in SharePoint 2010

FBA in SharePoint 2010 requires claims mode

If you have already set up Forms Based Authentication(FBA) in SharePoint 2010 public beta, you would have noticed not much of a change from SharePoint 2007. As you are aware, SharePoint 2010 includes new authentication model called Claims Based authentication. You can read more about this here. Since the SharePoint 2010 RTM, FBA now requires claims mode set up for the web application. Your membership provider and role provider now acts as the Identity Provider.

 

So, if you go to your web application settings, and choose to edit the Authentication Providers, you will notice the following:

 

image

 

Notice that there is a help on how to enable Forms Based Authentication in claims mode. You can click on it to read more about how to set up FBA.

 

Here is a simple PowerShell script which changes the web app’s authentication mode to claims based:

 

$webApp = Get-SPWebApplication “/">http://<web-app>/

$webApp.UseClaimsAuthentication = "True";

$webApp.Update();

$webApp.ProvisionGlobally();

 

Once you have executed the above PowerShell script, if you go to your web app’s authentication provider settings, you should see:

 

image

 

Clicking on Default, you will be able to select your identity provider for the claims based authentication:

 

image

 

If you are creating a new web app, you can initially choose which authentication mode you want:

 

image

 

You can refer more to this blog post by Steve on setting up FBA in SP2010: http://bit.ly/a5WhlE (or) this MSDN article: http://bit.ly/bUYvjC

Write a Comment

Comment

Time limit is exhausted. Please reload the CAPTCHA.

  1. Chakradeep,

    I followed the steps in settingup FBA, created db, role, providers in central admin as well as security token, add users added roles, authentication. then created web application with claims and did the same set up for the new site collection

    Now when i try to open the page, it comes with default sign in, i have already added forms users, i tried to select forms entered useri and pwd, i get the below error, can you provide me some clues on what went wrong in my set up

    Neel

    Server Error in ‘/’ Application.
    ——————————————————————————–
    Server Error in ‘/’ Application.
    The remote server returned an error: (404) Not Found.
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.Net.WebException: The remote server returned an error: (404) Not Found.

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace:

    [WebException: The remote server returned an error: (404) Not Found.]
    System.Net.HttpWebRequest.GetResponse() +1126
    System.ServiceModel.Channels.HttpChannelRequest.WaitForReply(TimeSpan timeout) +81

    [EndpointNotFoundException: There was no endpoint listening at http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.]
    System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) +10258154
    System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) +539
    Microsoft.IdentityModel.Protocols.WSTrust.IWSTrustContract.Issue(Message message) +0
    Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr) +61
    Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst) +36
    Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo) +26062081
    Microsoft.SharePoint.SPSecurityContext.SecurityTokenForFormsAuthentication(Uri context, String membershipProviderName, String roleProviderName, String username, String password) +172
    Microsoft.SharePoint.IdentityModel.Pages.FormsSignInPage.GetSecurityToken(Login formsSignInControl) +188
    Microsoft.SharePoint.IdentityModel.Pages.FormsSignInPage.AuthenticateEventHandler(Object sender, AuthenticateEventArgs formAuthenticateEvent) +123
    System.Web.UI.WebControls.Login.AttemptLogin() +152
    System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +124
    System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +70
    System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +29
    System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2981
    ——————————————————————————–
    Version Information: Microsoft .NET Framework Version:2.0.50727.4927; ASP.NET Version:2.0.50727.4927