Form Based Authentication in Sharepoint 2007

Steps to configure Form based authentication in MOSS 2007:

  • Creating the SQL database
  • Creating the users in SQL database
  • Creating two sharepoint sites (one is web application and other extending the web application)
  • Configure membership, role provider and connection string in both web.config files of the Sharepoint site
  • Configure authentication type in central administration

We will discuss all the above point in detail

Creating the SQL database

To create SQL database Microsoft has provided a utility called  aspnet_regsql.exe, browse to the location C:WINDOWSMicrosoft.NETFrameworkv2.0.50727

aspnet_regsql utility for creating SQL database
aspnet_regsql utility for creating SQL database
Creating SQL database
Creating SQL database
Creating SQL database
Creating SQL database
Creating SQL database
Creating SQL database

Creating the users in SQL database

To create users in SQL database first of all create one ASP.NET web application using Visual Studio 2005, open Visual Studio 2005, then click on.

File > New > Website

Select the ASP.NET website and click OK

Creating ASP.NET web application
Creating ASP.NET web application

To add the web.config file, right click on the project name in solution explorer select add new item, select web configuration file and then Add

or

Press F5 to automatically adding the web.config file to the project

Add the connection string in the web.config file

<!–Connection String Starts–>
<connectionStrings>
<add name=”Fbadb_sqlConnectionString”
connectionString=”uid=sa;pwd=sa;
Initial Catalog=FBADB;
Data Source=fivenumber” />
</connectionStrings>
<!–Connection String Ends–>

<system.web>

<!–Membership Provider Starts–>
<membership defaultProvider=”Fbadb_ASPNETSqlMembershipProvider”>
<providers>
<add name=”Fbadb_ASPNETSqlMembershipProvider”
type=”System.Web.Security.SqlMembershipProvider,
System.Web, Version=2.0.0.0,
Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a”
connectionStringName=”Fbadb_sqlConnectionString”
enablePasswordRetrieval=”false”
enablePasswordReset=”true”
requiresQuestionAndAnswer=”true”
applicationName=”/”
requiresUniqueEmail=”false”
passwordFormat=”Hashed”
maxInvalidPasswordAttempts=”5″
minRequiredPasswordLength=”1″
minRequiredNonalphanumericCharacters=”0″
passwordAttemptWindow=”10″
passwordStrengthRegularExpression=””/>
</providers>
</membership>
<!–Membership Provider Ends–>

<!–Role Provider Starts–>
<roleManager enabled=”true” defaultProvider=”Fbadb_ASPNETSqlRoleProvider”>
<providers>
<add name=”Fbadb_ASPNETSqlRoleProvider”
connectionStringName=”Fbadb_sqlConnectionString”
applicationName=”/”
type=”System.Web.Security.SqlRoleProvider,
System.Web,Version=2.0.0.0,
Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a”/>
</providers>
</roleManager>
<!–Role Provider Ends–>

As show in the below image

Web configuration file
Web configuration file

Save the web.config file and run ASP.NET configuration wizard by clicking on Website menu and click ASP.NET Configuration

ASP.NET Configuration wizard
ASP.NET Configuration wizard
ASP.NET Configuration wizard
ASP.NET Configuration wizard

To test the Membership and Role provider click provider tab and then click on Select a different provider for each feature (advanced)

Select your Membership provider name and click on Test link

ASP.NET Configuration wizard - Testing the Membership and Role Provider
ASP.NET Configuration wizard – Testing the Membership and Role Provider

If you can see the message like ‘Successfully established a connection to the database’ think that the communication between the interface and database is successfull

Now go on to create the user

Click on the Security tab of ASP.NET web site administration tool, under Users section click the link Select authentication type and select the radio button From the internet click Done

Then, again click on Security tab click on Create user fill the appropriate fields

Creating the user
Creating the user

Creating two sharepoint sites (one is web application and other extending the web application)

Go to Central Administration > Application Management > Create or Extend Web Application > Create New Web Application

Fill the appropriate fields

Creating the web application
Creating the web application

Create a site collection by choosing a template (team site, collaboration portal etc)

After creating the Top Level Site Successfully

Now, Extend the web application

Go to Central Administration > Application Management > Create or Extend Web Application > Extend Web Application to Another IIS Web Site

Extending web application
Extending web application

After Extending the web application, now we should configure connection string in web.config file’s of sharepoint site (web application and extended application) by adding the connecton string tag exactly below the </configSections> tag and above the <sharepoint> tag (Note: Change the Data Source name according to your database servername)

<connectionStrings>
<add name=”FBA_sqlConnectionString” connectionString=”uid=sa;pwd=sa;Initial Catalog=FBADB;Data Source=fivenumber” />
</connectionStrings>

See the image below:

Web Configuration File of web application 1
Web Configuration File of web application

Confiure Membership and Role provider in both the sharepoint sites (web application and extended application)

Search for the machinekey tag (<machineKey validationKey=”79DDCD075B91C0B088FA25244D65D0745641F91E8A823392″
decryptionKey=”C855BB4C77B455A6706638B8A9D1439B5BB0F3612F2F9DCA” validation=”SHA1″ />)

Copy and paste the below tags exactly after the machinekey tag

<!–Membership provider starts–>
<membership defaultProvider=”Fbadb_ASPNETSqlMembershipProvider”>
<providers>
<add name=”Fbadb_ASPNETSqlMembershipProvider”
type=”System.Web.Security.SqlMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a”
connectionStringName=”FBA_sqlConnectionString”
enablePasswordRetrieval=”false”
enablePasswordReset=”true”
requiresQuestionAndAnswer=”true”
applicationName=”/”
requiresUniqueEmail=”false”
passwordFormat=”Hashed”
maxInvalidPasswordAttempts=”5″
minRequiredPasswordLength=”1″
minRequiredNonalphanumericCharacters=”0″
passwordAttemptWindow=”10″
passwordStrengthRegularExpression=”” />
</providers>
</membership>
<!–Membership provider starts–>
<!–Role provider starts–>
<roleManager enabled=”true” defaultProvider=”Fbadb_ASPNETSqlRoleProvider”>
<providers>
<add name=”Fbadb_ASPNETSqlRoleProvider”
connectionStringName=”FBA_sqlConnectionString”
applicationName=”/”
type=”System.Web.Security.SqlRoleProvider,
System.Web,Version=2.0.0.0,
Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a” />
</providers>
</roleManager>
<!–Role provider ends–>

See the below image:

Configuring Membership and Role Provider
Configuring Membership and Role Provider

Configure the authentication type in central administration

Go to Central Administration > Application Management > Authentication Providers

Click on the extended web application (2nd in the row) enter the Membership provider name and Role provider name as shown in the below image:

Configuring Authentication Type
Configuring Authentication Type

Now, add the user in the web application  (which you have created in SQL database) in Site Settings > Permissions > Add Users

Try to access the extended form based authentic web application

Form based authentication - SQL login
Form based authentication – SQL login