.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

automatic logon using claims based FBA??

Posted By:      Posted Date: August 31, 2010    Points: 0   Category :SharePoint
I have been using a IHttpModule that performs automatic logon on a forms based authentication using a custom membership provider. This has worked well using any .net asp.net application including SharePoint 2007. The IHttpModule listens for the AuthorizeRequest event of the application and if the user isn't logged in it uses the FormsAuthentication.SetAuthCookie(principal.Identity.Name, persistentCookie); to perform the "login". When I tried this on SharePoint 2010 using a claims based FBA, adding my custom membership provider as documented, I ran into some problems. First, the identity name that needed to be set in the SetAuthCookie was not the normal username, it seemed to be on a syntax like 0#.f|membershipProviderName|UserName If I used this instead (replacing membershipProviderName and UserName) with the actual ones, the login seemed to work (it felt like a hack tough and perhaps there is some better way to do this?) After a bit of testing the site the most seemed to work (a plain SharePoint 2010 site), but when I clicked on a list link (like calendar, events or announcements) I was given a servererror as below.   Has anyone any idéas? /Dan   Server Error in '/' Application. <nativehr>0x8107058a</nativehr><nativestack></nativestack>Operation is not valid due to the current state of the object. Description: An unhandle

View Complete Post

More Related Resource Links

Claims-Based Apps: Claims-Based Authorization with WIF


Over the past few years, federated security models and claims-based access control have become increasingly popular. Platform tools in this area have also come a long way. Windows Identity Foundation (WIF) is a rich identity model framework designed for building claims-based applications and services and for supporting active and passive federated security scenarios.

Michele Leroux Bustamante

MSDN Magazine November 2009

Geneva Framework: A Better Approach For Building Claims-Based WCF Services


Here we introduce Microsoft Code Name "Geneva," the new framework for building claims-based applications and services, and federated security scenarios.

Michele Leroux Bustamante

MSDN Magazine December 2008

Security Briefs: Exploring Claims-Based Identity


Keith Brown introduces you to the new identity model in the Microsoft .NET Framework 3.0.

Keith Brown

MSDN Magazine September 2007

Video: Introduction to Claims-based Security in SharePoint 2010

Learn how claims-based identity provides a common way for applications to acquire identity information from users inside their organization, in other organizations, and on the Internet. (Length: 23:46)

Claims Tips: Learning About Claims-Based Authentication in SharePoint 2010

Use these five tips for guidance in solving problems related to using and configuring claims.

Sample: SharePoint Claims-Based Authentication

Explore the code as you learn how to create a custom security token service (STS) and set up a trust relationship between a SharePoint 2010 farm and the custom STS.

Can not init SPSite for claims based authenticated site

Hi, trying to write a simple console application i was not able to init a claims based authenticated site with API nor with the Managed Client OM. Opening a site with only windows authentication is working. Running on a Windows Server 2008 R2 and SP 2010 server and logged in as the buildin Administrator account. Administrator is Site Collection Admin. static void Main(string[] args) {     ClientContext context = new ClientContext("http://mypc:300");     Web web = context.Web;     context.Load(web);     context.ExecuteQuery();     ... } throws "The remote server returned an error: (403) Forbidden.". Setting credentials for the context is also not working. or same problem with     static void Main(string[] args) {     using (SPSite spSite = new SPSite("http://mypc:300"))     {         ... throwing FileNotFound-Error. Any idea? Greetings Peter  

AutoLogin for authenticated user via LiveID in Sharepoint 2010 (Claims Based Authentication)

Hi,     Im working in integrating LiveID authentication in my Sharepoint site. Live id gives back a token of the user with which i created a dummy profile using MembershipProvider.CreateUser. Now i have to auto login the user with the profile i created, i mean i have to force login to my sharepoint site using the created dummy user details without asking the user to give username n password.Any suggestion will be a great help for me to proceed.   Thanks Saravanan Michael

Should I use claims based authentication?

I'm about to setup a web application to host a public facing website. Internal staff will authenticate to the site via Active Directory and we may have a need to allow external users to access "authenticated" parts of the site. To authenticate them we plan to use Windows Live ID. With that in mind,: is it better to set the web application up to use claims based authentication from the start rather than having to change it later? is there anything available as of yet to setup SharePoint 2010 to authenticate against Windows Live ID using claims based authentication?

Migrate from Classic to Claims based authentication

So this is really an outside the normal question and I am hoping someone has some thoughts. I am going to be upgrading a MOSS 2007 farm to MSS2010. I have to move hardware so I will be using the content database attach method for upgrade. The site is current extended to a second IIS Application to support both window and Forms based authentication. Since this is an intranet, unique security is used at the site level (and occasionally at the doc lib level). I want to take advantage of Claims Based Authentication (and use one URL, plus other benefits). I am well aware that that claims based token is not the same as the windows token even though the NTLM user is really the same. Thus that is what presents the issue. I need to "migrate" all of my current NTLM-Classic users to claims based. My first thought is to read the users added to each site (actually role assignments), find all users that have the domain name at the beginning of the member name and add a new users (appending the i:0#.w| to the beginning of the loginname) to the site. This works beautifully and is succesful. The problem arises in the that the role assignments contains SharePoint groups (which we don't use much) and AD groups. the SharePoint groups are ok (yes, I have to migrate the users in them too, but no problem). The AD groups are added via SID when it is claims based. This presents the probl

How do I use PowerShell to configure Web.Config for forms-based authentication for a Claims Based we

This TechNet article does a great job describing how to Configure forms-based authentication for a claims-based Web application using PowerShell. However, it glosses over editing the web.config file by just saying "Find the <Configuration> <system.web> section and add the following entry:" Is it possible to edit the web.config file using PowerShell using the IIS PowerShell snapin or can I just edit the web.config file as a xml document? This succeeds in adding the element, but only with the name and type. It does not add the connectionStringName or the applicationName import-module webadministration Add-WebConfiguration /system.web/membership/providers "IIS:\sites\[site name]" -value @{name="FBAMembershipProvider";` type="System.Web.Security.SqlMembershipProvider, System.Web, Version=, Culture= neutral, PublicKeyToken= b03f5f7f11d50a3a";` connectionStringName="FBAconn";` applicationName="/"} Does anyone any suggestions on a direction to go to add the membership providers and role providers in the web.config using PowerShell? This is very frustrating because I can do it manually, I can do it through the UI in IIS Manager, I can do it using appcmd, but no matter what I do, I can't get it to work using PowerShell.  

SharePoint 2010 Claims Based Authentication - anonymous site is prompting for CBA auth when opening

Hi, I have CBA setup successfully on my sites.  One site is setup for anonymous access and I have disabled "client integration" on that web application. I have a list of MS Office documents on a wiki.  When I click on one I am asked to either save or open or cancel.  Saving works fine but when I choose open, it launches the associated MS Office app.  I am then prompted for a login from CBA.  I can click cancel and the logon screen appears again.  After clicking cancel the 2nd time the document appears in the MS Office app, Word in this case. My question is how do I prevent my users from being prompted for a CBA login when clicking on these files and opening them in the native app on their machine?      --TR

SharePoint 2010 Claims Based Authenticaton site working but search is broken

Hi, I have SP 2010 sucessfully installed on a Windows 2008 R2 server with SQL Server 2008 R2.  I created local machine accounts for the following: MACHINE\mssqlservice MACHINE\sp_admin MACHINE\sp_search MACHINE\sp_farms I have setup 2 sites with public facing internet access as well as local sites. I have CBA working properly on both sites from both public and private access. My problem is that when I go to search, I am constantly redirected to an error page. I have checked all SP services on the server and they are all running as MACHINE\mssqlservice That account has proper access to all sites as well as all DB's. My search is crawling and I get one error from a long named PDF file in my site, which is OK.   My questions is if my CBA is working fine and my search is crawling, why I am not getting a results page when I search from the sites:   Here is the error I get:   Error Internal server error exception:   Troubleshoot issues with Microsoft SharePoint Foundation. Correlation ID: 5a03b730-42c2-48c9-a220-3b9d052481de Date and Time: 9/9/2010 4:45:07 PM   I am kind of stuck at this point and am not sure how to proceed.  Any help would be appreciated.        --TR

Regarding Claims Based Authentication in sharepoint2010

Hey, i have an web application which is in classic mode. now i want to extend same application as claims mode? can you please sugguest me a proper process Thanks in Advance!Share Knowledge and Spread Love!

Claims Based Auth Corrupting Permissions?

So I'm noticing everytime I enable claims based authentication on a web application all pre-existing windows based permissions fail. I believe this is due to the Identity Manager presenting a different account than those present from Classic mode authentication. You can see below that the Classic Mode Account's list the normal domain\username while the claims based version of the same account is completely different and causing a mismatch. So I figure I must be missing something obvious for how to migrate to claims based, they can't honestly expect people to redo permissions across their entire sharepoint instance. Example (DisplayName followed by Account): Name: All Authenticated Users Account: c:0(.s|true Name: NT AUTHORITY\authenticated users Account: NT AUTHORITY\authenticated users Name: DOMAIN\domain users Account: c:0+.w|s-1-5-21-2428780107-2384587425-257213858-513 Name: DOMAIN\domain users Account: DOMAIN\domain users

Claims Based Authentication

I have successfully gotten my sharepoint site to use claims-based authentication, but now I am trying to configure it so it works. Right now I can't connect locally or from my extranet. I am following this guide: http://technet.microsoft.com/en-us/library/ee806890.aspx I haven't changed my web.config files yet, because I don't know what information I need to fill in.  There are a lot of places that say, your server here, and I need to put in some OUs and whatnot.  I don't know what info I am supposed to put in. First of all, I don't know what server I am supposed to put in. Do I need my domain controller there, my sharepoint server, my sql server?  I am guessing the part with the OUs is active directory stuff, so that would imply I use my domain controller.  I have already used the aspnet_regsql application to create a database, but I am not really sure what I am supposed to do with it. Is there a guide somewhere that explains things better, or could someone help me out?    Here is the code: <membership defaultProvider="AspNetSqlMembershipProvider"> <providers> <add name="membership" type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=, Culture=neutral, PublicKeyToken=71e9bce111e9429c" server="yourserver.com"

Changed to claims based authentication, now I can't access my site. Please help! Time is of the ess

I am in a pretty big bind. I have a sharepoint 2010 site, that was using classic windows authentication. It worked fine from the inside, and I was able to extend it to the outside and it was using https with an SSL certificate. However, my performancepoint reports and my external lists weren't working when the site was accessed from the outside. Apparently this is a known issue with using classic authentication on the outside, so I tried to switch over to claims based authentication. I followed this guide: http://blogs.technet.com/b/wbaer/ar...point-2010.aspx I obviously changed the contoso stuff to my domain name, and changed all of the config files. The problem is, now I can't access the site at all from the inside or the outside. Here is the error I get in my logs: code: An exception occurred when trying to issue security token: Could not connect to [url]http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas.[/url] TCP error code 10061: No connection could be made because the target machine actively refused it . My Sharepoint Central Administration site gives me this warning: code: The Security Token Service is not issuing tokens. The service could be malfunctioning or in a bad state. Remedy Administrator should try to restart the Security Token Service on the boxes where it is not issuing tokens. If problem persists, f
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend