之前公司開發的Sharepoint 網站使用的是Classic Mode Authentication方式(基於Windows AD方式),近期的客戶需求需要使這個已投入使用的Sharepoint應用不但能支持原有的AD認證方式,並且還要能支持Form方式。
於是問題出來了,一般我們在新創建一個Web Application時,系統會讓你決定此Web Application到底是基於哪一種Authentication,如下圖:
而一旦你部署了此Web Application,一朝你想要修改它,你在Sharepoint的 Central Administration 界面上就再也找不到重新設定此Web Application認證方式的途徑了。
此處,作為一個整體總結,描述具體的操作步驟(有些步驟,尤其是准備步驟,你可以在網上找到不少的參考,在此處只是作為一個整體把它們備注下來)。
1. 創建Form認證需要使用的用戶數據庫,這里使用AspnetDb。
1.1 在服務器上啟動cmd (最好以Administrator方式啟動) 並轉到目錄 C:\Windows\Microsoft.NET\Framework\v2.0.50727下,也可以通過下圖操作在此目錄下進入cmd命令行模式

1.2 執行 aspnet_regsql.exe命令創建AspnetDb數據庫,各步驟見下圖:

命令運行后出現如下界面

按默認設置一路Next


完成創建后,可以到服務器上找到創建的AspnetDb數據庫。

2. 在AspnetDb數據庫上創建用戶。
你可以自行在AspnetDb上創建用戶,也可以通過工具快速生成用戶。
2.1下載 FBA User Management Tool
http://fbamanagementtool.codeplex.com/
http://cks.codeplex.com/releases/view/7450
2.2 解壓縮MembershipSeeder.zip並啟動release目錄下的 MembershipSeeder.exe,分別設置Config,Users和密碼,然后點擊Create進行創建,如下圖:


這個工具將在AspnetDb中創建 user1 … user50等50個用戶,密碼為!Passw0rd。
可以進入數據庫中查看:

3.配置Sharepoint環境下的相關 Web.config
主要是兩個Web.Config.(建議在配置任何web.config文件之前先備份原文件,以備操作失誤使得SharePoint崩潰時用於恢復)
一是:C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebServices\SecurityToken\web.config
< connectionManagement >
< add address ="*" maxconnection ="10000" />
</ connectionManagement >
</ system.net >
< connectionStrings >
< add name ="FBASQLConnectionString"
connectionString ="Data Source=MySQL;Initial Catalog=aspnetdb;
Persist Security Info=True;User ID=MyApp;Password=MyPwd"
providerName ="System.Data.SqlClient" />
</ connectionStrings >
< system .web >
< roleManager enabled ="true" cacheRolesInCookie ="false" >
< providers >
< add name ="SqlRoleProvider"
type ="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider,
Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral,
PublicKeyToken=71e9bce111e9429c" />
< add connectionStringName ="FBASQLConnectionString"
applicationName ="/"
description ="Stores and retrieves roles from SQL Server"
name ="FBArole"
type ="System.Web.Security.SqlRoleProvider, System.Web,
Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</ providers >
</ roleManager >
< membership >
< providers >
< add name ="SqlMembershipProvider"
type ="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider,
Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral,
PublicKeyToken=71e9bce111e9429c" />
< add connectionStringName ="FBASQLConnectionString"
passwordAttemptWindow ="5"
enablePasswordRetrieval ="false"
enablePasswordReset ="false"
requiresQuestionAndAnswer ="true"
applicationName ="/"
requiresUniqueEmail ="true"
passwordFormat ="Hashed"
description ="Stores and Retrieves membership data from SQL Server"
name ="FBArole"
type ="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</ providers >
</ membership >
< authentication mode ="Windows" />
</ system.web >

二是:修改配置管理中心的web.config
可以通過下圖所示跳到管理中心的Web.config所在目錄:

A.在<configuration>節點下添加
< connectionManagement >
< add address ="*" maxconnection ="10000" />
</ connectionManagement >
</ system.net >
< connectionStrings >
< add name ="FBASQLConnectionString"
connectionString ="Data Source=YourServer;Initial Catalog=aspnetdb;
Persist Security Info=True;User ID=MyApp;Password=MyPwd"
providerName ="System.Data.SqlClient" />
</ connectionStrings >

B.更新roleManager和 membership 節點:
< providers >
< add name ="SqlRoleProvider"
type ="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider,
Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral,
PublicKeyToken=71e9bce111e9429c" />
< add connectionStringName ="FBASQLConnectionString"
applicationName ="/"
description ="Stores and retrieves roles from SQL Server"
name ="FBArole"
type ="System.Web.Security.SqlRoleProvider, System.Web,
Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</ providers >
</ roleManager >
< membership >
< providers >
< add name ="SqlMembershipProvider"
type ="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider,
Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral,
PublicKeyToken=71e9bce111e9429c" />
< add connectionStringName ="FBASQLConnectionString"
passwordAttemptWindow ="5"
enablePasswordRetrieval ="false"
enablePasswordReset ="false"
requiresQuestionAndAnswer ="true"
applicationName ="/"
requiresUniqueEmail ="true"
passwordFormat ="Hashed"
description ="Stores and Retrieves membership data from SQL Server"
name ="FBArole"
type ="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</ providers >
</ membership >
