Forms based authentication allow only specific users from database table

Here's an issue I didn't see coming for our forms based authentication users. 

Hi all,

I have a strange problem, I have configured the forms based authentication using WSS 3.0 in server 2008 m/c connected with one of the sql server in the farm and i am using iis 7.0.

During this i omitted any role provide options since i dont need it.

I placed the connection string and configured the web application with the forms mode and also provided the membership provider.

As soon as i refreshed the page, i got the log on screen where i entered the credentials that i have configured using the asp.net configuration tool.

Here i could not log on to the share point site even i enabled the anonymous access.

To set the site collection administrator,i have modified the machine.config with the changed connection string.still no use i could not browse the users from the FBA store to add.

please share your ideas why i was not able to browse and add the users to the share point even though i have modified the machine.config file to point the FBA database.I havent seen any error logs relavant to this.

sample connection string:

<connectionStrings>

 

hi,

i'm using sql server 2005, sql server business intelligence development studio for my reports and deploy them in my wss3.0 site.

what i'm trying to do is i'm trying to restrict wich users can see specific data within a report.

now, the thing is. the report gets the data out of my DB1 database and my windows authenticated user are in the WSS_content database.

when i deploy my report in my wss3 site. it gets the user that is loged in. but of course it does not display any data because the tables are not in the same database.

does someone knows how to do this?

I am using Forms Based Authentication I have extended the Forms Authentication Tables creating a custom table called Profile_Contact that holds the user's GUID, username, email address, and other information. I have another table called Profile_Account which holds company account information such as Company Name, address info, phone numbers etc. This table has a Key Field called IDProfileAccount. I include the IDProfileAccount field in the ProfileContact user table so I can associate the user with a specific Company.For the login page, I am using a basic login page created with using the Visual Studio login controls.When the user logs in, they are sent to the appropriate page as identified by the role the user has been given. This all works great. Now I need to extend the login page so that when the user logs in not only is the user's name and GUID placed in session, I would also like to have the IDProfileAccount record placed in session as well so that I can filter the records the user sees as only those records of the Company the user is associated with. I know how to add static variable to a session and how to retrieve them to filter data, what I need to know is how to retrieve the data from the SQL table on login and sending it to the session. I would think it would be something along these lines:Partial Class login Inherits System.Web.UI.Page Protected Sub Logi

This TechNet article does a great job describing how to Configure forms-based authentication for a claims-based Web application using PowerShell. However, it glosses over editing the web.config file by just saying "Find the <Configuration> <system.web> section and add the following entry:" Is it possible to edit the web.config file using PowerShell using the IIS PowerShell snapin or can I just edit the web.config file as a xml document? This succeeds in adding the element, but only with the name and type. It does not add the connectionStringName or the applicationName import-module webadministration Add-WebConfiguration /system.web/membership/providers "IIS:\sites\[site name]" -value @{name="FBAMembershipProvider";` type="System.Web.Security.SqlMembershipProvider, System.Web, Version= 2.0.0.0, Culture= neutral, PublicKeyToken= b03f5f7f11d50a3a";` connectionStringName="FBAconn";` applicationName="/"} Does anyone any suggestions on a direction to go to add the membership providers and role providers in the web.config using PowerShell? This is very frustrating because I can do it manually, I can do it through the UI in IIS Manager, I can do it using appcmd, but no matter what I do, I can't get it to work using PowerShell.  

Hi, I have a Sharepoint 2010 web application and I want to implement FBA(Form Based Authentication) for that. I don't want to use any membership providers and role providers. I have a SQL server database where we will maintain users and roles. I want to use this database for validating user credentials and authenticating them. Is this possible in Sharepoint 2010? Please reply ASAP.

I'm having a problem viewing the developer dashboard when logged on as a forms based authenticated site. I know the dashboard has been enabled as when logged in as a windows authenticated user it appears fine. I've used a powershell script like the following and also tried altering the RequiredPermissions property with values of EmptyMask, Open and ViewPages to see if if there is a permissions issues but with no success. http://sptwentyten.wordpress.com/2009/10/20/how-to-enable-the-developer-dashboard/ Should I be able to view the dashboard when using FBA Any assistance would be appreciated as I need to look into an urgent performance issue for a client  

I have a web application that is using classic authentication. I have extended it to my extranet so I can use https from the outside. All of this works, except I would like to have the extranet users not have to type domain\username. I am guessing I need to use claims based authentication with forms. It seems the only way to do this, would be to go back in time, and tell my original application to use claims based instead of windows. Is there a way I could have just my extended site use forms? I would really like to keep my extranet users out of active directory, as they are not part of my company.

Please be advised I have followed the steps on http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/. I have tried to fix the following issue for a week using different farms and SharePoint 2010 installations, however I am getting the following error when trying to authenticate using Forms Based into a Claims site: Cannot get Membership Provider with name FBARoleProvider The membership provider for this process was not properly configured. You must configure the membership provider in the .config file for every SharePoint process. 1. I am certain the membership provider is configured in the SecurityTokenServiceApplication webservice as I can manage users and roles in IIS7 using the SecurityTokenServiceApplication website. 2. I am certain that membership provider is configured in the both the Claims Web Application and Central Admin as I can manage users and roles in IIS7 using their websites. 3. I know the issue is the SecurityTokenServiceApplication service as I had to set <serviceDebug includeExceptionDetailInFaults="true" /> to get the error above. 4. I can log into the Claims Based Application using windows authentication, however I am unable to see the users on the people picker despite that I can see them from the application's site on IIS

On the first hit, and only the first hit, to my page having [ALLOW users="*"] in the web.config, the user is redirected to the LoginUrl, but on all subsequent visits to the page, the user IS allowed access.  The user shoud ALWAYS be allowed access to this page.  I suspect it is a configuration problem, so here are snippets of my web.config... <compilation debug="false" strict="true" explicit="true" /> <trace enabled="false"/> <authentication mode="Forms"> <forms protection="All" cookieless="UseCookies" requireSSL="false" slidingExpiration="false" timeout="20" name="12345678-1234-1234-1234-123456789012" loginUrl="~/Web/Login.aspx" defaultUrl="~/Web/MyPage.aspx" enableCrossAppRedirects="false" /> <authentication> <httpCookies httpOnlyCookies="true" /> <sessionState cookieless="UseCookies" />         <location path="Web/Contact.aspx"> <system.web> <authorization> <allow users="*"/> <authorization> <system.web> <location>   Can you help me figure out why users are not ALWAYS allowed access to the /Web/Contact.aspx page? Thx!      

Hi,

I have successfully enabled and set up FBA (Forms Based Authentication) on my SharePoint 2010 Foundation server. The thing is that I need to customize the look and feel of the login page. I have successfully customized the page (and master page) to look the way I want, however, when I try to log in, I get the following error/message on the page:
"Forms Based Authentication on classic Web applications has been deprecated".

What I've done:
Made copies of /_layouts/simple.master and /_layouts/login.aspx and renamed the copies. The markup in the master page is MUCH simpler than the original, but I've kept all the ContentPlaceholders that I don't use (most of them) in a hidden <asp:Panel at the bottom of the page.

I've changed the web.config file:
<authentication mode="Forms">
      <forms loginUrl="/_layouts/loginCustom.aspx" />
</authentication>

So, I'm not getting any errors on the page until I try to log in. When I use the default settings (login.aspx and simple.master) it works just fine (but damn that page looks ugly!).

Does anyone know what I might be missing?

Update: I believe the reason it doesn't work is because my custom login aspx is not part of the Claims Based Web Application (because it's sitting

Hello

I'm trying to figure out how to setup FBA in SharePoint 2010.  I know that FBA is now just a subset of Claims Based Authentication, but I'm confused by some of the different approaches that I've seen on some technet blogs:

http://blogs.technet.com/b/mahesm/archive/2010/04/07/configure-forms-based-authentication-fba-with-sharepoint-2010.aspx

http://blogs.technet.com/b/speschka/archive/2009/11/05/configuring-forms-based-authentication-in-sharepoint-2010.aspx

Having seen the two, one doesn't setup a SQL while one does.  Both are vague in the user account that is used to manage the FBA users.  I'd like to get some clarification if that's possible.  Thanks in advance!

can anybody give me configuration details for share point Form Based Authentication with Oracle database

Hi friends,

               I am using sharepoint2010 forms based authenticaion (claims based) configure all the web.config files and its working fine.Now I want to change this applicaion to windows authentication (claims) what are the things to follow to change the application to windows and vice versa.I refer few links but they are referring from  classic to claims and many other things not my req..!

 

 

Scenario:

I have a web-application that is set to windows-authentication and is created as anonymous. This is at default zone. I want to change this to forms based authentication.

I tried extending web-application and creating new zone as Extranet but it is asking me to specify the url (within load-balanced url) that should not be same as the url of the default zone url. Dont' know why. Please suggest.

But for now, I had a question. If I modify the default zone to be forms based, will it cause any problems? I am assuming that this will be default for any type of user (internal, external etc) ? Please let me know.  

Also as far as web.config changes (considering changes to default zone ),  is it fine if I modify web.config of this site plus the central admin web.config? If there are another 5 web-applications (that are totally different but reside in same farm), do I need web.config of those web-application also?

 

Please suggest.

 

Our goal is that this website (even when accessed internally) will be through form-based authentication only. So 

Hi,

I have a web application with a login form. A user enters a user name and password. If they exist in the database the user is authenticated using these two lines:

FormsAuthentication.SetAuthCookie(userName, false);
FormsAuthentication.RedirectFromLoginPage(userName, false);

The problem is that when a user logs in at first he is logged in as himself. When navigating on the web application for a while the user assumes the identity of another logged in user. This happens all the time.

In my web.config the authentication mode looks like this:

<authentication mode="Forms">
  <forms loginUrl="LogOn.aspx" name=".ASPXFORMSAUTH">
  </forms>
</authentication>
<authorization>
  <deny users="?" />
</authorization>

The site does not use ASP.NET session variables. Instead each page initializes a Singleton class, which stores itself in a static class variable, always accessing the users data already read from the database.

The Singleton implementation is:

static readonly WebSession instance = new WebSession();

WebSession()
{
}

public static WebSession GetSingletonInstance
{
  get { return instance; }
}

Could the problem with assuming anoth

Learn how to create forms-based authentication for claims-based web applications by using a custom membership and role provider.