Elczar Adame's Shared Points on SharePoint


Forms Authentication in MOSS 2007: IFs and WHYs

Part 4 of 4 : Forms Authentication


After the three preparatory steps we have made – database, user, and portal creation – we are now ready to implement forms authentication.

1. We will start by writing additional lines in the web.config file of our Demonstration Portal and SharePoint 3.0 Central Administration.

2. To add some lines in the web.config file of our Demonstration Portal, open C:\Inetpub\wwwroot\wss\VirtualDirectories\5050\web.config.

3. Write the following lines before the <system.web> node:

<connectionStrings>

<remove name=”PointMembership” />

<add name=”PointMembership” connectionString=”data source=Server Name;Integrated Security=SSPI;Initial Catalog=PointMembership” />

</connectionStrings >

NOTE: Notice that the Initial Catalog is the database we have created.

4. Add the following lines inside the <system.web> node of the same web.config file:

<membership defaultProvider=”PublishingMembershipProvider”>

<providers>

<remove name=”PublishingMembershipProvider” />

<add name=”PublishingMembershipProvider”

type=”System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a”

connectionStringName=”PointMembership”

applicationName=”/”

passwordAttemptWindow=”10″

enablePasswordRetrieval=”false”

enablePasswordReset=”true”

requiresQuestionAndAnswer=”true”

requiresUniqueEmail=”false”

passwordFormat=”Hashed”

maxInvalidPasswordAttempts=”5″/>

</providers>

</membership>

<roleManager enabled=”true” defaultProvider=”PublishingRoleProvider”>

<providers>

<remove name=”PublishingRoleProvider” />

<add name=”PublishingRoleProvider”

type=”System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a”

connectionStringName=”PointMembership”

applicationName=”/” />

</providers>

</roleManager>

 

5. Now its time for us to add some lines in the web.config file of our SharePoint 3.0 Central Administration. Let us try to open our Internet Information Services, then right-click SharePoint Central Administration v3, then click Properties. In Home Directory tab, we could now have the path of our SharePoint 3.0 Central Administration.

6. Open the web.config file of our SharePoint 3.0 Central Administration and write the following lines before the <system.web> node:

<connectionStrings>

<remove name=”PointMembership” />

<add name=”PointMembership” connectionString=”data source=Server Name;Integrated Security=SSPI;Initial Catalog=PointMembership” />

</connectionStrings >

7. Add the following lines inside the <system.web> node of the same web.config file:

<membership defaultProvider=”PublishingMembershipProvider”>

<providers>

<remove name=”PublishingMembershipProvider” />

<add name=”PublishingMembershipProvider”

type=”System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a”

connectionStringName=”PointMembership”

applicationName=”/”

passwordAttemptWindow=”10″

enablePasswordRetrieval=”false”

enablePasswordReset=”true”

requiresQuestionAndAnswer=”true”

requiresUniqueEmail=”false”

passwordFormat=”Hashed”

maxInvalidPasswordAttempts=”5″/>

</providers>

</membership>

<roleManager enabled=”true” defaultProvider=” AspNetWindowsTokenRoleProvider”>

<providers>

<remove name=”PublishingRoleProvider” />

<add name=”PublishingRoleProvider”

type=”System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a”

connectionStringName=”PointMembership”

applicationName=”/” />

</providers>

</roleManager>

Notice that the defaultProvider is AspNetWindowsTokenRoleProvider.

WHY AspNetWindowsTokenRoleProvider? It is necessary because our SharePoint 3.0 Central Administration still uses Windows Authentication for the role provider.

8. Now we are going to set the Authentication Provider of our web application. Under the Application Security of our Application Management, click Authentication Providers link. Below is the figure.

 

9. In our Authentication Providers page, set our Web Application to http://servername:5050, then click the Default link. It will redirect us to Edit Authentication page. Below in the Authentication Providers page illustration.

10. In the Edit Authentication page, set the following items, the click Save. Below is the illustration.

a. Web Application – http://servername:5050

b. Zone – Default

c. Authentication Type – Forms

d. Anonymous Access – Enabled

e. Membership Provider Name – PublishingMembershipProvider

f. Role Manager Name – PublishingRoleProvider

g. Client Integration – No

 

11. Lastly, we will change the Primary Site Collection Administrator for our web application which we have created in the previous steps by the user we have created in PointMembership database. Below is the illustration.

 

12. Now we going to do some finishing steps. Let us browse our site at http://servername:5050. We will be prompted by the Sign In page. Log as user we created through ASP .NET Web Site Administration Tool and set as a Primary Site Collection Administrator.

WHY REQUIRED TO SIGN IN? WE HAVE ALREADY ENABLED THE ANONYMOUS ACCESS SETTING? What we have enabled in our previous item is the Internet Information Services anonymous access, or Web Application anonymous access in the field of SharePoint. We have not yet enabled the anonymous access for our site.

13. In the home page of our Demonstration Portal, click Enable Anonymous Access link. We will be redirected to Change Anonymous Access Settings page.

14. In the Change Anonymous Access Settings page, select Entire Web Site, then click OK. Below is the illustration.

 

 

Until now we are still logged as the Primary Site Collection Administrator. Point to Welcome Username link at the upper-right portion of our page, this click Sign Out. And we have already implemented forms authentication in our Demonstration Portal! We could now start implementing some enhancements  – might be in my next post. Hope it helps.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Tag Cloud

%d bloggers like this: