Implement form authentication in Moss

This article mainly references these articles:

Http://blog.163.com/szmax_limin/blog/static/58182861200711266918320/

Http://www.cnblogs.com/shangmeizhai/category/87313.html

Http://www.cnblogs.com/volnet/archive/2007/04/02/696424.html

Today, I mainly want to implement MOSS form authentication. I checked a lot of information, and now I want to complete the process and paste it.

We mainly want to achieve this: some machines are added to the domain, while the other machines are not added to the domain. Therefore, we hope that you can log on to the moss site using the Windows integrated verification method or form verification method.
Here I will write down the configuration process for his reference.
The configuration process consists of the following parts: 1. Expand the web application; 2. Set the verification method; 3. Modify the Web. config file. 4. Generate a member management table 5. Add users 6. Add Permissions

 

The details are as follows:
1. Go to the "Application Management" page in the management center.

Click "create or expand web application ".
2. on the "create or expand web applications" page, click "Expand existing Web Applications ".

3. on the "extend web applications to other IIS websites" management interface, click "NO content selected" in the "Web Applications" Settings section. In the displayed menu, select change web application ".

4. In the pop-up dialog box, select the moss site you want to configure. I have a site on port 80, And I will select it.

5. After the dialog box disappears, you can see that my website is named "moss" in the "Web application" Setting section ". In this case, select the "Create IIS website" option in the "IIS website" Setting section and set the port number to 81.

6. Scroll down the page, select "yes" in the "Allow Anonymous Access" option, and select "intranet" in the "region" drop-down list box ". Click "OK ".

After completing the above steps, I expanded an image web application with port 81 For My Moss site (address: http: // MOSS/port: 80, two Web applications use the same database. By default, my web application with port 80 is Windows integrated verification. I only need to configure the application with port 81 as form verification to achieve my goal.

Note: The above article usesIntranetActually, I useInternet.The same is true for the lower part.IntranetUseInternetReplace. This is because it is difficult for me to patiently capture the complete picture as the original author did. Sorry for the inconvenience caused.

"Aspnetactivedirectorymembershipprovider", Actually I use"Aspnetsqlmembershipprovider", So pay attention to the settings.

1. Go to the "Application Management" page in the "Management Center" and click "verify provider" in the "Application Security" section ".

2. In the "verify provider" configuration management interface, we can find that in addition to the default provider in the list, there is also a region named "intranet" provider.

3. Click "intranet" to go to the "Edit Verification" page. In the "authentication type" section, select the "form" option and select the "enable Anonymous Access" check box in the "Anonymous Access" section.

4. Pull down the page and enter "aspnetactivedirectorymembershipprovider" in the "membership provider name" Setting section ".----UseAspnetsqlmembershipprovider

 

Role Administrator: Aspnetsqlroteprovider. 

5. Pull down the page scroll bar and click "OK.

6. then, on the returned "Verification provider" interface, you can see the value in the "membership provider name" column of its "intranet" provider, from "Windows" to "aspnetactivedirectorymembershipprovider ".----Here will beAspnetsqlmembershipprovider
After completing the above steps, we changed the authentication method for the Internet region accessed by port 81AspnetsqlmembershipproviderThe provider is system. web. A class in the security namespace. The next article will show you how to modify the web. config file to use this provider to complete the final and most important work.

In the previous article, we set a new form verification provider for the Web application on port 81 of the site's image. Below we also need to modify its web. config file, so that the provider set by it can be used.
　　

1. Go to the home directory of port 81 web application on the disk.
2. Copy a copy as a backup before modifying web. config.

3. Then, we will use visual studio2005 to modify its web. config file.

4. In the Web. config file, <system. Web>Above Section, Add the following configuration section:

<Connectionstrings>

<Add name = "aspnetsqlprovider" connectionstring = "database =Wss_content_0f64aee1faa84ca796fa30c6e72726e0; Server = localhost; user id = sa; Password = 123456; trusted_connection = false; "/>

</Connectionstrings>

Note:Wss_content_0f64aee1faa84ca796fa30c6e72726e0It is the DB corresponding to my site. You can see it through application management --- Content databases of the Management site.

5. Then, you need"SectionAdd the following configuration section:

<Membership defaultprovider = "aspnetsqlmembershipprovider">

<Providers>

<Remove name = "aspnetsqlmembershipprovider"/>

<Add connectionstringname = "aspnetsqlprovider"

Passwordattemptwindow = "10"

Enablepasswordretrieval = "false"

Enablepasswordreset = "true"

Requiresquestionandanswer = "true"

Applicationname = "/"

Requiresuniqueemail = "false"

Passwordformat = "hashed"

Description = ""

Name = "aspnetsqlmembershipprovider"

Type = "system. Web. Security. sqlmembershipprovider, system. Web,

Version = 2.0.3600.0, culture = neutral, publickeytoken = b03f5f7f11d50a3a "/>

</Providers>

</Membership>

<Rolemanager enabled = "true" defaultprovider = "aspnetsqlroleprovider">

<Providers>

<Remove name = "aspnetsqlroleprovider"/>

<Add connectionstringname = "aspnetsqlprovider"

Applicationname = "/"

Description = ""

Name = "aspnetsqlroleprovider"

Type = "system. Web. Security. sqlroleprovider, system. Web,

Version = 2.0.3600.0, culture = neutral, publickeytoken = b03f5f7f11d50a3a "/>

</Providers>

</Rolemanager>

Note: 1) do not write an error in the connectionstringname attribute value, which must be the same as the name used in the previous article to set the provider.
Save the changes.
6. Finally, use IE and type http: // MOSS: 81/in the address box to enter the image site. Click "Log on" in the upper right corner To Go To The following logon page.

OKTo the most critical point.

The authentication method configured above is "membership". Experienced comrades should know that this requires some tables designed by Microsoft, so we need to add these tables to the ones we mentioned above.Wss_content_0f64aee1faa84ca796fa30c6e72726e0.

The procedure is as follows:--Of course, we need to select our own database for the database.Wss_content_0f64aee1faa84ca796fa30c6e72726e0

1. Open aspnet_regsql.exe and use the following statement to start the Configuration Wizard. You can also use the command line parameters to complete the configuration process.
V2.0.50727. You can enter dir in C: \ WINDOWS \ Microsoft. NET \ framework \ to obtain the. NET version number.

Msdn Keyword: aspnet_regsql.exe can be used to find information about relevant parameter configurations.
2. wizard mode (adding application services (membership, configuration files, role management, personalized settings (webpart), and SQL Web event providers) to the database) if you only need to add one of them separately, use the parameter configuration method. The default parameter in the following method is all)


Select the appropriate one as prompted. The first option selected by default is to add tables and stored procedures to the original database to complete the configuration.

Here, select the database you want to add, which is generally the database where the application is located. You can select from the drop-down list.

Click Next To make the previous configuration take effect. If you need to modify the configuration, click the previous step and return the modification before performing the next step.

Click to complete the task of adding a database!

Well, we have completed the key step. Now the table is available, but it is clear that there is no user. Can we add a page by ourselves? You don't have to. Check it out here. Note that the modifications mentioned in the following articleConfigFile output, I am lazy to useConfigConfiguration. However, I added a node"Minrequirednonalphanumericcharacters = "0""

1. First create an ASP. NET web site proposal case
2. Modify the Web. config file to direct the resource to aspnetdb.
3. Create a new membership and provider in Web. config.
4. Use ASP. NET configuration to generate an ingress Interface
5. In the end, the users and passwords that you want to add are added.

Open Microsoft Visual Studio 2005, click File, new, and web site ...]

In the new web site dialog box, select ASP.. NET web site. [location] enter the name and storage location of the project, and click OK]

After you press OK, you can see that there are three cases under formma. config] modify the delimiter string.

Between <configuration> <etettings/> and <system. Web>, modify the original <connectionstrings> as the following information,

<Connectionstrings>

<Add name = "aspnetsqlprovider" connectionstring = "database = wss_content_0f64aee1faa84ca796fa30c6e72726e0; server = localhost; user id = sa; Password = 123456; trusted_connection = false;

</Connectionstrings>

Then, between <system. Web> and <system. Web/>, click the following information,

<Membership defaultprovider = "aspnetsqlmembershipprovider">

<Providers>

<Remove name = "aspnetsqlmembershipprovider"/>

<Add connectionstringname = "aspnetsqlprovider"

Passwordattemptwindow = "10"

Enablepasswordretrieval = "false"

Enablepasswordreset = "true"

Requiresquestionandanswer = "true"

Applicationname = "/"

Requiresuniqueemail = "false"

Passwordformat = "hashed"

Minrequiredpasswordlength = "3"

Minrequirednonalphanumericcharacters = "0"

Description = ""

Name = "aspnetsqlmembershipprovider"

Type = "system. Web. Security. sqlmembershipprovider, system. Web, version = 2.0.3600.0, culture = neutral, publickeytoken = b03f5f7f11d50a3a"/>

</Providers>

</Membership>

<Rolemanager enabled = "true" defaultprovider = "aspnetsqlroleprovider">

<Providers>

<Remove name = "aspnetsqlroleprovider"/>

<Add connectionstringname = "aspnetsqlprovider"

Applicationname = "/"

Description = ""

Name = "aspnetsqlroleprovider"

Type = "system. Web. Security. sqlroleprovider, system. Web, version = 2.0.3600.0, culture = neutral, publickeytoken = b03f5f7f11d50a3a"

/>

</Providers>

</Rolemanager>

After the preceding information is imported, go to [Solution Explorer]Select the rightmost Vertex 【ASP. NET Configuration],ASP. NET is the beginning of a typical Web Application Management Interface

ASP. NET Website management tool

After accessing this website management tool, we first confirm whether the management tool has received the information and specify the provider) are they all connected normally? So we select [provider] vendor, and then click [select different providers (in progress) for each region function )]

After the selection, we can see the following details: [members] and [role providers ], click [begin certificate] To start renewal.

As long as the token is successfully received, the response will return the information that has been established with the token.

If the problem persists, click Security to change the authentication method and increase the user quota; click to select [Signature type]

Select "from network" and click "finish]

Next, select [create user]. You can add new roles, but our roles will use the WSS role.

After a user is created, the following table lists the role information. If a role is added, the role can be selected, remember to select the current user, and then click Create user]

After you Click create user, the following information is displayed: [complete...]. Click [Add User] to add a user.

After the establishment is complete, you can view the user-role-related information in the [Security] region.

So far, we have appended several tables that we just created. When we log on to our site with a new user, we cannot perform any operations because we do not have any permissions assigned.

Continue now.

Configuration Management Center

Open the magnetic circuit of the Management Center(For example, here isC: \ Inetpub \ wwwroot \ WSS \ virtualdirectories/35784, You can openIISLocate the physical path for Site Management)ModifyWeb. configFile.

Web. configThe file is modified as follows:

A.Add a responseConnectionstringsTo receive the stored metadataSQLData Transmission

<Connectionstrings>

<Add name = "aspnetsqlprovider" connectionstring = "database = wss_content_0f64aee1faa84ca796fa30c6e72726e0; server = localhost; user id = sa; Password = 123456; trusted_connection = false;

</Connectionstrings>

B.InSystem. WebAdd members and roles to the source-Indicates the user of this System/Where is the role stored?

<Membership defaultprovider = "aspnetsqlmembershipprovider">

<Providers>

<Remove name = "aspnetsqlmembershipprovider"/>

<Add connectionstringname = "aspnetsqlprovider"

Passwordattemptwindow = "10"

Enablepasswordretrieval = "false"

Enablepasswordreset = "true"

Requiresquestionandanswer = "true"

Applicationname = "/"

Requiresuniqueemail = "false"

Passwordformat = "hashed"

Description = ""

Name = "aspnetsqlmembershipprovider"

Type = "system. Web. Security. sqlmembershipprovider, system. Web,

Version = 2.0.3600.0, culture = neutral, publickeytoken = b03f5f7f11d50a3a "/>

</Providers>

</Membership>

<Rolemanager enabled = "true" defaultprovider = "aspnetwindow#enroleprovider">

<Providers>

<Remove name = "aspnetsqlroleprovider"/>

<Add connectionstringname = "aspnetsqlprovider"

Applicationname = "/"

Description = ""

Name = "aspnetsqlroleprovider"

Type = "system. Web. Security. sqlroleprovider, system. Web,

Version = 2.0.3600.0, culture = neutral, publickeytoken = b03f5f7f11d50a3a "/>

</Providers>

</Rolemanager>

C.Sorry, I want to change the place I mentioned above.,Lower than limit

Http: // MOSS: 81Medium role: <Rolemanager enabled = "true" defaultprovider = "aspnetsqlroleprovider">

Region in the Management Center: <Rolemanager enabled = "true" defaultprovider = "aspnetwindow#enroleprovider">

Different from each other. Remember to change it. Otherwise, your management center will useAdLogin Login Failed

Then, enterSharePointManagement Center,Application Management ---- site collection administrators.

Set the primary site collection Administrator (secondary website collection administrator) of the image site to any one of the users we just added to the database, then we can use this user to log on to our image site.

Avoid:You need to use The secondary website collection administrator can log on to the website, and then set the permission of other users..

Okay, it's all over. It's a long time.

Thank you for the reference authors mentioned at the beginning of this article.