Forms based authentication in sharepoint 2013 using custom membership provider

I am developing  FBA  for SP2013 using custom membership provider using the following link 
http://benredl.wordpress.com/2012/10/03/creating-forms-based-authentication-and-user-profiles-in-sharepoint-2013-using-custom-membership-and-role-providers-and-a-custom-user-profile-synchronization-utility/
the feature i am trying to develop is that the user is created using a homegrown asp.net  application which uses sql server 
and then When that user goes to SP2013 he should be able to login with the username and password created using the homegrown asp.net application 
my questions are following 
If I follow the article in the link should i be taking the assembly(dll) and deploying it to GAC or will VS2013 automatically do it
Do I have to implement  FindUserByEmail and FindUserByName methods ?
if the connectionstring for an asp.net application is in the web.config file  where would the connection for the sqlserver go if this application is for SharePoint 
TIA

Hi TIA,
try this it contains the code for you and it is ready
http://sharepoint2013fba.codeplex.com/
Kind Regards, John Naguib Technical Consultant/Architect MCITP, MCPD, MCTS, MCT, TOGAF 9 Foundation

Similar Messages

  • Form Based Authentication in SharePoint 2013: Getting The remote server returned an error: (500) Internal Server Error

    Hi
     I configured forms based authentication mode in Sharepoint 2013 site. When i tried to log in with windows authentication prompt it throws the following error
    The remote server returned an error: (500) Internal Server Error
    [WebException: The remote server returned an error: (500) Internal Server Error.] System.Net.HttpWebRequest.GetResponse() +8548300 System.ServiceModel.Channels.HttpChannelRequest.WaitForReply(TimeSpan timeout) +111 [ProtocolException:
    The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (application/soap+msbin1). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first
    1024 bytes of the response were: '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    How to fix this issue?
    Regards,
    Siva

    Did you create a new web application or modify an existing web application?
    I would start by checking the ULS logs, maybe there is an incorrect setting within one of the web.config files, or SQL permissions.
    Also, as suggested above, check application pools are running.
    This blog post is a great guide for setting up FBA, check it through to make sure you haven't missed any steps:
    http://blogs.technet.com/b/ptsblog/archive/2013/09/20/configuring-sharepoint-2013-forms-based-authentication-with-sqlmembershipprovider.aspx

  • Clientside authentication in sharepoint 2013 using spservices

    Hi,
    Can anyone give me solution for Clientside authentication  in sharepoint 2013 using spservices 

    Hi Dennis,
    I want to check credentials
    for user dynamically  in Client object Model or spservices.I know that we can pass username and password through Network credentials using Client object Model,but i passed statically(username,password).
    Do have any solution regarding this.
    Please provide me  any links or solution for this problem.

  • Benefit of SharePoint 2013 sql server membership provider

    Hi All,  Please share your thoughts for this..
    We are working with SharePoint 2013 public facing website with Form based authentication. Anyone can register and start using our site. We are storing
    all the user related data in Active directory. As of now we are having around 25000 users in our portal . We are planning to move all external user information from AD to SQL membership table. Could you please suggest me to benefit of using SQL membership
    instead AD

    performance-wise, they're pretty similar either way (given a single dedicated role server).
    security-wise, compared to SQL, AD makes some data easier to access (since LDAP queries can expose data to any user), but harder to hack (obtain copy of hashed passwords)
    As far as management, there is NO management interface for the SQL membership provider... including USERS (reset password, lock/unlock account, etc), not just groups.
    As far as SSO technology, SqlMembershipProvider is absolutely NOT an SSO technology. Not to say that it can't be used for logins, but authentication and single sign-on are two very different goals.
    I would also argue that since you can't decrypt the AD passwords, the move to SQL is going to be a little difficult for users.
    And, have you considered adding another AD server instead? With a little bit of fiddling around, you can add a dedicated AD server and prioritize SP authentication requests where you want.
    Scott Brickey
    MCTS, MCPD, MCITP
    www.sbrickey.com
    Strategic Data Systems - for all your SharePoint needs

  • MOBI SSO with trusted authentication and form based authentication

    Dear All,
    I am trying to configure Trusted authentication based SSO FOR MOBI, here are the details:
    - SAP BI 4.1 SP04
    - Trusted authentication with HTTP header configurred for BI Launchpad and working fine.
    Now to have SSO from Mobile, I plan to leverage the existing configuration of BI Launchpad and at Mobile level, I want to use authentication type as TRUSTED_AUTH_FORM, instead of TRUSTED_AUTH_BASIC, with the approach: Trusted authentication with HTTP header.
    And
    Provide our app users their X502 certs.
    1. Will the above approach work ??
    2. As per SAP NOTE: 2038165 - SSO using form based trusted auth gives with the SAP BI app for iOS gives error MOB00920 this does not work and is still under investigation from July last year ? So for any community member, has this been found working ??
    I would appreciate your valuable inputs.
    Regards,
    Sarvjot Singh

    Hi,
    According to your post, my understanding is that you want to know the difference of the SharePoint three type user authentications.
    Windows claims-based authentication uses your existing Windows authentication provider (Active Directory Domain Services [AD DS]) to validate the credentials of connecting clients. Use this authentication to allow AD DS-based accounts access to SharePoint
    resources. Authentication methods include NTLM, Kerberos, and Basic.
    Forms-based authentication can be used against credentials that are stored in an authentication provider that is available through the ASP.NET interface
    SAML token-based authentication in SharePoint 2013 requires coordination with administrators of a claims-based environment, whether it is your own internal environment or a partner environment.
    There is a good article contains all the SharePoint Authentications, including how they work and how to configure.
    http://sp77.blogspot.com/2014/02/authentication-in-sharepoint-2013_5.html#.VFcyQ_mUfkJ
    Thanks & Regards,
    Jason
    Jason Guo
    TechNet Community Support

  • Issue with form based Authentication in three tier sharepoint 2013 environment.

    Hi,
    We are facing issue with form based Authentication in three tier environment.
    We are able to add users to the database and in SharePoint.
    But we are not able to login with created users.
    In single tier everything working fine
    Please help , Its urgent ... Thanks in advance.
    Regards,
    Hari
    Regards, Hari

    if the environments match, then it sounds like a kerberos double-hop issue
    Scott Brickey
    MCTS, MCPD, MCITP
    www.sbrickey.com
    Strategic Data Systems - for all your SharePoint needs

  • Form Based Authentication not working for my sharepoint site.

    I am using FIM 2010 r2 on Sharepoint -80 . I tried to use forms based authentication instead of default windows based auth. But the site is not even redirecting to the custom login page i am trying to connect .
    Any suggestions ?

    Issue has been resolved.  There was no interesting work-a-round or fix involved.

  • Forcing specific clients or groups to use forms based authentication (FBA) instead of windows based authentication (WIA) with ADFS

    Hi,
    We are have a quite specific issue. The problem is most likely by design in ADFS 3.0 (running on Windows Server 2012 R2) and we are trying to find a "work-around".
    Most users in the organization is using their own personal computer and everything is fine and working as expected, single sign-on (WIA) internally to Office 365 and forms based (FBA) externally (using Citrix NetScaler as reverse proxy and load
    balancing with the correct rewrites to add client-ip, proxy header and URL-transformation).
    The problem occurs for a few (50-100) users where they are sharing the same computer, automatically logged on to the computer using a generic AD-user (same for all of them). This AD-user they are logged on with does not have any access to Office365
    and if they try to access SharePoint Online they receive an error that they can't login (from SharePoint Online, not ADFS).
    We can't change this, they need to have this generic account logged on to these computers. The issue occurs when a user that has access to SharePoint Online tries to access it when logged on with a generic account.
    They are not able to "switch" from the generic account in ADFS / SharePoint Online to their personal account.
    The only way I've found that may work is removing IE as a WIA-capable agent and deploy a User-Agent version string specific to most users but not the generic account.
    My question to you: Is there another way? Maybe when ADFS sees the generic user, it forces forms based authentication or something like that?
    Best regards,
    Simon

    I'd go with your original workaround using the user-agent and publishing a GPO for your normal users that elects to use a user-agent string associated with Integrated Windows Auth.. for the generic accounts, I'd look at using a loopback policy that overwrites
    that user agent setting, so that forms logon is preferred for that subset of users. I don't think the Netscaler here is useful in this capacity as it's a front-end proxy and you need to evaluate the AuthZ rules on the AD FS server after the request has been
    proxied. The error pages in Windows Server 2012 R2 are canned as the previous poster mentioned and difficult to customize (Javascript only)...
    http://blog.auth360.net

  • Issues with OSSO ,custom login module and form based authentication

    Hi:
    We are facing issues with OSSO (Oracle Single Sign on ),Our application use the form based
    authentication and Custom login module.
    Application is going in infinite loop when we we try to login using osso ,from the logs
    what I got is looks like tha when we we try to login from OSSO application goes to the login
    page and it gets the remote user from request so it forwards it to the home page till now
    it is correct behaviour ,but after that It looks like home page find that authentication is
    not done and sends it back to the login page and login page again sends it to the home as it
    finds that remote user is not null.
    Our web.xml form authentication entry looks like this :
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/jsp/login.jsp</form-login-page>
    <form-error-page>/jsp/couldnotlogin.jsp</form-error-page>
    </form-login-config>
    </login-config>
    While entry in orion-application.xml has the following entry for custom login :
    <jazn provider="XML">
         <property name="custom.loginmodule.provider" value="true" />
    <property name="role.mapping.dynamic" value="true" />
    </jazn>
    Whether If I change the authentication type to BASIC and add the following line
    in orion-application.xml will solve the issue :
    <jazn provider="XML">
         <property name="custom.loginmodule.provider" value="true" />
    <property name="role.mapping.dynamic" value="true" />
    <jazn-web-app auth-method="SSO" >
    </jazn>
    Any help regarding it will be appreciated .
    Thanks
    Anil

    Hi:
    We are facing issues with OSSO (Oracle Single Sign on ),Our application use the form based
    authentication and Custom login module.
    Application is going in infinite loop when we we try to login using osso ,from the logs
    what I got is looks like tha when we we try to login from OSSO application goes to the login
    page and it gets the remote user from request so it forwards it to the home page till now
    it is correct behaviour ,but after that It looks like home page find that authentication is
    not done and sends it back to the login page and login page again sends it to the home as it
    finds that remote user is not null.
    Our web.xml form authentication entry looks like this :
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/jsp/login.jsp</form-login-page>
    <form-error-page>/jsp/couldnotlogin.jsp</form-error-page>
    </form-login-config>
    </login-config>
    While entry in orion-application.xml has the following entry for custom login :
    <jazn provider="XML">
         <property name="custom.loginmodule.provider" value="true" />
    <property name="role.mapping.dynamic" value="true" />
    </jazn>
    Whether If I change the authentication type to BASIC and add the following line
    in orion-application.xml will solve the issue :
    <jazn provider="XML">
         <property name="custom.loginmodule.provider" value="true" />
    <property name="role.mapping.dynamic" value="true" />
    <jazn-web-app auth-method="SSO" >
    </jazn>
    Any help regarding it will be appreciated .
    Thanks
    Anil

  • Forms Based Authentication in Project Server 2013

    Hi,
    I have created a PWA web app with SQL Forms Based Authentication. I am able to login and able to see the Project Center page.
    But the Project Center Web Part is not getting displayed. Also facing the same issue while
    Enterprise Custom Fields and Look up page,
    the page is blank
    When user tries to edit user in Manage Users page under Security, that page is also blank
    Projects ribbon doesn't show up
    User not able to create projects
    Kindly provide some pointers for the same.
    Thanks & regards,
    Divyang Agrawal

    Hi Kirtesh,
    Thanks for the response.
    The issue here is not related to hardware, but it is regarding the user not having appropriate rights to do the above mentioned operations.
    Are there few more steps that are required for the FBA, where a user needs to be given access rights explicitly.
    The users I have used for now have been added to administrator's group and have full rights on the system.
    Also, when I try to create a Project in the instance using the CSOM code and passing the user's credentials who is a part of Administrator Group., it gives me a 403 forbidden exception.
    Kindly provide some inputs for the same.
    Regards,
    Divyang Agrawal

  • Any one else have problems using 'FORM' based authentication in OC4J?

    Since I couldn't find any information on this from Oracle I went with the specifications from Orion.
    I am using Oracle Internet Directory Server for authentication of OC4J apps. I followed Orions specs for writing and pluging in your own usermanger to make calls to OID. Everything works fine when I use BASIC authentication but when I use FORM based authentication it fails to send the browser to the original url that was requested.
    The browser just displays a blank screen?
    You can tell that the client is authenticated because you can just request the URL again and it's displayed without prompting for a username/password.
    For the login in screen the only specs Orion gives is that your form has to have an action of 'j_security_check' and pass 'j_username' and 'j_password'.
    Does oracle have another way to do this, or has anyone else experienced this and no a way to fix it?

    Tom,
    Custom user authentication in Oc4J 1.0.2.2 is same in both Oc4J and Orion and we have tested that form based authentication works
    fine. In 9iAS Release 2 Oracle has an integerated JAAS implementation with OC4J which you can configure either to authenticate users from a encrypted file or users stored in OID.

  • How To Use HttpUnit With FORM-based Authentication?

    I'm just getting started with HttpUnit, and I'm having a problem:
    How does one use HttpUnit with FORM-based authentication?
    I have a Web app where I specify a number of protected URLs. When a user tries to invoke one of them in a browser, Tomcat 4.1.30 brings up a login page that I specified and asks for a username and password. The values given by the user is checked against the tomcat-users.xml file. If the user is valid, Tomcat
    forwards the response from the original request. If invalid, an error page is displayed. The user is considered valid until either the session times out or the browser is closed.
    Does HttpUnit have to log into the app every time I run a test? How does it manage subsequent pages after login?

    I don't think that's true. HttpUnit is 100% Java and based on JUnit. HttpUnit has nothing to do with Apache, AFAIK. HttpUnit is for unit testing servlets and JSPs. Apache is a Web server. It doesn't have a servlet/JSP engine, unless you bolt Tomcat on top of it.
    Perhaps we're talking about two different packages. - %

  • Updating password for Form Based authentication database using code

    Hi,
    We have created FBA(Form Based authentication) for SP2010. We are storing all the usernames and Passwords in FBA database. If any user changes their password needs to be save in FBA Database with latest password.
    can any one suggest me how to do this one.....
    Thanks....

    https://msdn.microsoft.com/en-us/library/system.web.security.membershipprovider.changepassword(v=vs.110).aspx
    Scott Brickey
    MCTS, MCPD, MCITP
    www.sbrickey.com
    Strategic Data Systems - for all your SharePoint needs

  • Form Based Authentication on Tomcat with custom index.jsp page...

    Hi there ppl,
    I've got Form Based Authentication working correctly on my Tomcat server but I want to override the default generated index.jsp after successfully logging on. I've tried placing my own index.jsp in the directory that's restricted, but its only overridden by the default one when successfully logged on which displays:
    "Authentication Mechanism FORM"
    This means having to navigate by typing the url in the address bar to another page which is gets really annoying afterawhile.
    Any help on this would be much appreciated,
    thanks already

    Yes there's a default generated index.jsp page that I'm having trouble overriding with one of my own. Have you used Form Based Authentication before? To do so you have edit the WEB-INF/web.xml file by adding:
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>Secure Area</web-resource-name>
    <url-pattern>/test/secure/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>admin</role-name>
    </auth-constraint>      
    </security-constraint>
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/test/secure/loginpage.jsp</form-login-page>
    <form-error-page>/test/secure/errorpage.jsp</form-error-page>
    </form-login-config>
    </login-config>
    When you attempt to first go to any page in my /test/secure/ directory you get redirected to the /test/secure/loginpage.jsp where you have to login as a tomcat user, when succesfully logged on you get redirected to an index.jsp page which is NOT the one I created in test/secure/index.jsp. Even when I type in the url to go to my own test/secure/index.jsp I still don't get my own one that exists there, but instead get the default one that's generated that displays:
    "Authentication Mechanism FORM".
    Hope that makes more sense.
    I've tried restarting tomcat but it makes no difference.

  • Error re-logging in after session timeout using form-based authentication

    Hello,
    We have a web app configured for form-based authentication. When the session times out, we're redirected to our login page as expected. However, after re-logging in, we are not redirected to the desired page (e.g., /faces/OurMainPage.jspx) but to /afr/page_lev_idle.gif.
    Do we have to do anything special for session timeouts?
    Thanks,
    Rico

    Some extra information that might help:
    After re-logging in and we're in /afr/page_lev_idle.gif, we hit the browser Back button (showing the login page again) and then hit the browser Refresh/Reload button and voila we're at the page we expect to be.
    Rico

Maybe you are looking for

  • [REQUEST] UEFI/GOP BIOS for R9 270X GAMING 2G

    R9 270X GAMING 2G S/N: 602 - V303 - 020B1402067244

  • Web service login operation that will return a session id.

    posted Today 9:42:22 AM private message Quote Hi, I am very new to web services I just started on this technology a couple of days ago. My manager requires me to create a web service and expose the login(user, password) and logout(sessionid) methods.

  • Display universal work item from CRM work list

    Hello all, In ECC system, we have defined several workflows. We can see the work item from the universal work list via the portal. Now, we have a new request, we would like to see these work items form CRM work list. I have checked the custo and I ha

  • Odd messages

    A message recently appearred on my iphone in the text box (ie the one you write in to send a text) I did not write this message and no one else had access to my phone , so has anyone any ideas how it got there ? I have and I phone 4gs and the message

  • Want to Upgrade my MacPro (Dual Core) 2.66 Ghz to a SSD

    Hi, I would like to upgrade my current MacPro (Dual Core) 2.66Ghz computer that has a 250GB HD to a possible 256 SSD or bigger. Are they compatible? I dont know if this matters or not but I also have 10gb of RAMM.