Configuring SharePoint 2013 Form Based Authentication .
STEPS TO CONFIGURE FBA IN SHARE POINT 2013
b) By default, you will see a <connectionStrings/> node within <configuration> node. Specify the connection string to the database which has been created in the previous section. Please see the image below:
This article explains step by step information on configuring Form Based Authentication (FBA) in SharePoint 2013.
This article would be useful for developers/designers/architects and those who want to implement form based authentication (FBA) for their SharePoint 2013 sites as a business requirement.
We cannot use the classic / basic claimed based authentication for all business scenarios. I was recently working on a consumer portal or product selling site where form based authentication is most appropriate. This article resolves authentication issues by configuring a SharePoint 2010 site with form based authentication.STEPS TO CONFIGURE FBA IN SHARE POINT 2013
Below are the steps required to configure FBA in SharePoint 2013. I will be using MS SQL database as membership store for users.
A) Setting up ASP.NET Forms Authentication User and Role Data Source
1. Create Database
2. Configure Membership and Role Provider
3. Create User
B) Create Web Application and Site Collections
C) Configure Web.Config file
1. Configuring Security Token Service web.config file
2. Configuring Central Administration web application web.config file
3. Configuring FBA web application web.config file
D) Adding User Policy to the FBA Web Application
E) Verification Steps
A) Setting up ASP.NET Forms Authentication User and Role Data Source
1. Create Database
To create database, Microsoft has provided a tool/ utility called
aspnet_regsql.exe that creates a database for us. This utility can be found in %windir%\Microsoft.Net\Framework64\v2.0.50727 folder. Please see the image below:
Executing aspnet_regsql.exe file will open ASP.Net SQL Setup wizard that will walk through creating the ASP.Net database. I have added the database name as FBANetDB and configured it for windows authentication. Please see the image below:
Click on Next button. Please see the image below:
Select Configure SQL Server for application services option and click Next button. Please see the image below:
Click Next button. Now the database FBANetDB is created successfully. Please see the image below:
Verify in SQL SERVER Database Created or not .....
2. Configure Membership and Role Provider
In the previous section, database is created successfully. Now we need to add a user in to database. Using ASP.NET Configuration Wizard, users can be added the database. This can be achieved by creating web site that will allow us to add the users and roles and also ensure the database connection strings, membership and role providers are correctly configured before we bring SharePoint in to equation.
Below steps explains creating web site and configuring membership and role providers and executing ASP.Net Configuration Wizard.
a) Open Visual Studio 2012 and select File ? New ? Web Site. In the New Web Site dialog, select the ASP.Net Web Site template and enter the location to store the web site files. Please see the image below:
You can choose any location whichever is comfortable for you. web.config file will be added to project automatically.
b) By default, you will see a <connectionStrings/> node within <configuration> node. Specify the connection string to the database which has been created in the previous section. Please see the image below:
I have mentioned server as TEST_WEU. This is the server in which SQL Server 2008 is installed. Please mention the respective server name.
Also add the membership provider and role provider within <system.web> tag. See the below image for more information.
c) Save web.config file and launch the ASP.Net Configuration Wizard by clicking on Website ? ASP.Net Configuration. Please see the image below:
d) Set the authentication type in the above wizard. To do this, click Security link. In the Security tab, under Users section, click Select authentication type link. Select From the internet option and press Done button which is available in the bottom right corner. By selecting this option, which means that site will use form authentication to identify users. Please see the image below:
e) To test the membership and role providers, click on Provider tab. In the Provider tab, click on Select a different provider for each feature (advanced) link. Select right / correct membership and role provider and click Test link to ensure that providers are communicating to right database.
At this point, we configured web.config file with connection string and providers information. Also we tested the providers with the database. Next section will explain adding users to database.
3. Create User
a) To add users, click on Security tab. In Security tab, under Users section, click Create user link. Here I am adding user as testFBA and password as password which will be used for testing form authentication later. Please see the image below:
Now we have created a user successfully. Do not worry about creating roles at this time and will be explained later.
B) Create Web Application and Site Collection
Follow the below steps to create web application and site collection.
a. Go to Central Administration ? Application Management ? Select ‘Manage Web Application’ link present under ‘Web Applications’ section.
b. Click on ‘New’ option in the ribbon.
1. See the below image for ‘Authentication’ and ‘IIS Web Site’ section.
Create Site Collection after creating web application. Select the template whichever you want to create site collection.
C) Configure Web.Config file
1. Configuring Security Token Service web.config file
Open Security Token Service web.config file from %Program Files%\Common Files\Microsoft Shared\web server extensions\14\Web Services\SecurityToken location and add the below entries.
a. Add Connection String. Connection String has to be added above
<system.web> tag. See the below image for more information.
<!--FormBsed Authentication strarts-->
<!--Sql MemberShip -->
<system.web>
<authentication mode="Windows"/>
<membership>
<providers>
<add connectionStringName="FBAConnectionString" applicationName="/" name="Ext" type="System.Web.Security.SqlMembershipProvider, System.Web,
 Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</membership>
<!--Sql RolesProvider Starts-->
<roleManager>
<providers>
<add connectionStringName="FBAConnectionString" applicationName="/" name="ExtRole" type="System.Web.Security.SqlRoleProvider, System.Web,
 Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
2. Configuring Central Administration web application web.config file
Open Central Administration web application web.config file and add the below entries.
a. Add Connection String. Connection String has to be added after </SharePoint> and before <system.web> tag. See the below image for more information.
b. Add Membership Provider and Role Provider
<!--FormBsed Authentication strarts-->
<!--Sql MemberShip -->
<system.web>
<authentication mode="Windows"/>
<membership>
<providers>
<add connectionStringName="FBAConnectionString" applicationName="/" name="Ext" type="System.Web.Security.SqlMembershipProvider, System.Web,
 Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</membership>
<!--Sql RolesProvider Starts-->
<roleManager>
<providers>
<add connectionStringName="FBAConnectionString" applicationName="/" name="ExtRole" type="System.Web.Security.SqlRoleProvider, System.Web,
 Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
c. Add key for users to add
3. Configuring FBA web application web.config file
Open FBA web application web.config file and add the below entries.
a. Add Connection String. Connection String has to be added after </SharePoint> and before <system.web> tag. See the below image for more information.
b. Add Membership Provider and Role Provider
<membership defaultProvider="i">
<providers>
<add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" connectionStringName="LocalSqlServer" enablePasswordReset="false" enablePasswordRetrieval="false" passwordFormat="Clear" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" />
<add name="Ext" type="System.Web.Security.SqlMembershipProvider, System.Web,
 Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="FBAConnectionStringNCGF" applicationName="/" enablePasswordReset="false" enablePasswordRetrieval="false" passwordFormat="Clear" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" />
</providers>
</membership>
<roleManager cacheRolesInCookie="false" defaultProvider="c" enabled="true">
<providers>
<add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
<add connectionStringName="FBAConnectionStringNCGF" applicationName="/" name="ExtRole" type="System.Web.Security.SqlRoleProvider, System.Web,
 Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
c. Add key for users to add
save and close all the config files
Test the FBA
Go to centralAdministration--->Application Management-----> select you newly created WebApplication ---> In Ribbon select Authentication Providers
select your zone
Enter the details of Membership provider and Roles Providers
Click save and close..
now the enter the webapplication url in browser
you will see the form based Authentication login
that's all
Hope you understand ......................... Easy
References:
http://www.codeproject.com/Articles/352841/How-to-Configure-Form-Based-Authentication-FBA-in
No comments:
Post a Comment