A while back I spent a few weeks at Microsoft Campus working for a client on a MOSS 2007 proof of concept project. One of my jobs was to get FBA working alongside Windows Authentication on the same site. After reading a few excellent blog posts namely Nick Swan’s and Dan Attis and getting FBA partially working it became apparent that FBA with SharePoint is a bit of a ‘gray’ area and alot of people are struggling with it. I also sat with a Microsoft guy who specialised in SharePoint who had never even seen FBA working with the SSP profile database before.
I want to write about a couple of issues I came across when working within SharePoint and FBA, I won’t go into detail with the actual setup because the above mentioned blog posts cover most or all of what you will need to do.
The first one is this, if you use the Visual Studio’s Website configuration tool to add your Forms Based users, be careful because it modifies your web sites web.config file and adds xmlns=”http://schemas.microsoft.com/.NetConfiguration/v2.0″ as an attibute to the <configuration> section. I don’t actually kow of a workaround for this but if you don’t delete this attibute your will be greeted with a File Not found error from your SharePoint site.
Another issue I came across was even though I had setup my site for FBA correctly, central admin was still not resolving my FBA users at all. After running SQL Profiler against the database I realised that the ASP.Net membership database stored procedures were being called with an application id, now this is where it gets a bit confusing. You need to run the Visual Studio Admin tool against the SharePoint 80 web site, but Central Admin runs in it’s own virtual directory therefore has a different application id. Now I’d love to know if I was doing something wrong or if there is a workaround for this, but in the end due to a tight timescale I had to hand modify the ASP.Net stored procs to not filter application id’s.
Hope this information is useful as it became apparent that FBA in SharePoint is a bit of a ‘hit or miss’ technology and is not as easy as it should be to setup out of the box.
Would be glad to hear from anyone who has had similar problems and found an easier way round it.