.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal

Home >> Articles >> SharePoint >> Post New Resource Bookmark and Share   

 Subscribe to Articles

Configuring multiple authentication providers in SharePoint 2010

Posted By:Sunil Yadav       Posted Date: October 25, 2010    Points: 50    Category: SharePoint    URL: http://www.dotnetspark.com  

This article explains how we can configure multiple authentication providers using claim based authentication in SharePoint 2010.

SharePoint 2010 has classic mode and claim based authentication. When creating a web application user has choice to select authentication for the application as shown in the below figure.

Types of Authentication in SharePoint 2010

1.  Classic Mode Authentication


2.  Claims Based Authentication

When an application uses claim based authentication, SharePoint 2010 converts all the Windows accounts or forms based membership account into claims identities.

These claims are then used for authenticating and authorizing user.

In SharePoint 2007 we need to extend the web application in order to implement multiple authentication providers in the same web application i.e. when an application requires the user authentication from AD for intranet users and authentication from Membership provider database for external user. SharePoint 2010 provides a greater flexibility to implement multiple authentication providers within the same web application by implementing a Claim based authentication.

Setup membership database for forms authentication.

Open command prompt and navigate to the path %windir%\Windows\Microsoft.NET\Framework\v2.0.50727. Run the command aspnet_regsql.exe to create a Membership database as shown below.

Follow the wizard.

Select "Configure SQL Server for application services" to create a new membership database.

Select the SQL server name, database to create a membership database and credentials to connect to database.

In the below figure I have selected a database as default which creates a default database i.e. aspetdb.

You can also use existing database in order to implement membership in the existing database.

Click next and finish the wizard to create a membership database.

Once done with creating database, add users in the membership database.

To setup multiple authentication mode for the application we need to select claims based authentication as classic mode has only support for windows authentication.

Create a WebApplication

Go to a Central Admin Application Management  a Manage Web Applications Select new from the ribbon to create a new web applicationàSelect Claims Based Authentication

Choose Windows Authentication and Forms Authentication. Enter Membership and Role provider name as shown below.

Add the membership and role provider entries in the web.config file in the below application.

·  Central Administration: Since the central admin site will be used for creating a user policy for web application.

·  SecurityTokenServiceApplication (http://mossserver:1111/SecurityTokenServiceApplication/securitytoken.svc ): Since forms based authentication is implemented using claims, the service token service needs to be aware of membership and role provider.

·  Web application: The web application which will be authenticating users using membership provider.

Add the following setting in the web.config files for the above mentioned applications.
You can also modify these entries using IIS or manually edit the web.config files.

1.  Modify ConnectionString


2.  Add Membership and Role provider entries.


3.  Add the Membership and Role provider entries in the People Picker (Do not add  PeoplePicker entry in the SecurityTokenServiceApplication).


Create a Policy for Web Application

Navigate to central administration and under the Application Management select Manage WebApplication.
Click on User policy for web as shown in the below figure.

Select Add Users from the Policy for Web Application,

Select Zone to add the security policy.

Select the user from people picker to grant permission on the web application.

Create a site collection

Here we will be creating a site collection in the web application created earlier.

Enter the details as shown below. Now here we can use users from membership which we have setup earlier.

Navigate to the site and select Forms Authentication as shown below.

Enter user name and password for the FBA user.

Happy SharePointing!!!!!


 Subscribe to Articles


Further Readings:


No response found. Be the first to respond this post

Post Comment

You must Sign In To post reply
Find More Articles on C#, ASP.Net, Vb.Net, SQL Server and more Here

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend