SharePoint 2010 has classic mode and claim based authentication. When
creating a web application user has choice to select authentication for the
application as shown in the below figure.
Types of Authentication in SharePoint 20101.
Classic Mode Authentication
Claims Based Authentication
an application uses claim based authentication, SharePoint 2010 converts all the
Windows accounts or forms based membership account into claims
These claims are then used for authenticating and authorizing
In SharePoint 2007 we need to extend the web application in order to
implement multiple authentication providers in the same web application i.e.
when an application requires the user authentication from AD for intranet
users and authentication from Membership provider database for external
user. SharePoint 2010 provides a greater flexibility to implement multiple
authentication providers within the same web application by implementing a Claim
Setup membership database for forms
Open command prompt and navigate to the path
%windir%\Windows\Microsoft.NET\Framework\v2.0.50727. Run the command
aspnet_regsql.exe to create a Membership database as shown below.
Select "Configure SQL Server for application services
" to create a new membership
the SQL server name, database to create a membership database and credentials to
connect to database.
In the below figure I have selected a database as
default which creates a default database i.e. aspetdb.
You can also
use existing database in order to implement membership in the existing
next and finish the wizard to create a membership database.
Once done with
creating database, add users in the membership database.
To setup multiple
authentication mode for the application we need to select claims based
authentication as classic mode has only support for windows authentication.
Create a WebApplication
Go to a Central Admin
Application Management a Manage Web Applications Select new from the ribbon to
create a new web applicationÃƒÂ Select Claims Based Authentication
Windows Authentication and Forms Authentication. Enter Membership and Role
provider name as shown below.
Add the membership and role provider entries in the
web.config file in the below application.
: Since the central admin site will be used for creating a
user policy for web application.
): Since forms based authentication is implemented using claims, the service
token service needs to be aware of membership and role provider.
: The web application which will be authenticating users using
Add the following setting in the web.config files
for the above mentioned applications.
You can also modify these entries using
IIS or manually edit the web.config files.
2. Add Membership and Role provider
3. Add the Membership and Role provider
entries in the People Picker (Do not add PeoplePicker entry in the
Create a Policy for Web Application
central administration and under the Application Management select Manage
Click on User policy for web as shown in the below
Add Users from the Policy for Web Application,
Zone to add the security policy.
the user from people picker to grant permission on the web
Create a site collection
Here we will be creating a
site collection in the web application created earlier.
the details as shown below. Now here we can use users from membership which we
have setup earlier.
to the site and select Forms Authentication as shown below.
user name and password for the FBA user.