Forms based authentication in SharePoint 2010 - Part 1


In this article we will be seeing how to configure forms based authentication for claims based web application using Active directory provider.

Steps Involved:

  • Create a claim based web application
  • Configure the web.config files
    -> Central Administration Web application web.config file
    -> Forms-based authentication claims-based Web application Web.Config file
    -> Security Token Service web.config file

Create a claim based web application:

  • Go to Central Administration =>Application Management => Manage web applications.
  • In the Contribute group click on New.

    1.gif
     
  • In the Authentication section of the Create New Web Application dialog box, click Claims Based Authentication.

    2.gif
     
  • In the Claims Authentication Types section, select Enable Forms Based Authentication (FBA).
  • Type a membership provider name.
  • Click OK to create the Web application.

    3.gif

Configure the web.config files:

  • The Central Administration Web application Web.Config file.
  • The forms-based authentication claims-based Web application Web.Config file.
  • The Security Token Service Web.Config file.

Central Administration Web application web.config file:

  • Go to Start => Run => inetmgr.
  • Go to Sites => SharePoint Central Administration => Right Click => Explore.

    4.gif
     
  • Open the web.config file.
  • Inside the <configuration></configuration> section add the following entry.

    <connectionStrings>
        <
    add name="adconn" connectionString="LDAP://serverName.atest.btest.et/DC=atest,DC=btest,DC=et" />
      </connectionStrings>
    </
    configuration>
     
  • And also add the following entry.

      <membership defaultProvider="i">
          <providers>
            <
    add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint,Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
            <add name="adMembers" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0,
    Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
    " connectionStringName="adconn" enableSearchMethods="true" attributeMapUsername="sAMAccountName" />
          </providers>
        </
    membership>
     
  • Save and close the web.config file.

Forms-based authentication claims-based Web application Web.Config file:

  • Go to Start => Run => inetmgr.
  • Go to Sites => SharePoint - 2014 => Right Click => Explore.
  • Open the web.config file.
  • Inside the <configuration></configuration> section add the following entry.

    <connectionStrings>
        <
    add name="adconn" connectionString="LDAP://serverName.atest.btest.et/DC=atest,DC=btest,DC=et" />
      </connectionStrings>
    </
    configuration>
     
  • And also add the following entry.

      <membership defaultProvider="i">
          <providers>
            <
    add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
            <add name="adMembers" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="adconn" enableSearchMethods="true" attributeMapUsername="sAMAccountName" />
          </providers>
        </
    membership>

Security Token Service web.config file:

  • Go to Start => Run => inetmgr.
  • Go to Sites => SharePoint Web Services =>Security TokenServiceApplication => Right Click => Explore.
  • Open the web.config file.
  • Inside the <configuration></configuration> section add the following entry.

    <connectionStrings>
        <
    add name="adconn" connectionString="LDAP://serverName.atest.btest.et/DC=atest,DC=btest,DC=et" />
      </connectionStrings>
    </
    configuration>
     
  • And also add the following entry.

    <system.web>
       
    <
    membership defaultProvider="adMembers">
          <providers>
            <
    add name="adMembers"
                 type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral,
    PublicKeyToken=b03f5f7f11d50a3a
    "
                 connectionStringName="adconn"
                 enableSearchMethods="true"
                 attributeMapUsername="sAMAccountName" />
          </providers>
        </
    membership>
      </system.web> 

Policy for Forms-based authentication claims-based Web application:

  • Go to Central administration => Application management => Manage service applications.
     
  • Select the web application (SharePoint - 2014).
     
  • In the Policy group, select User policy.

    5.gif
     
  • Click on Next.
  • In the Choose Users section, click on Browse option to search for the users.

    6.gif
     
  • Search for "sptestuser1" user who belongs to "Forms auth" category.

    7.gif
     
  • Select the User =>Add => OK.
  • Select the option "Full control - Has full control" from Choose permissions section.

    8.gif
     
  • Click on Ok.
  • Click on Finish.
  • You could see the user added as shown in the following.

Testing:

  • Create a site collection for the web application SharePoint - 2014.
  • When you try to access the site collection it will be redirected to the login page.
  • Choose forms authentication.

    9.gif
     
  • Enter the user name and password.

    10.gif
     
  • You are now logged into your site as "sptestuser1", with site administrator privileges.