and select Explore.




3 . Configure Secure Store Web Service to use SQL Membership Provider

Everything we did for Central Admin site, we are going to do for theSecurityTokenServiceAppliaation which is in the SharePoint Web Services application.


4. Create Extranet Web Application

Ok, finally we are ready to create our web application (called SharePoint – FBA) that will use FBA authentication.

In Central Admin, Select the Application Management page, and select Manage web applications.  Select New from the ribbon to create a new web application.

Select Claims Based Mode Authentication as Authentication Type. Allow anonymous access and select values for all the other options until you get to the “Enable Forms Based Authentication“.

Add the values we created earlier in the section “Enable Forms Based Authentication” for role and membership provider.



You can specify your custom login page, I will do in later posts.



Click ok and application will be created.

So now our application has been created but we need to configure the same roles and membership providers for this application too, previously we did for only central administration.


So our new web application is here in IIS manager, I will configure it with roles and members


Add a new connection string


Open the .NET Roles page for our web application.  You will receive a warning that the default role provider is not trusted.  There is a pre-configured SharePoint related role and membership is available, so we don’t need to create our own.



Now create some new roles and user for our web application


When u try to open new roles you will see following error message, simple ignore it


We do not have any roles in our database at this point, so let’s create two (StandardUser, SuperUser) by clicking Add… in the actions pane.


Now we need to do the same for .NET Users.  Open the .NET Users page.  You will get a similar warning saying the default is not trusted.  Assuming you don’t let’s add some.  Click Add… from the Actions pane to add users, and assign them roles.



Now create and open the site collection



After creating a new site collection when u open it you will see the following screen


As we have created a user in sql server database and that user is site collection administrator, so use for based authentication.



So you have been logged in with sql server user. That’s it.


Advertisements

hi

today i am going to setup Form based authentication, i have already completed that but now i will do this in IIS 7.5, so i will be skipping some steps. if you want to have a look at that, please https://shafaqat309.wordpress.com/2011/01/15/forms-authenticationwssmoss/

first of all create new database using aspnet_regiis tool

i am naming it “FBA”

open IIS and open the settings if Central Administration Web Application.

first of all set the connection string

now move to “Providers”  select “.Net Users” from the feature drop-down, name it “FBAUserProvider” and select your preferred settings.

once done then select  “.Net Roles” from the feature drop-down and configure the role provider,  i am naming it “FBARoleProvider”

that’ s it for the central admin application now move to new web application that u have created for Forms Based Authentication if u have not created yet then create it now.

create new connection string, user provider and role provider and this time set them as default and enable them.

now move to central admin site and select the application and move to Authentication Providers.

select form based authentication and provide the name of membership  and role provider and save settings.

now create a new user using IIS and add this user to site collection administrator.

now enable form authentication for new web application using IIS

now open new web application

click at the top right corner then u will be navigated to the login page

i will come with another page on how to customize the login page and add own custom application pages. Leave ur comments.

Hi all

Today I will demonstrate how can we enable anonymous access for a sharepoint web applicaqtion, I already have enabled forms authentication and whenever I try to open the web application, following screen comes up that shows I must login to the site to create document libraries and lists.

Follow the steps to enable anonymous access for the web application.

  • Move to central administration
  • Choose correct web application where u want to enable anonymous access, by default central administration web application will be selected, you can change the selected application and then select the membership provider.

click on the provider and edit the settings, you will see the following screen and check “Anonymous Access” check box.

open your web application and login using your site collection administrator account and move to Advance permissions in people and group section, go to settings menu and click “Anonymous access” as per following screen

after clicking you will see following screen and select “Entire Site” and press ok

once it is done you have enabled anonymous access, now open your web application, you will see following screen

Highlighted red section on top right corner shows that you are not logged in to the site and you can access the main site page.

Let me know if you have any question in implementation.