Configuring Forms Based Authentication in SharePoint 2013

     

Description :

Hi Every one, Today we are going to see how to Configure Forms Based Authentication in SharePoint 2013. In SharePoint, Microsoft offering two different types of authentication such as Windows Authentication and Forms Based Authentication. By default we will get the windows authentication to our site but if we want to provide the Forms based authentication to our SharePoint site we must have to do some settings while creating of web application of a site. Now we will see step by step process of configuring forms based authentication in SharePoint 2013. What is Windows Authentication in SharePoint ? Windows authentication is a secure form of authentication which is offered by Microsoft and the user name and password are hashed before being sent across the network. When you enable the Windows authentication in our SharePoint Site, the client browser sends a strongly hashed version of the password in a cryptographic exchange with our Web Server. We will get the users information such as username, password, role, and group he/she belongs, from the Active Directory and store the user information into content database of SharePoint, this will happens in installation process of SharePoint Farm or we can do it after installation of SharePoint using user management services in SharePoint. What is Form Authentication in SharePoint Some companies maintain their employ user information in databases rather than Active Directory. So here all the users information such as usernames, passwords, roles and groups will stored in a database that may be MS SQL, Oracle or MySQL in this type of situations most of the companies will prefer to use form based authentication instead of rebuild the new Active Directory. Configuring Forms Based Authentication in SharePoint 2013 

• Create web application and site collection
• Configure SharePoint Database to synchronize users for forms based authentication.
• Modify web.config file in central administrator and site collection to use users database which we have created in the step 2
• Installation of Forms Based Authentication ( FBA ) 2013 Pack.

Step 1 :First we have to create a web application and site a site collection. Please find the below image and note done the settings which we need to do before we start

• Give a Name to your web application: SPLessons - 1515 here you can use your preferred name.
• Give a available port number to your web application. In my example it's: 1515
• Checked the Enable Forms based Authentication ( FBA ) if you want windows based Authentication as well please leave the default option or Un Checked the Windows based authentication.
• URL for the web application will generate automatically based on our system details and port number which we provided on step 2.
• Give a understandable and unique name to content database for our web application if you want or leave the  default value. Finally click "Ok" button. In my example: Name: "WSS_Content_FormAtuhentication"

  Step  2  :We created the web application and please click on create site collection in conformation window Step  3 : Please Enter the following details:

•  Title of the Site Collection: SPLessons and Description: SPLessons.
• Select the template you want for your site collection. I have chosen as Team Site Template.
• Please provide the Primary Site Collection Administrator and click "Ok" button.

After Creation of site collection we can see, the below screen in browser. So I have chosen Windows Authentication as well as Forms Based Authentication so we will get the drop box like below if you choose only the Forms based authentication you will get only one option in the drop down box that is Forms Authentication. Till now we have finished the Web Application and Site Collection Creation. Now We need to set up our Users Database. Step  4 :In order to create membership database structure we will use the ASP .Net SQL Server Registration Tool "asp_regsql.exe" which is located in "c:\Windows\Mincrosoft.Net\Framework\V4.0.30319\aspnet_regsql.exe". Please click on asp_regsql.exe file. We will get the following wizard window. Note: Here i am using MS SQL Database so I used ASP .Net SQL Server Registration Tool and .Net Framework 4.0   Then we will get one wizard like below, have to follow   Click on Next button   Here we have to select our web application database name  and click on  next button   Click on  finish Button Step  5 :

•  We need to know under which user SecurityTokenServiceApplicationPool (STS) is running in the application pool.
•  We also need to know under which user our web application is running application pool. Why because, we have to provide some access permission to that users on our Web Application Content Database ( Refer Step1 - Point 5).
• In my case both STS and Web Application is running under same user named as: "dc\naspadmin01"

         Please find the below screen shoot.   Now we have to do the final step that is add some permissions to the user "dc\naspadmin01" on Content Database named as: "WSS_Content_FormAtuhentication".

• Open SQL Management Studio where our SharePoint Databases are resides.  Navigate to the our Web Application Content database ( WSS_Content_FormAtuhentication ) click on it.
• Go to Security node and click on it and then Right click on users and Select new user.

Click on General tab in the Database user- new Window 1) Enter User name: naspadmin01 2) Login name: DC\naspadmin01     3) Click on Membership tab. Check the following option. i) aspnet_Membership_Fullaccess Ii) aspnet_Personalization_FullAccess Iii) aspent_Profile_FullAccess Iv) aspnet_Roles_FullAccess v) aspnet_WebEvent_FullAccess 4) Finally click on " Ok " Button.   Step  6 :We have to edit the web.config files of Security Token Service ( STS ) and our SharePoint Site.  Open the IIS Manager, Click on SharePoint Web Services node and then Right click on SecurityTokenServiceAppplicationPool and select Explore.   Select the web.config file and open the file and add the following tags in web.config file.

1. <add connectionStringName=”ExtranetUsers” applicationName=”/” name=”Ext” type=”System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a” />
2.  <add connectionStringName=”ExtranetUsers” applicationName=”/” name=”ExtRole” type=”System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0, Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a” />
3. <connectionStrings><add name=”ExtranetUsers” connectionString=”Data Source=NAJBSYS1;Initial Catalog=WSS_Content_FormAuthentication;Integrated Security=True” /></connectionStrings>

 

<system.web>

<membership>

<providers>

<add connectionStringName="ExtranetUsers" applicationName="/" name="Ext" type="System.Web.Security.SqlMembershipProvider, System.Web,  Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

</providers>

</membership>

<roleManager>

<providers>

<add connectionStringName="ExtranetUsers" applicationName="/" name="ExtRole" type="System.Web.Security.SqlRoleProvider, System.Web,  Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

</providers>

</roleManager>

</system.web>

<connectionStrings>

<add name="ExtranetUsers" connectionString="Data Source=NAJBSYS1;Initial Catalog=WSS_Content_FormAuthentication;Integrated Security=True" />

</connectionStrings> Step  7 : We have to edit the web.config file of our SharePoint Web Application Site.

1. Open the IIS Manager, Right Click on our SharePoint Site and select Explore.
2. Select the web.config file and open the file and add the following tags

<add connectionStringName="ExtranetUsers" applicationName="/" name="Ext" type="System.Web.Security.SqlMembershipProvider, System.Web,  Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

  <add connectionStringName="ExtranetUsers" applicationName="/" name="ExtRole" type="System.Web.Security.SqlRoleProvider, System.Web,  Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

<connectionStrings>

    <add name="ExtranetUsers" connectionString="Data Source=NAJBSYS1;Initial Catalog=WSS_Content_FormAuthentication;Integrated Security=True" />

  </connectionStrings>

<add key="Ext" value="%" />

See the screenshots below for placement area       We are all most done all the steps of our SharePoint Web Application site, Content Database and User membership set up in the content database of the SharePoint. Step  8:

1.  First we need to login with our primary site collection administrator using windows authentication.
2.  If we want to add user from our site to use the forms based authentication we need to have user interface to do that part. We will use a codeplex plugin -- Download the wsp and Deploy the wsp file into our site and then activate forms based authentication feature in your site collection. Then add web part into our site page.
3. We can use the web part to add new users to our site.

  Once we finish the form and submit, then the user will get a temporary password to he/she mail. if you observe the table aspnet_Users in Contentdatabase we will see the newly added users.     Step  9:open Internet explorer Select the Form authentication   we will redirected to the login form   This is our form authentication Home page