Apr 28, 2010

SharePoint Extranet Website using Form Based Authentication (FBA) via SQL Database User Store

Develop Content Management, Business Process Management, etc application onto the SharePoint Site, and the site by default is available via intranet using Active Directory user authentication.

We can go ahead and expose the application on intranet site to the external word i.e. extranet or anonymous user via provisiong a extranet site on top of the existing intranet site. The extranet site can leverage authentication using Form Based Authetication (FBA) mechanism via SQL database as the user store.

Implementation Steps:

1.  Double click C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe and follow the wizard. By default, ASPNET_RegSQL.exe will be using the ‘aspnetdb’ database for storing user data.

2.  Use Asp .Net WebSite Administration Tool to access the aspnetdb created in above step.

Under the website menu, select the option for ASP.NET Configuration.

3.  Modify/Replace connection string and membership provider in the web.config (replace connection string and System.web) by value shown below

<connectionStrings>
<add name="SP_FBA_DB_SQL_CONN_STRING" connectionString="server=2003Server\SQLEXPRESS; database=BP_FBA_DB; Integrated Security=SSPI;" providerName="System.Data.SqlClient" />
</connectionStrings>

<system.web>
<membership defaultProvider="SP_FBA_DB_AspNetSqlMembershipProvider">
<providers>
<add name="SP_FBA_DB_AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="SP_FBA_DB_SQL_CONN_STRING" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="/" requiresUniqueEmail="false"
passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""
/>
</providers>
</membership>

<roleManager enabled="true" defaultProvider="SP_FBA_DB_AspNetSqlRoleProvider">
<providers>
<add name="SP_FBA_DB_AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="SP_FBA_DB_SQL_CONN_STRING" applicationName="/" />
</providers>
</roleManager>

4. Create user FBA_Admin in fba database and users (optional), using the step 2

5. Go to Central Admin in SharePoint

6. Create New Web Application for Intranet

7. Create Site collection using publishing portal template

8. Extend created web application and change zone to extranet

9. Change Web.config for Central Admin, and both web apps created Please Note Central Admin config uses

<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider">
<connectionStrings>
<add name="SP_FBA_DB_SQL_CONN_STRING" connectionString="server=2003Server\SQLEXPRESS; database=BP_FBA_DB; Integrated Security=SSPI;" providerName="System.Data.SqlClient" />
</connectionStrings>

<system.web>
<membership defaultProvider="SP_FBA_DB_AspNetSqlMembershipProvider">
<providers>
<add name="SP_FBA_DB_AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="SP_FBA_DB_SQL_CONN_STRING" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="/" requiresUniqueEmail="false"
passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""
/>
</providers>
</membership>

<roleManager enabled="true" defaultProvider="SP_FBA_DB_AspNetSqlRoleProvider">
<providers>
<add name="SP_FBA_DB_AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="SP_FBA_DB_SQL_CONN_STRING" applicationName="/" />
</providers>
</roleManager>

10. Go to Central Administration > Application Management > Authentication Providers Change Extranet to:





11. Go to Central Administration > Application Management > Site Collection Owners

       Add FBA_Admin as secondary site collection administrator



12. Test Sites, by login to intranet and extranet sites


13. Last but not the Least

       Manage FBA Users via WebParts on your Extranet Site



References:

3 comments:

Anonymous said...

Good post and this enter helped me alot in my college assignement. Thanks you seeking your information.

Anonymous said...
This comment has been removed by a blog administrator.
Anonymous said...
This comment has been removed by a blog administrator.

Pages