New Login Stragety in SharePoint 2010

       In recent SharePoint 2010, I got a task from my boss that I should enable form based authentication for the SharePoint site. I remember in SP2007, I need to extend a new site from an existing web application on another port and copy a block of code in serveral place. BUT THAT HAS BEEN HISTORY. You can configure in GUI of IIS 8.0 and complete the whole process in several minutes. In this topic, I don't want to talk about how to configure, since personally, I was benefitted from many internet resource of this topic.

 

      After you complete as the the steps on Internet and confirm you can log on by FBA successfully. Well, please try to find an FBA user in Window Authenticated Mode ONLY. You cannot. Ok, that is not a big problem. You can check both Windows Auth and FBA Auth in Security Provider of Admin site. In this way, really, you can pick the users from both authentications. The new problem is you have to face a embrassing login screen that let you choose the auth way! Well, instead of explaing this screen to our stupid users, you can do as following to cope with this.

 

      In my case, on Port 80, windows authentification would be used while on another port 8080, the user must to pick the authentication way.

 

1. In security provider setting, by default, should switch the login page to the custom page.

2. Create a custom page in /_layouts

<%@ Assembly Name="MWG.MOSS2010.WebPages, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f6c90e3e51b4eeb5"%> <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="WindowAutoLogon.aspx.cs" Inherits="MWG.MOSS2010.WebPages.WindowAutoLogon" %>

 

In the aspx file, you just need to point out the assembly your page refer to. Then in the back site,

namespace MWG.MOSS2010.WebPages{ public partial class WindowAutoLogon : IdentityModelSignInPageBase { protected override void OnLoad(EventArgs e) { base.OnLoad(e); string components = HttpContext.Current.Request.Url.GetComponents(UriComponents.Query, UriFormat.SafeUnescaped); SPUtility.Redirect("/_windows/default.aspx", SPRedirectFlags.Default, this.Context, components); } protected void Page_Load(object sender, EventArgs e) { } }}

/_windows/default.aspx is the page which deals with Win Auth, created by Microsoft. Relatively, there is another page which applies FBA Auth... I cannot remember its name, because I cannot get the environment at home......