Thursday, 24 March 2016

SharePoint 2013 FBA (Form Base Authentication) Configuration

SharePoint 2013 Configured Form Based Authentication using SQLMemberShipProvider.
You need to configure SQLMemebershipProvider as Users Database and then you need to do some changes in Sharepoint Central administration web.config, Your Webapplicaiton and Security Token Service.

1.     Configured SQL MembeShipProvider.

  1. Login to SQLserver.
  2. Go to following path  ->  C:\Windows\Microsoft.NET\Framework64\v4.0.30319
  3. Find the aspnet_regsql.exe, run that exe to configure membership Database.






Verify the Permissions

Open IIS on Sharepoint 2013 and open Pool (Security Token Service), see the Pool account user name . 
that user Must have full access to the database, Please follow the permission settings from below screen.
to Add new user right -> click on Users for that particular Database for Existing user select and given permissions.




2.     SharePoint 2013 Central Administration WEB.Config Changes.

  •          Open IIS   à
  •          Right click on Central Administration web application -à
  •          Click  on  Explore
  •          Very Important thing, you must have to backup Web.config
  •          Right Click and open the web.config
  •           Find the membership Section.

And replace with below lines.
<membership  defaultProvider="FBAMemberShipProvider">
      <providers>
            <add name="FBAMemberShipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="AltranExtranet" enablePasswordReset="true" enablePasswordRetrieval="false" passwordFormat="Hashed" requiresQuestionAndAnswer="false"
       requiresUniqueEmail="true" applicationName="/" />
      </providers>
    </membership>
Fine the Rolemanager
<roleManager defaultProvider="AspNetWindowsTokenRoleProvider" enabled="true" cacheRolesInCookie="false">
      <providers>
             <add name="FBARoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral,
        PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="FBAConStr" applicationName="/" />
      </providers>
    </roleManager>

Go at the end of Web.config and add connection string

<connectionStrings>

       <add name=" FBAConStr " connectionString="Data Source=SQL2012;Initial Catalog=FBAUSERSDB;Integrated Security=SSPI" />

</connectionStrings>


Find PeoplePickerWildCards and add your membership provider as key.

<add key=" FBAMemberShipProvider" value="%" />

3.     Web application WEB.Config Changes

·         Your web application must be Enable Forms Based Authentication (FBA)

·         Open IIS   à
·         Right click on Central Administration web application -à
·         Click  on  Explore
·         Very Important thing, you must have to backup Web.config
·         Right Click and open the web.config
·         Open Membership Section and add New MembershipProvider, web application have one exiting and default membership Provider

<add name="FBAMemberShipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="AltranExtranet" enablePasswordReset="true" enablePasswordRetrieval="false" passwordFormat="Hashed" requiresQuestionAndAnswer="false"
       requiresUniqueEmail="true" applicationName="/" />

Fine the Rolemanager
<roleManager defaultProvider="AspNetWindowsTokenRoleProvider" enabled="true" cacheRolesInCookie="false">
      <providers>
             <add name="FBARoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral,
        PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="FBAConStr" applicationName="/" />
      </providers>
    </roleManager>

Go at the end of Web.config and add connection string

<connectionStrings>

       <add name=" FBAConStr " connectionString="Data Source=SQL2012;Initial Catalog=FBAUSERSDB;Integrated Security=SSPI" />

</connectionStrings>

Find PeoplePickerWildCards and add your membership provider as key.

<add key=" FBAMemberShipProvider" value="%" />

4.     Security Token Service WEB.Config Changes

  •          Open IIS   à
  •          Right click on Central Administration web application -à
  •          Click  on  Explore
  •         Very Important thing, you must have to backup Web.config
  •         Right Click and open the web.config
  •         Find the membership Section.


<membership  defaultProvider="FBAMemberShipProvider">
      <providers>
            <add name="FBAMemberShipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="AltranExtranet" enablePasswordReset="true" enablePasswordRetrieval="false" passwordFormat="Hashed" requiresQuestionAndAnswer="false"
       requiresUniqueEmail="true" applicationName="/" />
      </providers>
    </membership>

Fine the Rolemanager

<roleManager defaultProvider="AspNetWindowsTokenRoleProvider" enabled="true" cacheRolesInCookie="false">
      <providers>
             <add name="FBARoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral,
        PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="FBAConStr" applicationName="/" />
      </providers>
    </roleManager>

Go at the end of Web.config and add connection string


<connectionStrings>
       <add name=" FBAConStr " connectionString="Data Source=SQL2012;Initial Catalog=FBAUSERSDB;Integrated Security=SSPI" /> 
</connectionStrings>


That’s IT ..

How to do testing.

  1.  You can down FBA pack for SharePoint 2013 at CodePlex  Download FBA Pack, follow the instruction given there and create user and test the logins 
  2. Create web application is Visual studio and open web.config.

 a.       Open web.config add Role in Section.


<add name="FBARoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral,
        PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="FBAConStr" applicationName="/" />

b.      Add membership provider and membershipsection.


<add name="FBAMemberShipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="AltranExtranet" enablePasswordReset="true" enablePasswordRetrieval="false" passwordFormat="Hashed" requiresQuestionAndAnswer="false"
       requiresUniqueEmail="true" applicationName="/" />

c.       Add connection string


<connectionStrings>
        <add name=" FBAConStr " connectionString="Data Source=SQL2012;Initial Catalog=FBAUSERSDB;Integrated Security=SSPI" />
 </connectionStrings>

Create a page and add Createuser Wizard
Open the particular page in browser and create User.