Chaks' Corner

SharePoint and other stuffs

2. May 2010 11:48
by Chaks
2 Comments

FBA in SharePoint 2010 requires claims mode

2. May 2010 11:48 by Chaks | 2 Comments

If you have already set up Forms Based Authentication(FBA) in SharePoint 2010 public beta, you would have noticed not much of a change from SharePoint 2007. As you are aware, SharePoint 2010 includes new authentication model called Claims Based authentication. You can read more about this here. Since the SharePoint 2010 RTM, FBA now requires claims mode set up for the web application. Your membership provider and role provider now acts as the Identity Provider.

 

So, if you go to your web application settings, and choose to edit the Authentication Providers, you will notice the following:

 

image

 

Notice that there is a help on how to enable Forms Based Authentication in claims mode. You can click on it to read more about how to set up FBA.

 

Here is a simple PowerShell script which changes the web app’s authentication mode to claims based:

 

$webApp = Get-SPWebApplication “/">http://<web-app>/

$webApp.UseClaimsAuthentication = "True";

$webApp.Update();

$webApp.ProvisionGlobally();

 

Once you have executed the above PowerShell script, if you go to your web app’s authentication provider settings, you should see:

 

image

 

Clicking on Default, you will be able to select your identity provider for the claims based authentication:

 

image

 

If you are creating a new web app, you can initially choose which authentication mode you want:

 

image

 

You can refer more to this blog post by Steve on setting up FBA in SP2010: http://bit.ly/a5WhlE (or) this MSDN article: http://bit.ly/bUYvjC

Comments (2) -

Neel
Neel
7/24/2010 9:05:59 AM

Chakradeep,

I followed the steps in settingup FBA, created db, role, providers in central admin as well as security token, add users added roles, authentication. then created web application with claims and did the same set up for the new site collection

Now when i try to open the page, it comes with default sign in, i have already added forms users, i tried to select forms entered useri and pwd, i get the below error, can you provide me some clues on what went wrong in my set up

Neel

Server Error in ‘/’ Application.
——————————————————————————–
Server Error in ‘/’ Application.
The remote server returned an error: (404) Not Found.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Net.WebException: The remote server returned an error: (404) Not Found.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[WebException: The remote server returned an error: (404) Not Found.]
System.Net.HttpWebRequest.GetResponse() +1126
System.ServiceModel.Channels.HttpChannelRequest.WaitForReply(TimeSpan timeout) +81

[EndpointNotFoundException: There was no endpoint listening at http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.]
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) +10258154
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) +539
Microsoft.IdentityModel.Protocols.WSTrust.IWSTrustContract.Issue(Message message) +0
Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr) +61
Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst) +36
Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo) +26062081
Microsoft.SharePoint.SPSecurityContext.SecurityTokenForFormsAuthentication(Uri context, String membershipProviderName, String roleProviderName, String username, String password) +172
Microsoft.SharePoint.IdentityModel.Pages.FormsSignInPage.GetSecurityToken(Login formsSignInControl) +188
Microsoft.SharePoint.IdentityModel.Pages.FormsSignInPage.AuthenticateEventHandler(Object sender, AuthenticateEventArgs formAuthenticateEvent) +123
System.Web.UI.WebControls.Login.AttemptLogin() +152
System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +124
System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +70
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +29
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2981
——————————————————————————–
Version Information: Microsoft .NET Framework Version:2.0.50727.4927; ASP.NET Version:2.0.50727.4927

Pavel Novotny
Pavel Novotny
7/27/2010 12:46:59 AM

If you want to use ready-made solutions for the management of FBA users, you should take a look here:

www.devit.eu/.../...orms-based-authentication.aspx

Comments are closed