Forms Authentication
Forms-based authentication is an identity management systemthat is based on ASP.NET membership and role provider authentication. To useforms-based authentication to authenticate users
against an identity managementsystem that is not based on Windows or that is external, you must register themembership provider and role manager in the Web.config file.
Reason of Using Forms Authentication
-
Authentication In default, all the membership authentication is based on AD (ActiveDirection), if the SharePoint Site is publish, it should provide
registerand login, then the authentication based AD need to publish the EnterpriseAD Server in extranet, this is not security and convenient, and FormsAuthentication could resolve it well, So the Forms Based Authentication isthe best method.
Principle of Forms Authentication
·The SharePointforms-based login page collects the credentials of the user, which are thensent to the SharePoint 2010 STS.
·The STS calls themembership provider that is associated with that web application, to validatethe user's credentials.
·If this succeeds, theSTS retrieves the roles that the user belongs to and adds these as claims inthe claims-based token that is sent back to the login page.
·From the login page, after the claims-basedtoken is issued, the user is sent back to the request resource.
Note: Ifauthentication is successful, the Web Service will put the credential key inthe Web Services’ cookie, then theauthenticated
user wouldn’t need provide the credential with everyrequest.
In a Form basedSharePoint site, to invoke a Web Service, the user must be authenticated withtheAuthentication.asmx Web Service.The Web Service will return theLoginResult
objectwhich specifies the authentication status. The Web Service will not generateany exception if the authentication fails; rather the return objectLoginResult
will
contain the login status. If authentication is successful, then the WebService will put the credential key in the Web Services’ cookie. But to put thecredential to the Web Service’s cookie, we need to initialize the cookiecontainer of the Web Service
Beside we should understand the follow Provider:
Membership Provider: responsible for verifying user credentials,changing passwords, etc. As a Membership Provider, we'll useSqlMembershipProvider
(that ships with ASP.NET 2.0). DotNetNuke provides nativesupport for it. We'll just have to copy someweb.config entries, andwe're done. I'll show you that later in this article.
Role Provider: responsible for role management, verifyinguser roles, etc. A role in Forms based authentication is similar to a usergroup in Active Directory. DotNetNuke doesn't
provide native support for SqlRoleProvider(that ships with ASP.NET 2.0), but it does create all stored procedures used byit. The problem is that it does
not populate tables used by SqlRoleProviderwith data from its native role management tables.
Advantages of Forms Authentication
·Forms authenticationsupports authentication against a custom data store, such as a Microsoft SQLServer database or Active Directory services.
·Forms authenticationsupports role-based authorization with role lookup from a data store.
·Forms authenticationis smoothly integrated with the Web user interface.
·ASP.NET provides muchof the infrastructure. Relatively little code is required in comparison toMicrosoft Active Server Pages versions 3.0 and earlier.
·ASP.NET formsauthentication does not require Microsoft Internet Explorer. Formsauthentication supports a wide range of Web browser clients.
·Allows you to defineyour own login and error pages, and create login interfaces that requiresomething other than, or in addition to, the traditional user name and password(such as an
e-mail address or digits of a telephone number.
·The Web Service will putthe credential key in the Web Services’ cookie, then the authenticated userwouldn’t need provide the credential with every request.
Disadvantages of Forms Authentication
·You must help protectthe initial logon credentials by using SSL because the credentials are sent tothe server as plaintext.
·By default, the cookiethat contains the forms authentication ticket is not secured when you use formsauthentication in a Microsoft ASP.NET Web application. You must also make surethat
you help protect the cookie that contains the forms authentication ticket.
Scenario of Forms Authentication
·Allowsyou to define your own login and error pages,andcreate login interfaces that require something other than, or in addition to,the traditional user name
and password (such as an e-mail address or digits ofa telephone number
Demo of Forms Authentication
·The step to Configuration Form Based Authentication
- 1. Setting up ASP.NET Forms Authentication User and Role Data Source
- Create Database
- Configure Membership and Role Provider and Create User
- 2. Create Web Application and Site Collections
- 3. Configure Web.Config file
- Configuring FBA web application web.configfile
- Configuring Central Administration web applicationweb.configfile
- Configuring Security Token Service web.config file
- 4. Adding User Policy to the FBA Web Application
- 5. Verification Steps
How to configuration the Forms Based Autentication step by step reference to my blog about the link:http://blog.csdn.net/tristan_dong/article/details/8225350(configuration
the Forms Based Autentication step by step)
About more infomation to the link:
http://msdn.microsoft.com/en-us/library/hh394901(v=office.14).aspx
分享到:
相关推荐
SharePoint 2010 Forms Authentication Using Custom Membership and Role Providers
FormsAuthentication 权限验证
SharePoint 2013 introduces a new distributed cache service based on Windows Server AppFabric distributed caching. The distributed cache is used in features like authentication, to cache FedAuth ...
802.1x Authentication
802.1X Port-Based Authentication HOWTO 英文,包括代码....
A Comparative Introduction of 4G and 5G Authentication
LDAP-based Authentication for Samba. ...This document demonstrates how to install and configure Samba as a primary Domain Controller with a secure LDAP-based authentication mechanism.
SharePoint加载项Asp.Net身份验证 使用现代中间件方法对Asp.Net应用程序中的SharePoint加载项进行身份验证。... Install-Package AspNet.Owin.SharePoint.Addin.Authentication 或Asp.Net Core: Inst
Deploying SharePoint 2016: Best Practices for Installing, Configuring, and Maintaining SharePoint Server 2016 This book shows you how to install, configure, and maintain the latest release of ...
这是篇密码学综述文章,对加密和认证技术的发展有很清晰的认识,有意学习密码学的人可以参考。
主要介绍了C#中FormsAuthentication用法实例,本文直接给出实现代码,需要的朋友可以参考下
基于ASP.NET+AJAX+FormsAuthentication实现的authenticated users 检索。
Forms based authentication 基于Forms的验证 User management via Membership providers 使用成员提供者管理用户 Role based security 基于角色的安全性 Profiles 个性化 Themes 主题 Master pages ...
FormsAuthentication.RedirectFromLoginPage方法,会自动完成很多功能的。如完成生成身份验证票,写回客户端,浏览器重定向等一系列的动作。当然完成这些功能并不是只有FormsAuthentication.RedirectFromLoginPage方法...
Based Systems]: Real-time and embedded systems General Terms: Design, Security, Theory Additional Key Words and Phrases: RFID security, authentication and key-exchange protocols, universal ...
proposed an anonymous authentication protocol based on elliptic curve cryptography to enhance the efficiency and security strength. However, we identify that Hsieh et al.'s scheme has four ...
Port Based Authentication for Wireless LAN Access Control
In this paper, we formalize the types of authentication and confidentiality goal that IPsec is capable of achie- ving, and we provide criteria that entail that a network with particular IPsec ...
* Create an authentication plan for SharePoint 2010 that meets the business requirements * Create a corporate taxonomy plan for a SharePoint 2010 environment and enable consumption of the terms ...