.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

How to install Claim Based AUthentication

Posted By:      Posted Date: September 11, 2010    Points: 0   Category :SharePoint
I have installed SharePoint 2010 as Standalone on My laptop. Now I want to extend the site as Claim Based Authentication. Let me know how can I do this?  

View Complete Post

More Related Resource Links

Sharepoint Claim Based Authentication Web Service issue


Hi all,

I have Configured sharepoint 2010 foundation to use claim based authentication with sqlmembership provider.

When i try to consume the webservice i get access denied error. The service i wish to consume is http://<server>:25757/_vti_bin/usergroup.asmx.

I tried to find out the issue i cannot consume the service as it redirects me to the login page. I also tried to pass the network credentials but same error. (Server was unable to process request. ---> Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

When i try to consume the same service of another web application (sharepoint 2010 foundation) it works. Only difference between the two web application is classic authentication with NTLM and other is CLAIM based authentication windows (with NTLM) / forms.


Best Regards,


SharePoint 2010 AD/Claim-based authentication URL.



I have setup my SharePoint 2010 web application to support both Windows AD and ADFS 2.0 authentication, the top site URL is: https://myserver.contoso.com

Every time I access the URL, it asks me to choose which credentials I want to use: AD or Claim, then get access to the SharePoint site - it works fine.

My question is about: can I tell which credentials to use in the URL request? i.e.: https://myserver.contoso.com&credential=Windows to use Windows AD authentication;

or https://myserver.contoso.com&credential=ADFS to use ADFS authentication?



Jim Wang - MVP Dynamics CRM - http://jianwang.blogspot.com, http://www.mscrm.cn

password recovery in claim based authentication


guys, i need your help...

i setup web application using claim based + sqlmembership..

in  a form, i got password recovery control..

so, how can i retrieve the user password ???

currently, when i click submit button, i got an error as follow :

[NotImplementedException: The method or operation is not implemented.] Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider.GetUser(String name, Boolean userIsOnline) +62 System.Web.Security.MembershipProvider.GetUser(String username, Boolean userIsOnline, Boolean throwOnError) +35 System.Web.UI.WebControls.PasswordRecovery.AttemptSendPasswordUserNameView() +120 System.Web.UI.WebControls.PasswordRecovery.OnBubbleEvent(Object source, EventArgs e) +127 System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +70 System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +29 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2981

p/s: note that i'm using sharepoint 2010 RTM and successfully configure smtp in server...

thanks in advance....

Forms based users being prompted for windows authentication login for My Sites photos in user lists

Here's an issue I didn't see coming for our forms based authentication users. 

We have a web application extended to an external url to handle forms based authentication for users outside of our domain. Our setup looks like this...

Internal Users/Windows Authentication - moss.domain.com
External Users/Forms Based - mossext.domain.com
My Site for Internal Users - mysites.domain.com

When our forms based users are accessing user lists, or discussion pages that display user pictures, they are getting a windows authentication login for our internal users (mysites.domain.com) who have populated their my site with personal photo.

How do we fix this? 

require guideline for 'Role-based authentication/authorization'



In my asp.net website in VS-2005 with SQL-Server 2005 as db, I need to implement role-based Authentication/Authorization.

I am familiar to the practises used in role-based authentication..as I have previously worked on projects that used this method. However, my project lead used to design the database. Now I have an existing website where authentication has been set to anonymous by setting 'allow users="?"' in the authentication tags in web.config.

If I use the createUserWizard control and use the Membership.creatUser(.....) method in code behind will the asp.net security tables, like users, roles, userinrole etc get created on its own? Can anyone please give the proper steps on how to acheive this?

Claims Tips: Learning About Claims-Based Authentication in SharePoint 2010

Use these five tips for guidance in solving problems related to using and configuring claims.

Sample: SharePoint Claims-Based Authentication

Explore the code as you learn how to create a custom security token service (STS) and set up a trust relationship between a SharePoint 2010 farm and the custom STS.

AutoLogin for authenticated user via LiveID in Sharepoint 2010 (Claims Based Authentication)

Hi,     Im working in integrating LiveID authentication in my Sharepoint site. Live id gives back a token of the user with which i created a dummy profile using MembershipProvider.CreateUser. Now i have to auto login the user with the profile i created, i mean i have to force login to my sharepoint site using the created dummy user details without asking the user to give username n password.Any suggestion will be a great help for me to proceed.   Thanks Saravanan Michael

Should I use claims based authentication?

I'm about to setup a web application to host a public facing website. Internal staff will authenticate to the site via Active Directory and we may have a need to allow external users to access "authenticated" parts of the site. To authenticate them we plan to use Windows Live ID. With that in mind,: is it better to set the web application up to use claims based authentication from the start rather than having to change it later? is there anything available as of yet to setup SharePoint 2010 to authenticate against Windows Live ID using claims based authentication?

Migrate from Classic to Claims based authentication

So this is really an outside the normal question and I am hoping someone has some thoughts. I am going to be upgrading a MOSS 2007 farm to MSS2010. I have to move hardware so I will be using the content database attach method for upgrade. The site is current extended to a second IIS Application to support both window and Forms based authentication. Since this is an intranet, unique security is used at the site level (and occasionally at the doc lib level). I want to take advantage of Claims Based Authentication (and use one URL, plus other benefits). I am well aware that that claims based token is not the same as the windows token even though the NTLM user is really the same. Thus that is what presents the issue. I need to "migrate" all of my current NTLM-Classic users to claims based. My first thought is to read the users added to each site (actually role assignments), find all users that have the domain name at the beginning of the member name and add a new users (appending the i:0#.w| to the beginning of the loginname) to the site. This works beautifully and is succesful. The problem arises in the that the role assignments contains SharePoint groups (which we don't use much) and AD groups. the SharePoint groups are ok (yes, I have to migrate the users in them too, but no problem). The AD groups are added via SID when it is claims based. This presents the probl

How do I use PowerShell to configure Web.Config for forms-based authentication for a Claims Based we

This TechNet article does a great job describing how to Configure forms-based authentication for a claims-based Web application using PowerShell. However, it glosses over editing the web.config file by just saying "Find the <Configuration> <system.web> section and add the following entry:" Is it possible to edit the web.config file using PowerShell using the IIS PowerShell snapin or can I just edit the web.config file as a xml document? This succeeds in adding the element, but only with the name and type. It does not add the connectionStringName or the applicationName import-module webadministration Add-WebConfiguration /system.web/membership/providers "IIS:\sites\[site name]" -value @{name="FBAMembershipProvider";` type="System.Web.Security.SqlMembershipProvider, System.Web, Version=, Culture= neutral, PublicKeyToken= b03f5f7f11d50a3a";` connectionStringName="FBAconn";` applicationName="/"} Does anyone any suggestions on a direction to go to add the membership providers and role providers in the web.config using PowerShell? This is very frustrating because I can do it manually, I can do it through the UI in IIS Manager, I can do it using appcmd, but no matter what I do, I can't get it to work using PowerShell.  

Form based authentication Sharepoint 2007 gets redirected to login page

Hi We have sharepoint 2007 site deployed on Windows server 2008, IIS 7.0.  We extended the web application to enable forms based authentication referring to link http://msdn.microsoft.com/en-us/library/bb975136(office.12).aspx#MOSS2007FBAPart1_Intro, we selected Kerberos instead of NTLM, behavior is like, when user tries to login into the site using OOB login.aspx, user again gets redirected to the login page. We tried to extend the web application again but this time we selected NTLM, but this time farm account (also is application pool identity) is not able login and exhibits same behavior as above, but for other users we are able to login. Has anyone come across this behavior? can anyone please guide me in correct the behavior? Regards, RK  Radhakrishna

Form Based Authentication with Custom database

Hi, I have a Sharepoint 2010 web application and I want to implement FBA(Form Based Authentication) for that. I don't want to use any membership providers and role providers. I have a SQL server database where we will maintain users and roles. I want to use this database for validating user credentials and authenticating them. Is this possible in Sharepoint 2010? Please reply ASAP.

SharePoint 2010 Claims Based Authentication - anonymous site is prompting for CBA auth when opening

Hi, I have CBA setup successfully on my sites.  One site is setup for anonymous access and I have disabled "client integration" on that web application. I have a list of MS Office documents on a wiki.  When I click on one I am asked to either save or open or cancel.  Saving works fine but when I choose open, it launches the associated MS Office app.  I am then prompted for a login from CBA.  I can click cancel and the logon screen appears again.  After clicking cancel the 2nd time the document appears in the MS Office app, Word in this case. My question is how do I prevent my users from being prompted for a CBA login when clicking on these files and opening them in the native app on their machine?      --TR

Regarding Claims Based Authentication in sharepoint2010

Hey, i have an web application which is in classic mode. now i want to extend same application as claims mode? can you please sugguest me a proper process Thanks in Advance!Share Knowledge and Spread Love!

SP 2010 Form Based Authentication username begins with "i:0#.w|"

Hello there! For the life of me, i can't figure out why SharePoint keeps putting the phrase "i:0#.w|" infront of everyones username / accounts. Both on mysite and portal sites. A quick bing search revelaed that i am not the only one: http://fangdahai.blogspot.com/2010/06/i0w-is-still-there-in-sharepoint-2010.html. Anyone have a solution to fix this annoying problem? Thanks!

Forms Based Authentication on Extranet Application

I have a web application that is using classic authentication. I have extended it to my extranet so I can use https from the outside. All of this works, except I would like to have the extranet users not have to type domain\username. I am guessing I need to use claims based authentication with forms. It seems the only way to do this, would be to go back in time, and tell my original application to use claims based instead of windows. Is there a way I could have just my extended site use forms? I would really like to keep my extranet users out of active directory, as they are not part of my company.
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend