SharePoint Connections Sessions Follow Ups
April 13, 2007
Leaving the BDC Meta Man project
May 8, 2007

SharePoint Connections Session Follow Up: Create an Internet-Facing SharePoint Site

During the Create an Internet-Facing SharePoint Site session I covered the following topics.

  1. Setting up forms based authentication.
  2. Creating your own custom Master Pages and style sheets
  3. Personalizing site content for users.
  4. Leveraging the Business Data Catalog to surface and interact with back end systems.

Each of these topics is broken down more in depth in this blog post.  All the code used during my demos can be found in the rar file linked at the end of this post.

Setting up forms based authentication

Because a brief survey revealed almost the entire audience had already attended a session that covered setting up forms based authentication for SharePoint sites, I moved quickly through the materials related to setting up forms based authentication for SharePoint sites and did not spend a lot of time on it.

At any rate, here are the step by step instructions that describe how to set up a SharePoint site to use forms based authentication.

*Note:  There are also several GREAT blog posts that describe how to set up FBA with SharePoint sites available on the Internet as well.

Andrew Connell has a great article on this topic here:

HOWTO: Configuring a Office SharePoint Server 2007 Publishing Site with Dual Authentication Providers and Anonymous Access

Dan Attis also has two great articles on this topic here:

Office SharePoint Server 2007 Forms Based Authentication (FBA) Walk-through Part 1

Office SharePoint Server 2007 Forms Based Authentication (FBA) w/MySites Walk-through Part 2

Without further adieu, here are the step by step instructions.

Part 1: Create the database FBA will use to store credentials, roles, and users.

1. On your SharePoint development server open Windows Explorer.

2. Navigate to the following directory:

%windir%Microsoft.NETFrameworkv2.0.50727

3. Double click the aspnet_regsql.exe file to open the ASP.NET SQL Server Setup Wizard.

4. Click the Next button.

5. Make sure the Configure SQL Server for application services radio button is selected.

6. Click the Next button.

7. In the Server textbox enter the name of the SQL Server that will hold the database.

8. Make sure the Windows Authentication radio button is selected.

9. In the Database textbox enter SP_FBA_DB.

10. Click the Next button.

11. Click the Next button.

12. Click the Finish button.

Part 2: Configure the ASP.NET Membership and Role Providers to use the SP_FBA_DB database.

1. On your SharePoint development open VS 2005.

2. Click File | New | Web Site.

3. In the templates list box select ASP.NET Web Site.

4. In the Location drop down list, select File System.

5. In the Location text box enter:

c:inetpubwwwrootSP FBA Administration Site

6. Click the OK button.

7. When the Web Site is created, right click the c:…SP FBA Administration Site node in the Solution Explorer and select Add New Item.

8. In the Templates list box select Web Configuration File.

9. Click the Add button.

10. Locate the following code in the web.config file:

<connectionStrings/>

11. Replace the code above with the code below:

<connectionStrings>

<add

name=”SP_FBA_DB_SQL_CONN_STRING”

connectionString=”server=<Your SQL Server Name>

database=SP_FBA_DB;

Integrated Security=SSPI;”

providerName=”System.Data.SqlClient”

/>

</connectionStrings>

12. Replace the <Your SQL Server Name> placeholder with the name of the SQL Server that you installed the database on, in Part 1.

13. Inside the <system.web> section in the web.config file, insert the following code.

<membership defaultProvider=”SP_FBA_DB_AspNetSqlMembershipProvider”>

<providers>

<add

name=”SP_FBA_DB_AspNetSqlMembershipProvider”

type=”System.Web.Security.SqlMembershipProvider,

System.Web,

Version=2.0.0.0, Culture=neutral,

PublicKeyToken=b03f5f7f11d50a3a”

connectionStringName=”SP_FBA_DB_SQL_CONN_STRING”

enablePasswordRetrieval=”false”

enablePasswordReset=”true”

requiresQuestionAndAnswer=”false”

applicationName=”/”

requiresUniqueEmail=”false”

passwordFormat=”Hashed”

maxInvalidPasswordAttempts=”5″

minRequiredPasswordLength=”1″

minRequiredNonalphanumericCharacters=”0″

passwordAttemptWindow=”10″

passwordStrengthRegularExpression=””

/>

</providers>

</membership>

<roleManager

enabled=”true”

defaultProvider=”SP_FBA_DB_AspNetSqlRoleProvider”>

<providers>

<add name=”SP_FBA_DB_AspNetSqlRoleProvider”

type=”System.Web.Security.SqlRoleProvider, System.Web,

Version=2.0.0.0, Culture=neutral,

PublicKeyToken=b03f5f7f11d50a3a”

connectionStringName=”SP_FBA_DB_SQL_CONN_STRING”

applicationName=”/”

/>

</providers>

</roleManager>

14. In VS 2005 Click Website | ASP.NET Configuration.

15. Click the Security link.

16. Click the Select authentication type link.

17. Select the From the internet radio button.

18. Click the Done button.

19. Don’t close IE at this point, we will use it in the next part.

Part 3: Create a user to use for testing purposes.

1. Return to IE.

2. Click the create user link.

3. In the User Name text box enter: SP_FBA_DB_TEST_USER

4. In the Password text box enter: password

5. In the Confirm Password text box enter: password

6. In the E-Mail text box enter SP_FBA_DB_TEST_USER@test.com

7. Click the Create User button.

8. Click the Continue button.

9. Don’t close IE at this point, we will use it again in just a bit.

Part 4: Verify all configuration settings.

1. Return to IE.

2. Click the Provider tab.

3. Click the Select a different provider for each feature (advanced) 4. link.

5. In the Membership Provider section, verify the SP_FBA_DB_AspNetSqlMembershipProvider radio button is selected.

6. Click the Test link next to the SP_FBA_DB_AspNetSqlMembershipProvider Membership Provider.

7. You should see the message: Successfully established a connection to the database.

8. Click the OK button.

9. In the Role Provider section, verify the SP_FBA_DB_AspNetSqlRoleProvider radio button is selected.

10. Click the Test link next to the SP_FBA_DB_AspNetSqlRoleProvider Role Provider.

11. You should see the message: Successfully established a connection to the database.

12. Click the OK button.

Part 5: Create a SharePoint Web Application that will utilize FBA.

Here, we will expose an existing SharePoint Web Application as an extranet site. Basically, we are exposing the same content to extranet users via a different URL, and using FBA to authenticate the users to the site, instead of Active Directory.

1. Open the SharePoint Central Administration web site.

2. Click Start | All Programs | Microsoft Office Server | SharePoint 3.0 Central Administration.

3. Click the Application Management link.

4. Click the Create or extend Web application link.

5. Click the Extend an existing Web application link.

6. In the Web Application drop down list, select Change Web Application.

7. In the Select Web Application popup window, click the default SharePoint Web Application. (SharePoint (80)).

8. In the Description text box enter SharePoint (80) – FBA

9. In the Port text box enter 80.

10. In the Host Header text box enter FBA

11. In the security Configuration section do the following:

12. Select NTLM as the Authentication Provider.

13. Set Anonymous Access to No.

14. Set Use Secure Sockets Layer (SSL) to No.

15. In the Load Balanced URL section change the Zone to Extranet.

16. Click the OK button.

Part 6: Configure FBA for the SharePoint Web Application created in Part 5.

1. Open Windows Explorer.

2. Navigate to the directory where the FBA SharePoint Web Application was created. By default, this location will be:

C:InetpubwwwrootwssVirtualDirectoriesFBA80

3. Open the web.config file in this directory.

4. Locate the following code in the web.config file:

</SharePoint>

5. Add the following code below the line of code above.

<connectionStrings>

<add

name=”SP_FBA_DB_SQL_CONN_STRING”

connectionString=”server=<Your SQL Server Name>

database=SP_FBA_DB;

Integrated Security=SSPI;”

providerName=”System.Data.SqlClient”

/>

</connectionStrings>

6. Replace the <Your SQL Server Name> placeholder with the name of the SQL Server that you installed the database on, in Exercise 1.

7. Locate the following code in the web.config file:

<system.web>

8. Add the following code below the line of code above.

<membership defaultProvider=”SP_FBA_DB_AspNetSqlMembershipProvider”>

<providers>

<add name=”SP_FBA_DB_AspNetSqlMembershipProvider”

type=”System.Web.Security.SqlMembershipProvider,

System.Web,

Version=2.0.0.0, Culture=neutral,

PublicKeyToken=b03f5f7f11d50a3a”

connectionStringName=”SP_FBA_DB_SQL_CONN_STRING”

enablePasswordRetrieval=”false”

enablePasswordReset=”true”

requiresQuestionAndAnswer=”false”

applicationName=”/”

requiresUniqueEmail=”false”

passwordFormat=”Hashed”

maxInvalidPasswordAttempts=”5″

minRequiredPasswordLength=”1″

minRequiredNonalphanumericCharacters=”0″

passwordAttemptWindow=”10″

passwordStrengthRegularExpression=””

/>

</providers>

</membership>

<roleManager

enabled=”true”

defaultProvider=”SP_FBA_DB_AspNetSqlRoleProvider”>

<providers>

<add name=”SP_FBA_DB_AspNetSqlRoleProvider”

type=”System.Web.Security.SqlRoleProvider, System.Web,

Version=2.0.0.0, Culture=neutral,

PublicKeyToken=b03f5f7f11d50a3a”

connectionStringName=”SP_FBA_DB_SQL_CONN_STRING”

applicationName=”/”

/>

</providers>

</roleManager>

Part 7: Configure SharePoint Central Administration so it can also communicate with the SP_FBA_DB database.

1. Open Windows Explorer.

2. Navigate to the directory where the SharePoint Central Administration web application was created.

3. By default, this location will be: C:InetpubwwwrootwssVirtualDirectories<Your Port Here>  The <Your Port Here> placeholder is the port that SharePoint Central Administration uses on your server.

4. Open the web.config file in this directory.

5. Locate the following code in the web.config file:

</SharePoint>

6. Add the following code below the line of code above.

<connectionStrings>

<add

name=”SP_FBA_DB_SQL_CONN_STRING”

connectionString=”server=<Your SQL Server Name>

database=SP_FBA_DB;

Integrated Security=SSPI;”

providerName=”System.Data.SqlClient”

/>

</connectionStrings>

7. Replace the <Your SQL Server Name> placeholder with the name of the SQL Server that you installed the database on, in Exercise 1.

8. Locate the following code in the web.config file:

<system.web>

9. Add the following code below the line of code above.

<membership defaultProvider=”SP_FBA_DB_AspNetSqlMembershipProvider”>

<providers>

<add name=”SP_FBA_DB_AspNetSqlMembershipProvider”

type=”System.Web.Security.SqlMembershipProvider,

System.Web,

Version=2.0.0.0, Culture=neutral,

PublicKeyToken=b03f5f7f11d50a3a”

connectionStringName=”SP_FBA_DB_SQL_CONN_STRING”

enablePasswordRetrieval=”false”

enablePasswordReset=”true”

requiresQuestionAndAnswer=”false”

applicationName=”/”

requiresUniqueEmail=”false”

passwordFormat=”Hashed”

maxInvalidPasswordAttempts=”5″

minRequiredPasswordLength=”1″

minRequiredNonalphanumericCharacters=”0″

passwordAttemptWindow=”10″

passwordStrengthRegularExpression=””

/>

</providers>

</membership>

<roleManager

enabled=”true”

defaultProvider=”AspNetWindowsTokenRoleProvider”>

<providers>

<add name=”SP_FBA_DB_AspNetSqlRoleProvider”

type=”System.Web.Security.SqlRoleProvider, System.Web,

Version=2.0.0.0, Culture=neutral,

PublicKeyToken=b03f5f7f11d50a3a”

connectionStringName=”SP_FBA_DB_SQL_CONN_STRING”

applicationName=”/”

/>

</providers>

</roleManager>

10. The only difference in the web.config entries for the Central Administration web site is as follows: In the FBA SharePoint Web Application web.config file the roleManager tag looks like this:

<roleManager enabled=”true” defaultProvider=”SP_FBA_DB_AspNetSqlRoleProvider“>

In the Central Administration web.config file the roleManager tag looks like this:

<roleManager enabled=”true” defaultProvider=”AspNetWindowsTokenRoleProvider“>

The differences are noted in bold.

Part 8: Adjust your hosts file so the FBA website will resolve properly.

1. Open Windows Explorer.

2. Navigate to the following directory:

3. %windir%system32driversetc

4. Open the hosts file.

5. Add the following line at the end of the file:

127.0.0.1 fba

6. Save the file.

Part 9: Turn on FBA for the FBA SharePoint Web Application created in Part 5.

1. Open the SharePoint Central Administration web site. Click Start | All Programs | Microsoft Office Server | SharePoint 3.0 Central Administration.

2. Click the Application Management link.

3. Click the Authentication providers link.

4. Click the Extend an existing Web application link.

5. In the Web Application drop down list, select Change Web 7. Application.

6. In the Select Web Application popup window, click the default SharePoint Web Application. (SharePoint (80)).

7. When the page refreshes, click the Extranet link.

8. On the Edit Authentication page do the following.

Set Authentication Type to Forms.

Check the Enable anonymous access check box.

In the Membership provider name text box enter:

SP_FBA_DB_AspNetSqlMembershipProvider

In the Role manager name text box enter:

SP_FBA_DB_AspNetSqlRoleProvider

Select the no radio button under Enable Client Integration.

9. Click the Save button.

Part 10: Grant permissions to the SP_FBA_DB_TEST_USER test user you created in the SP_FBA_DB database, so they may access the SharePoint Site.

1. Open the SharePoint Central Administration web site.

Click Start | All Programs | Microsoft Office Server | SharePoint 3.0 Central Administration.

2. Click the Application Management link.

3. Click the Policy for Web application link.

4. In the Web Application dropdown select Change Web Application.

5. Click the SharePoint (80) link.

6. Click the Add Users button.

7. In the Zones drop down list select Extranet.

8. Click the Next > button.

9. In the Users text box enter the name of the test user created in Part 3.

The user name is: SP_FBA_DB_TEST_USER.

10. Click the Check Names button.

11. In the Choose Permissions section check the Full Control Has full control. Check box.

12. Click the Finish button.

Part 11: Test the FBA by logging in with the test user.

1. Open IE.

2. Browse to the following url:

http://fba

3. You will be prompted with the FBA login page.

In the user name text box enter: SP_FBA_DB_TEST_USER

In the Password text box enter: password

4. Click the Sign In button.

Leveraging the Business Data Catalog to surface and interact with back end systems

This portion of my presentation showed how to use the out of the box BDC Web Parts to surface data from back end systems in SharePoint sites secured via Windows Credentials with the Active Directory, as well as showing how to expose BDC data from within a SharePoint site secured via FBA.

The out of the box BDC Web Parts do not work in SharePoint sites secured via FBA.  So, in order to surface BDC data in a SharePoint site secured via FBA, I created a custom Web Part and Web Service to access the BDC data.

The complete source code for the custom Web Part class and the custom Web Service class used to surface BDC data within a SharePoint site secured via FBA may be found in the rar file linked at the end of this post.

As you will see below, returning data from the BDC requires many different steps to be taken.  Hopefully the comments I provided in the code sample below adequately describe how this process is accomplished.

The real nuts and bolts associated with returning data from the BDC looks like this.

[WebMethod]
public DataSet QueryBDC(string sharedResourceProviderName, string lobSystemInstanceName, string entityName)
{

//The DataTable the results from the BDC are stored in
DataTable dataTable = new DataTable(“Resorts”);

//The DataSet the Web Service returns
DataSet dataSet = new DataSet();

//Specify which SSP to use to access BDC data
SqlSessionProvider.Instance().SetSharedResourceProviderToUse(sharedResourceProviderName);

//Create a collection of all the LOB System Instances in the BDC
NamedLobSystemInstanceDictionary sysInstances = ApplicationRegistry.GetLobSystemInstances();

//Create an object representing the LobSystemInstance to return the data from
LobSystemInstance lobSystemInstance = sysInstances[lobSystemInstanceName];

//Create an object representing the Entity to return the data from
Entity bdcEntity = lobSystemInstance.GetEntities()[entityName];

//Create an object representing the MethodInstance to invoke on the Entity
MethodInstance methInst = bdcEntity .GetFinderMethodInstance();

//Create an object we can use to loop through the data returned
IEntityInstanceEnumerator bdcEntityInstanceEnumerator =
(IEntityInstanceEnumerator)bdcEntity.Execute(methInst,
lobSystemInstance);

//Create a collection of all the fields returned
FieldCollection fieldCollection = bdcEntity.GetFinderView().Fields;

//Loop through the collection to create the DataColumns in the DataTable that will hold the results
foreach (Field field in fieldCollection)
{

DataColumn dataColumn = new DataColumn(field.Name, Type.GetType(field.TypeDescriptor.TypeName));
dataTable.Columns.Add(dataColumn);

}

//Populate the DataTable with the data
while (bdcEntityInstanceEnumerator.MoveNext())
{

IEntityInstance iEntityInstance = bdcEntityInstanceEnumerator.Current;
DataRow dataRow = dataTable.NewRow();

foreach (Field field in bdcEntity.GetFinderView().Fields)
{

    if (iEntityInstance[field] != null)
    {

        dataRow[field.Name] = iEntityInstance[field];

    }

    dataTable.Rows.Add(dataRow);

}

}

//Add the DataTable to the DataSet
dataSet.Tables.Add(dataTable);

//Return the DataSet
return dataSet;

}