Home > Uncategorized > Forms Based Authentication Headaches a.k.a FBAH:)

Forms Based Authentication Headaches a.k.a FBAH:)

Here is the situation:


 


-You have set up your SharePoint site to use forms based authentication using standard out of the box System.Web.Security.SqlMembershipProvider provider.


-You have set up your membership provider to use passwordFormat=”Encrypted”


-You are using ASP.NET Web Site Administration Tool to insert your first user


-You hit your sharepoint site , you are redirected to the login page , then you enter user name and password you created above and you are very excited to see everything works like a charm……………Boom……………. You get this message:)



“The server could not sign you in. Make sure your user name and password are correct, and then try again”.




-You are 100% certain that what you entered as username and password is correct,so what the hell is going on and why it is not working?!!!


Well, Let me give you couple of simple advices that might be helpful:


1) Don’t use this ugly tool. Just drag and drop a “CreateUserWizard” control onto your aspx page and hook it up to your membership provider. Sometimes it is much easier to do things yourself  than relying on this strange creature.


2) Most probably, machinekey element in the asp.net application’s web.config is different than the one defined in your SharePoint site’s web.config . Check the keys (validationKey, decryptionKey) and the encryption algorithm to make sure they are identical.


<machineKey validationKey=21F0F891A36D12A278DB4FD8699C164EDBDA1FF9713A546C133CBE26DB026C5A5A10C884EF312DE5123959C8D96638423F8A6A3AE77F39E2B7A2596749B8C275decryptionKey=D868653A8B663BD752B01277E0465C0788D5BB9A5A9A405E validation=SHA1/>


3) It is much easier if you create the first user using “Clear” format using passwordFormat=”Clear” (so you can see the password in database) and when you deploy your provider to the web.config of your SharePoint site you can go ahead and change it to “Encrypted” and re-create the initial user one more time.





Categories: Uncategorized Tags:
  1. No comments yet.
You must be logged in to post a comment.