SharePoint 2007 and Forms Authentication

  • Article

SharePoint 2007 eliminates a key authentication limitation we had in SPS2003 of only being able to use AD as our authentication store.  Since SPS2007 is built on top of WSS v3 and WSS v3 is built completely on top of ASP.NET v2, SPS 2007 can utilize the default ASP.NET v2's Membership Provider model to deliver forms authentication.  Can you read my lips...pluggable authentication...you could also create your own custom providers just like you would if you were creating a custom ASP.NET application.

A couple of key things to check out:

1.  SharePoint 2007 -- Built on ASP.NET 2.0 - This tight integration story has pretty major implications so let's take a minor divergence.  Customers frequently ask "Why use SharePoint 2003 for my company's portal when I can create a "better" portal from scratch using ASP.NET v2".  Now obviously better is in the eyes of the beholder but if you define "better" by the number of OOTB features and ease of extensibility, then one could create a pretty good argument for creating from scratch.  For those organizations with the .NET skills, resources and time, creating a more feature-rich portal from scratch was the path many undertook.  Thankfully, the story has dramatically changed.  SharePoint 2007 has a very rich set of features OOTB so the question of creating a custom ASP.NET application from scratch vs implementing / extending / customizing a SharePoint 2007 portal is turning around.  Therefore, it’s not a question of ASP.NET 2.0 from scratch or SharePoint, it’s about developing solutions with ASP.NET 2.0 and SharePoint technologies.

2. Microsoft ASP.NET 2.0 Providers: Introduction - This will give you a good introduction to the provider concept.  The provider model is used throughout ASP.NET 2.0 as the basis for extensibilty and for example, accessing a different data source or authentication server means creating a new provider. This makes ASP.NET 2.0 much more flexible, expandable, and customizable than ever before.  For those that just want to cut to the chase, then

3.  Enabling Custom Authentication using a Custom Membership Provider - this gives you the step-by-step approach to set up forms authentication for your SharePoint site.

4.  Source Code for the Built-in ASP.NET 2.0 Providers - For those that dare, spelunking this code will give you a more in-depth understanding which will give you the details for creating your own providers.

SPS2007 provides the ability to use forms authentication and LDAP authentication OOTB, no coding required.  This will broaden SPS2007 appeal and use.

</steve>