Can someone please tell me how to do the following in SharePoint (WSS 3.0):
Have a user log in (user name and password) on a page and then if correct display the home page of a WSS 3.0 site?
I think it's called forms based authentication.
Here's a video about using Forms Auth. with WSS3 and here are some samples. Basically, you use the login.aspx page in _layouts to collect credentials and cache them. You have to modify web.config to use the membership provider. More on that here.
This is one of the best article on FBA
Save yourself a lot of time and checkout http://sharepointsolutions.com/SharePoint-Add-ons/Products/Pages/ExtranetCollaborationManager.aspx
I have done it several ways but this has made life easier when configuring environments.
As a special case of Forms Based AuthN, in case you don't have to own the DB containing your users, you can rely on Live ID to authenticate users to your site. Haven't tried this, but may help you.
I just believe some JavaScript is enough to do that.Maybe I am Wrong!
Related
I just created a thread in the Liferay forum about my problem, I would appreciate it if you answered here and if possible also there.
I am working with Liferay 6.2.5 CE and this is what I am trying to achieve:
Integrate CAS for SSO
On successful create a Liferay User and
Redirect to default private page or to the requested url
On logout delete the user
Important: Liferay is not going to use any LDAP.
I am stuck in the step two, I am not clear what I need to program or to configure. I found this article that seems to do what I need but it is from 2013 and maybe there is a better way to do it (not modifying directly the server files)
Thank you.
I've had to modify CASFilter too in Liferay 6.2 and I think your only option is to modify server files like the tutorial says. It is not that hard
I have a sharepoint site which works on form based authentication and now I want that sharepoint site to have cookieless authentication.
Basicaly in .Net we have option in web.config to modify the session state and to make cookieless false but how do we implement the same for sharepoint sites.
Please help me in finding best solution
I'm not sure about SharePoint 2010, but SharePoint 2007 does not support cookieless authentication:
“Cookieless” Forms Based Authentication (FBA) in SharePoint 2007
So… MOSS and WSS 3.0 are both now solidly based on the ASP.NET 2.0 platform, so this should all work in a SharePoint site, right? Well, sort of. So basically, no – not at all. Once you update your web.config to use "cookieless mode" everything appears to be working at first. You authenticate, and the ticket magically appears in your URL. The problems start to appear once you begin to navigate around your site. Some URLs have the ticket in them, and some don't. It basically comes down to this – if a URL is written using a standard ASP.NET control, or if you write a relative URL yourself, the ticket is preserved and cookieless FBA works. However, if a SharePoint control writes the URL, it's absolute, the ticket is not written, and FBA breaks.
We ran this past our PSS contacts, and apparently this is a known "issue", and it's not slated to be addressed in the 3.0 product. Basically, the feature is not supported. It no doubt has something to do with SharePoint writing URLs to support Alternate Access Mappings. There's really no reason why it couldn't write them relatively, but it obviously doesn't.
You can reduce a number of cookies by using Claims Based Authentication.
You need to setup Security Token Service as described in this blog post http://blog.sharepointsite.co.uk/2010/11/change-to-session-cookies-for-claims.html
However, note that you'll lose Client Integration, as Office use cookies from IE.
We're planning to use Sharepoint 2010 as a CMS for a website we're building. This site will also have login functionality; and my boss suggested we use Sharepoint's user profile features to store user info (username, password, contact info, etc.) for the site. How is this better then say using a standard list or a database table somewhere? I'm looking into how this could possibly work; but has anyone here tried something similar? Any anecdotes about it you could share? Any constructive input is greatly appreciated.
Thanks,
Frank
You asked for anecdotes. I have an anecdote.
A while back, I was trying to set up a Sharepoint server that exposed users' personal pages to the Internet at large. We wanted to allow authenticated access, but not to require it; that is to say, normal users would have read-only access and additionally the ability to submit InfoPath form data to Sharepoint libraries created to receive the results. The users could thus post public information and create public surveys using Infopath web forms.
When I went to make access public, I ran into a few problems. The "unauthenticated users" option on the preferences page of the document library was greyed out, even when I was logged in with a super-admin account.
In the end, I had to do a little bit of URL hacking to make this work. I had to change "DOC" to "DOCLIST" in the URL I used to access the preferences page (not that exactly, but something like that) and then the "everyone" option became available. In other words, there was actually no official way to do what I was trying to do.
The whole thing left a really sour taste in my mouth about Sharepoint for Internet-facing sites. See also things like this. Sharepoint is really designed for Intranet use only. As an additional downside, it is much more resource-hungry than normal CMSen. A full Sharepoint install can, without a single user, choke a pretty powerful virtual machine. I can't comment on its scalability as I've never done a really large rollout, but I can say that the indexing service is pretty heavy on the CPU.
Seems to me that LDAP would be a better way to store information on users; if you're using Sharepoint, you've probably already got an AD infrastructure. AD stores user profile info in LDAP anyhow - what you see in "Active Directory Users and Computers" is just a glorified LDAP browser.
Here is my initial toughts:
PRO: It's "easy" to merge infomation from outer sources like your AD, to be stored with the "other" user information in order to be displayed using the same means.
CON: I haven't come across a FBA Membership provider for User Profile Store.
I have a web in Sharepoint 2007. I have sites with permission for certain roles. When a user with a role that has not got permission to enter the site, Sharepoint redirects him/her to accessdenied.aspx which has Sharepoint design.
How can I change this redirection so that it goes to a customized one? I don't know if the server will be shared with other Sharepoint webs, so i don't dare to edit accesdenied.aspx directly (i have not verified if i can anyway).
I would need precise code and indications, because i am no guru of Sharepoint.
I wish I could offer you more in terms of precise code, but this website seems to have pretty clear instructions.
Hope that helps.
Check this article for the issue you face when you create your own custom access denied error page and solution proposed in my post.
http://social.technet.microsoft.com/Forums/sharepoint/en-US/9332cbe8-fda4-48de-a397-5f42bff9bf73/sharepoint-2010-custom-access-denied-page
Thanks & Regards,
Syed Abbas
I am creating sharepoint custom solution that will show number of drop down in page. The drop down data is shared in may pages.
I want to persist selected values of the user such that when ever he visit that page or any other page that have same drop down, he should be able to see is saved value pre selected in drop down.
To implement this I have a number of options. Please suggest the best for SharePoint
1)Sharepoint User profiles
2)Sharepoint list
3) Cookie
4) Isolated storage?
Options 3 and 4 here are clientside. But I am looking for any other way that SharePoint provides to save user preferences/personalization information.
Which one is the correct way of doing that in SharePoint?
Thanks
One issue you should be aware of with user profiles is that they are only available for MOSS (as opposed to WSS). In WSS each site has their own User information list. If the solution you are building will need to run in both MOSS and WSS environments, you should plan accordingly.
jt
My instinct tells me to use cookies for this, if it's a fairly simple state you need to persist. This seems to be a part of the UI logic, and I wouldn't bind that to the profile storage.
Pages and web parts have personalization stores as well, but they are generally not shared between instances.
I would go with profile storage, because that's the sort of thing it's there for, although generally when you are writing custom code in SharePoint the idea of best practices kind of gets thrown out the window.