|
第一步:新建FBA验证的站点
第二步:配置Web Config
需要配置3处的web.config,分别为配置站点的web.config,管理中心网站,SecurityToken
1.SecurityToken (路径:"C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebServices\SecurityToken\web.config")
可能需要手动添加<system.web>节,配置如下:
View Code
1 <membership defaultProvider="i">
2 <providers>
3 <add name="SqlProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="SqlServices" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="true" passwordFormat="Encrypted" applicationName="ParentPortal" requiresUniqueEmail="true" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" />
4 </providers>
5 </membership>
6 <roleManager defaultProvider="c">
7 <providers>
8 <add name="SqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="SqlServices" />
9 </providers>
10 </roleManager>
添加<connectionStrings>:
1 <add name="SqlServices" connectionString="Server=your server;Database=your database;User ID=your user id;Password=your password" />
从当前站点的web.config处拷贝<machineKey>节,放置于<system.web>节下。
如果需在页面显示错误信息,在<system.serviceModel> --> <behaviors> --> <serviceBehaviors>下添加:
1 <serviceDebug includeExceptionDetailInFaults="True" httpHelpPageEnabled="True" />
2.配置站点的web.config
在<system.web>节,添加如下配置:
View Code
1 <membership defaultProvider="i">
2 <providers>
3 <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
4 <add name="SqlProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="SqlServices" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="true" passwordFormat="Encrypted" applicationName="ParentPortal" requiresUniqueEmail="true" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" />
5 </providers>
6 </membership>
7 <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false">
8 <providers>
9 <add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
10 <add name="SqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="SqlServices" />
11 </providers>
12 </roleManager>
添加<connectionStrings>,字符串与1中相同
3.配置管理中心的web.config
在<system.web>节,添加如下配置:
View Code
1 <roleManager defaultProvider="AspNetWindowsTokenRoleProvider">
2 <providers>
3 <add name="SqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="SqlServices" />
4 </providers>
5 </roleManager>
6 <membership defaultProvider="AspNetSqlMembershipProvider">
7 <providers>
8 <add name="SqlProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="SqlServices" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="true" passwordFormat="Encrypted" applicationName="ParentPortal" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" />
9 </providers>
10 </membership>
添加<connectionStrings>,字符串与1中相同
membership配置说明参考:http://msdn.microsoft.com/zh-cn/library/vstudio/a28ctsa5.aspx
常见问题:
- 如果需要密码找回功能,需要设置enablePasswordRetrieval为true且passwordFormat设置为Encrypted或Clear
- 如果需要密码重置功能,需要设置enablePasswordReset为true
- 如果需要根据密码提示问题和答案找回密码,需要设置requiresQuestionAndAnswer为true且passwordFormat设置为Encrypted或Clear
- minRequiredPasswordLength:最少密码长度,默认为7
- minRequiredNonalphanumericCharacters:密码最少包含的特殊字符数,默认为1
第三步:创建登录页面
1.创建一个aspx页面(样式自行定义)
View Code
1 <%@ Assembly Name="$SharePoint.Project.AssemblyFullName$" %>
2 <%@ Assembly Name="Microsoft.SharePoint.IdentityModel, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
3 <%@ Assembly Name="Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
4 <%@ Import Namespace="Microsoft.SharePoint.WebControls" %>
5 <%@ Register TagPrefix="SharePoint" Namespace="Microsoft.SharePoint.WebControls"
6 Assembly="Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
7 <%@ Register TagPrefix="Utilities" Namespace="Microsoft.SharePoint.Utilities" Assembly="Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
8 <%@ Import Namespace="Microsoft.SharePoint" %>
9 <%@ Assembly Name="Microsoft.Web.CommandUI, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
10
11 <%@ Page Language="C#" AutoEventWireup="true" Inherits="MemberShipLogon.FormsSignInPage"
12 MasterPageFile="~/_layouts/simple.master" %>
13
14 <asp:Content ID="Content1" ContentPlaceHolderID="PlaceHolderPageTitle" runat="server">
15 <SharePoint:EncodedLiteral runat="server" EncodeMethod="HtmlEncode" ID="ClaimsFormsPageTitle" />
16 </asp:Content>
17 <asp:Content ID="Content2" ContentPlaceHolderID="PlaceHolderPageTitleInTitleArea"
18 runat="server">
19 <SharePoint:EncodedLiteral runat="server" EncodeMethod="HtmlEncode" ID="ClaimsFormsPageTitleInTitleArea" />
20 </asp:Content>
21 <asp:Content ID="Content3" ContentPlaceHolderID="PlaceHolderSiteName" runat="server" />
22 <asp:Content ID="Content4" ContentPlaceHolderID="PlaceHolderMain" runat="server">
23 <div id="SslWarning" style="color: red; display: none">
24 <SharePoint:EncodedLiteral runat="server" EncodeMethod="HtmlEncode" ID="ClaimsFormsPageMessage" />
25 </div>
26 <script language="javascript" type="text/javascript">
27 // if (document.location.protocol != 'https:') {
28 var SslWarning = document.getElementById('SslWarning');
29 SslWarning.style.display = '';
30 // }
31 </script>
32 <asp:Login ID="loginControl" FailureText="<%$Resources:wss,login_pageFailureText%>"
33 runat="server" Width="100%" OnLoggingIn="signInControl_LoggingIn" OnAuthenticate="signInControl_Authenticate">
34 <LayoutTemplate>
35 <strong>*</strong>
36 <label>Username:</label>
37 <asp:TextBox ID="UserName" autocomplete="off" runat="server" />
38 <strong>*</strong>
39 <label>Password:</label>
40 <asp:TextBox ID="Password" TextMode="Password" autocomplete="off" runat="server"/>
41 <asp:CheckBox ID="RememberMe" runat="server" CssClass="checkBox" />
42 <span>Sign me in automatically</span>
43 <asp:Label ID="FailureText" class="ms-error" runat="server" />
44 <asp:Button ID="login" CommandName="Login" Text="Log In" runat="server" />
45 <asp:Button ID="btnCancel" Text="Cancel" runat="server" />
46 </LayoutTemplate>
47 </asp:Login>
48 </asp:Content>
49
2.代码
View Code
1 using System;
2 using System.Collections.Generic;
3 using System.Linq;
4 using System.Web;
5 using System.Web.UI;
6 using System.Web.UI.WebControls;
7 using LoginControl = System.Web.UI.WebControls.Login;
8 using System.Security;
9 using Microsoft.SharePoint;
10 using Microsoft.SharePoint.WebControls;
11 using Microsoft.SharePoint.IdentityModel;
12 using Microsoft.SharePoint.IdentityModel.Pages;
13 using System.IdentityModel.Tokens;
14 using Microsoft.SharePoint.Administration;
15 using System.Web.Security;
16 using Microsoft.SharePoint.Utilities;
17
18 namespace MemberShipLogon
19 {
20 public partial class FormsSignInPage : IdentityModelSignInPageBase
21 {
22 protected void Page_Load(object sender, EventArgs e)
23 {
24 ClaimsFormsPageMessage.Text = "";
25 loginControl.Focus();
26 }
27
28 protected void signInControl_LoggingIn(object sender, LoginCancelEventArgs e)
29 {
30 LoginControl login = sender as LoginControl;
31 login.UserName = login.UserName.Trim();
32 if (string.IsNullOrEmpty(login.UserName))
33 {
34 ClaimsFormsPageMessage.Text = "The server could not sign you in. The user name cannot be empty.";
35 e.Cancel = true;
36 }
37 }
38
39 private void EstablishSessionWithToken(SecurityToken securityToken)
40 {
41 if (null == securityToken)
42 {
43 throw new ArgumentNullException("securityToken");
44 }
45 SPFederationAuthenticationModule fam = SPFederationAuthenticationModule.Current;
46 if (null == fam)
47 {
48 throw new ArgumentException(null, "FederationAuthenticationModule");
49 }
50 fam.SetPrincipalAndWriteSessionToken(securityToken);
51 }
52
53 protected void signInControl_Authenticate(object sender, AuthenticateEventArgs e)
54 {
55 SecurityToken token = null;
56 LoginControl formsLoginControl = sender as LoginControl;
57
58 if (null != (token = GetSecurityToken(formsLoginControl)))
59 {
60 EstablishSessionWithToken(token);
61 e.Authenticated = true;
62 base.RedirectToSuccessUrl();
63 }
64 }
65
66 private SPIisSettings IisSettings
67 {
68 get
69 {
70 SPWebApplication webApp = SPWebApplication.Lookup(new Uri(SPContext.Current.Web.Url));
71 SPIisSettings settings = webApp.IisSettings[SPUrlZone.Default];
72 return settings;
73 }
74 }
75
76 private SecurityToken GetSecurityToken(LoginControl formsLoginControl)
77 {
78 SecurityToken token = null;
79 SPIisSettings iisSettings = IisSettings;
80 Uri appliesTo = base.AppliesTo;
81
82 if (string.IsNullOrEmpty(formsLoginControl.UserName) ||
83 string.IsNullOrEmpty(formsLoginControl.Password))
84 return null;
85
86 SPFormsAuthenticationProvider authProvider = iisSettings.FormsClaimsAuthenticationProvider;
87 token = SPSecurityContext.SecurityTokenForFormsAuthentication(
88 appliesTo,
89 authProvider.MembershipProvider,
90 authProvider.RoleProvider,
91 formsLoginControl.UserName,
92 formsLoginControl.Password);
93
94 return token;
95 }
96
97 }
98 }
补充:
1.注册
View Code
1 MembershipCreateStatus status = new MembershipCreateStatus();
2
3 newUser = Membership.CreateUser(username, password, email, question, answer, true, out status);
4
5 if (newUser == null)
6 {
7 lblErrorMessage.Text = GetErrorMessage(status);
8 lblErrorMessage.Visible = true;
9 }
10 public string GetErrorMessage(MembershipCreateStatus status)
11 {
12 switch (status)
13 {
14 case MembershipCreateStatus.DuplicateUserName:
15 return "Username already exists. Please enter a different user name.";
16
17 case MembershipCreateStatus.DuplicateEmail:
18 return "A username for that e-mail address already exists. Please enter a different e-mail address.";
19
20 case MembershipCreateStatus.InvalidPassword:
21 return "The password provided is invalid. Please enter a valid password value.";
22
23 case MembershipCreateStatus.InvalidEmail:
24 return "The e-mail address provided is invalid. Please check the value and try again.";
25
26 case MembershipCreateStatus.InvalidAnswer:
27 return "The password retrieval answer provided is invalid. Please check the value and try again.";
28
29 case MembershipCreateStatus.InvalidQuestion:
30 return "The password retrieval question provided is invalid. Please check the value and try again.";
31
32 case MembershipCreateStatus.InvalidUserName:
33 return "The user name provided is invalid. Please check the value and try again.";
34
35 case MembershipCreateStatus.ProviderError:
36 return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
37
38 case MembershipCreateStatus.UserRejected:
39 return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
40
41 default:
42 return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
43 }
44 }
2.找回密码
MembershipProvider provide = Membership.Providers["your membership provider"];
MembershipUser user = provide.GetUser(username, false);
password = user.GetPassword(answer);
3.修改密码
1 user.ChangePassword(oldPassword, newPassword)
4.生成passwordSalt
1 internal string GenerateSalt()
2 {
3 byte[] data = new byte[0x10];
4 new RNGCryptoServiceProvider().GetBytes(data);
5 return Convert.ToBase64String(data);
6 }
waiting... |
|