Create Unique Login Page With Forms Based Authentication

SharePoint 2010: Create unique login page with forms based authentication | David Lozzi's Blog
Page 1 of 13
David Lozzi's Blog

Doing cool stuff with SharePoint
RSS Feed Twitter July 15, 2011
SharePoint 2010: Create unique login page with forms based authentication
31 Comments An awesome feature with SharePoint is the ability to use another authentication store for your users. This is especially helpful when you want to extend your site to an extranet or internet zone and you dont want your external users in your company Active Directory. I walk through configuring and setting up CBA here (http://davidlozzi.com/2011/07/15/sharepoint2010claimsbasedauthentication usingnetsqlmembershipprovider/). Once youve configured your web application to use FBA, the typical login page is plain. If you setup mixed mode (as in my example) the login page simply prompts for Windows or Forms authentication. Most users dont understand the difference.
Seriously, what end user doesnt know theyre using a Windows account? And my extranet users, seriously, they should know theyre forms Fortunately, we can change these options and give the user a little more to work with. For my example, I have my web application setup and I want my customers to login so we can collaborate on orders and projects. I would like a login page that is painfully obvious as to which how the user should login. Well
http://davidlozzi.com/2011/07/15/sharepoint-2010-create-unique-login-page-with-forms-based-authe...
5/16/2013
Page 2 of 13
dive into how to do so now. I walk through creating a new project with the end result being a feature. I prefer this method because it gives us the most flexibility with a code behind file. We could add CAPTCHA verification, or additional components as we need to make this work. Open Visual Studio 2010, create a new Empty SharePoint Project, and name it CustomLoginPage. Add the reference to Microsoft.SharePoint.IndentityModel. This isnt available in the browser, youll have to browse to it at C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.IdentityModel\ 14.0.0.0__71e9bce111e9429c\Microsoft.SharePoint.IdentityModel.dll Add a new application page, call it Login.aspx. Replace the content of Login.aspx with the following, updating a few items as necessary (highlighted)
5/16/2013
Page 3 of 13
<%@ AssemblyName="$SharePoint.Project.AssemblyFullName$"%> <%@AssemblyName="Microsoft.SharePoint,Version=14.0.0.0,Culture=neutral,Pu <%@AssemblyName="Microsoft.SharePoint.IdentityModel,Version=14.0.0.0,Cultu <%@ImportNamespace="Microsoft.SharePoint"%> <%@ImportNamespace="Microsoft.SharePoint.WebControls"%> <%@RegisterTagprefix="SharePoint" Namespace="Microsoft.SharePoint.WebControls" Assembly="Microsoft.SharePoint,Version=14.0.0.0,Culture=neutral,PublicKeyToken=7 <%@RegisterTagprefix="asp"Namespace="System.Web.UI" Assembly="System.Web.Extensions,Version=3.5.0.0,Culture=neutral,PublicKeyToken=3 <%@PageLanguage="C#"AutoEventWireup="true"CodeBehind="Login.aspx.cs"Inher <asp:ContentID="contentHEAD"ContentPlaceHolderID="PlaceHolderAdditionalPageHead" <styletype="text/css"> body { backgroundcolor:#d5d5d5; backgroundimage:url(images/ACMECatalog.jpg); backgroundposition:center; } body#s4simplecontent { marginleft:0px } .s4simpleiconcont { display:none } h1 { fontsize:24px; fontweight:bold } </style> </asp:Content> <asp:ContentID="Content1"ContentPlaceHolderID="PlaceHolderPageTitle" runat="server"> <SharePoint:EncodedLiteralrunat="server" EncodeMethod="HtmlEncode"ID="ClaimsFormsPageTitle" Visible="false"/> AcmeLogin </asp:Content> <asp:ContentID="Content2"ContentPlaceHolderID="PlaceHolderPageTitleInTitleArea" runat="server"> <SharePoint:EncodedLiteralrunat="server" EncodeMethod="HtmlEncode"ID="ClaimsFormsPageTitleInTitleArea" Visible="false"/> LogintotheAcmePortal http://davidlozzi.com/2011/07/15/sharepoint-2010-create-unique-login-page-with-forms-based-authe... 5/16/2013
Page 4 of 13
</asp:Content> <asp:ContentID="Content3"ContentPlaceHolderID="PlaceHolderSiteName" runat="server"/> <asp:ContentID="Content4"ContentPlaceHolderID="PlaceHolderMain" runat="server"> <tablewidth="100%"cellpadding="0"cellspacing="30"border="0"> <tr> <td><h2>CustomerLogin</h2> EnteryourusernameandpasswordbelowandclickSignIn. <asp:loginid="signInControl"FailureText="<%$Resources:wss,login_pageFailureTex <layouttemplate> <asp:labelid="FailureText"class="mserror"runat="server"/> <tablewidth="100%"> <tr> <tdnowrap="nowrap"><SharePoint:EncodedLiteralID="EncodedLiteral1" <tdwidth="100%"><asp:textboxid="UserName"autocomplete="off"runat="s </tr> <tr> <tdnowrap="nowrap"><SharePoint:EncodedLiteralID="EncodedLiteral2" <tdwidth="100%"><asp:textboxid="password"TextMode="Password"auto </tr> <tr> <tdcolspan="2"align="right"><asp:buttonid="login"commandname="Lo </tr> </table> </layouttemplate> </asp:login> </td></tr><tr> <td><h2>PersonnelLogin</h2> AcmePersonnelcanloginbelow.LoginwithyourAcmeaccount,i.e.acme\username.< <ahref="/_windows/default.aspx?ReturnUrl=<%=Request.QueryString["Source"]%>">c </tr> </table> <divid="SslWarning"style="color:red;display:none"> <SharePoint:EncodedLiteralrunat="server"EncodeMethod="HtmlEncode"Id="ClaimsForms </div> <scriptlanguage="javascript"> if(document.location.protocol!='https:'){ varSslWarning=document.getElementById('SslWarning'); //SslWarning.style.display='';//showthewarningifapplicable } </script> </asp:Content>
Youll see that Im overriding some of the CSS elements, this will let me customize this to exactly what I want. Replace the content of Login.aspx.cs with the following http://davidlozzi.com/2011/07/15/sharepoint-2010-create-unique-login-page-with-forms-based-authe... 5/16/2013
Page 5 of 13
usingSystem; usingMicrosoft.SharePoint.IdentityModel.Pages; namespaceCustomLoginPage { publicpartialclassLogin:FormsSignInPage { protectedvoidPage_Load(objectsender,EventArgse) { }}}
Deploy your feature. Go to Central Administration > Manage Web Applications. Select your web application and click Authentication Providers
Click your zone that has Claims Based Authentication. Scroll down a little to Sign In Page URL and enter the path to your custom page: ~/_layouts/CustomLoginPage/Login.aspx
Scroll to the bottom and click Save. Close the Authentication Provider Window. Now browse to your site, you should now see your new login page http://davidlozzi.com/2011/07/15/sharepoint-2010-create-unique-login-page-with-forms-based-authe... 5/16/2013
SharePoint 2010: Create unique login page with forms based authentication | David Lozzi's Blog Somyloginpagewentfrom
Page 6 of 13
To
References http://blogs.msdn.com/b/kaevans/archive/2010/07/09/creatingacustomloginpageforsharepoint 2010.aspx?wa=wsignin1.0 (http://blogs.msdn.com/b/kaevans/archive/2010/07/09/creatingacustom loginpageforsharepoint2010.aspx?wa=wsignin1.0) Abouttheseads (http://en.wordpress.com/abouttheseads/)
5/16/2013
Page 7 of 13
PostedbyDavidLozzi inSP2010Authentication,SP2010Customization Tagged:Branding,ClaimsBasedAuthentication,FBA,FormsAuthentication,SharePoint
31 thoughts on SharePoint 2010: Create unique login page with forms based authentication
1. Pingback:SharePoint 2010: Forms Based Authentication using Active Directory | David Lozzis Blog 2. k says: February28,2012at10:04am logginginfromamobiledevicegivesthiserror:Cannotaccessprotectedmember Microsoft.SharePoint.MobileControls.SPMobilePage.strReturnURLviaqualifieroftype thereisnothingonthewebaboutthis,anyideas? Reply David Lozzi says: February28,2012at10:17am I haventseenthishappen.Arethereothercustomizationsonyoursite?Ifyoucreateanother zoneforthewebappandnotuseFBA,usewindowsinstead,doesitworkthen? Reply 3. Robert Callero says: April10,2012at12:41pm GreatpostDavid worksasplanned!Isthereawaytoallowuserstologinwithadifferentwindows account?Thecurrentlinkforwindowsloginjustreauthenticatesthecurrentuser,Imlookingto allowthemtologinasadifferentuser.Anyinsightwouldbeappreciated.Thx Reply David Lozzi says: April10,2012at12:54pm
5/16/2013
SharePoint 2010: Create unique login page with forms based authentication | David Lozzi's Blog HiRobert, Forthelinktologin,trylinkingto
Page 8 of 13
/_layouts/accessdenied.aspx?loginasanotheruser=true&Source=targetUrltoSendAfterTheyLogin ThisistheURLforwhenauserclicksSignInasDifferentUser Reply 4. Robert Callero says: April10,2012at2:11pm Nojoy:( Itried /_layouts/accessdenied.aspx?loginasanotheruser=true&Source= allIgotwasapagerefresh.ThenItried /_windows/default.aspx?ReturnUrl=&loginasanotheruser=true andthingsseemtobefunctioningasexpected.Iguessmyquestionisshouldtheybe:)Thanks again! Reply David Lozzi says: April10,2012at3:07pm OoohhrightsinceyoureinFBA,itpromptsyoutologin.Sorry,ItriedthisonmyNTLMsite. Ifitworks,Idsayyouregoodtogo! Reply 5. susheel says: May16,2012at5:17am i amgettinganerror whiletryingtoruntheapplication. canuhelpmeout Reply David Lozzi says: May16,2012at8:14am Imnotfamiliarwiththiserror,whereisitoccurring?Ifitsregardingtheweb.configfile,review it,makesureyouputtheelementsintherightpositions.Makesureyourenotmissingaquoteor aclosebracketsomewhere. Reply 6. Stacey says: May31,2012at11:22am David thanksfortheblog.ItreallyhelpbutIdohaveoneissueandImnotsurewhy.Mycompany hasmanydomains.IfauserslogsintoWindowswithdomainXYZbuttheirSharePointaccessis throughdomain123theywillreceiveAccessDeniedwhenloggingin thisisokay.Whenthey clickonSignonasaDifferentUsetheloopbacktotheCustomPagebutcannotlogin.Anyideas? http://davidlozzi.com/2011/07/15/sharepoint-2010-create-unique-login-page-with-forms-based-authe... 5/16/2013
Page 9 of 13
Reply David Lozzi says: May31,2012at11:53am Theyshouldgobacktothecustompagesotheycanloginasavaliduser.Butareyousaying whentheydo,theycantloginusingavaliduser?Iftheyclosethebrowserandcomeinfresh,can theyloginusingavaliduserinitially? Reply Stacey says: May31,2012at12:02pm TheydogobacktothecustompageandwhentheyclickonEmployeeLoginforasecond timeittakesthemtoablankpage(noerrors,nothing).Theywouldthenhavetocloseandre openthebrowser.IguessIneedawayforthemtologinasadifferentuser.i.e.whenthey clickonLoginasaDifferentusertheyshouldgetapromptfortheircredentials. David Lozzi says: May31,2012at12:20pm Ah,understood.Idontknowoffthetopofmyheadonthisone.Iwillhavetotestitoutand seeifIcanrecreatetheissue.Youmayalsowanttopostitonsharepoint.stackexchange.com, togetmorefeedback. Stacey says: May31,2012at12:22pm Thanks.Iwillpostitatsharepoint.stackexchange.comIhaveagoaroundfornow changed securityonIEtopromptforlogin 7. Dan says: July4,2012at8:13pm David,Greatarticle!CanyouclarifywhetherActiveDirectoryusers(Windowsusers)shouldbeable tologintoSharePointexternallyfromoutsideourLANoverSSL?Atpresenttheycanloginwhenin theofficeusingWindowsIntegrationbutwhentryingtologinexternallythepagerefreshesandgoes blank.FBAuserscanloginexternallynoproblem. Reply David Lozzi says: July5,2012at8:52am HiDan, Thanksforthecomment.ShortanswerisYes.Windowsauthenticationcanandnormallydoes workoverSSL.Whenaccessingthesitefromoutsidethenetwork,makesureusersareloggingin asdomain\username(unlessyouconfiguredIISdifferently),anddisablefriendlyerrorsinIE (http://technet.microsoft.com/enus/library/cc778248.aspx),thismightgiveyoumoretowork with.Also,checkouttheSharePointlogsforanyerrorsandmessages. Ifyouwant,youcanemailmeatdavidatlozzidotnet,andIcanworkwithyousomemorein figuringouttheissue.Oryoucanpostyourissuetosharepoint.stackexchange.com. MoreonSharePointsextranets:http://www.microsoft.com/enus/download/details.aspx? displaylang=en&id=24079.
5/16/2013
SharePoint 2010: Create unique login page with forms based authentication | David Lozzi's Blog Thanks David
Page 10 of 13
Reply Dan says: July5,2012at5:37pm Thanksfortheadvice!WhenIwenttoretestwithfriendlyerrorsdisableditmiraculously startedworkingIhavesincetesteditinvariousbrowsersanditnowworks!Strangebutgood! 8. Pingback:FBA Custom Login Mixed Access Denied Loops Back to Login Page | Q&A System 9. Disha says: September20,2012at10:40am HiNicearticle,IamgogglingforForgotPasswordlinkwhichrecoverspasswordandsendthenew passwordtotheemailofactivedirectoryuser,Anyhelpwouldbeappreciated. Reply David Lozzi says: September20,2012at10:44am Thiswouldbeahighlycustompiece,updatinganADpasswordcangettricky.Unfortunately theresnotaquickanddirtyfix,especiallyforADaccounts.MostSharePointimplementations areonnetworkswhereusershaveothermethodsofchangingtheirpasswords.Ifyourefamiliar withC#andSharePointsolutions,youcanseeaboutaddingthefunctionality.Ifyourenot,then seewhatyoucanfindfora3rdpartysolution. Ivedonesomethinglikethisbefore.Iwilldigupmycodeandseeaboutsharingit,Idontknow whenthough. Reply 10. sonali says: September20,2012at10:49am Yesplease YEsimdeveloperinc#butbeginnertosharepoint,butwouldliketodevelopmyownbutdontknow howandwheretostart Ineedtodevelop3things,customLoginscrrenforWindowsauthintication,(whichshouldnot includeFBAoption),ForgotPasswordandchangepassword,asfarasIseeplayingwithActive directoryisnoteasy. Reply David Lozzi says: September20,2012at10:51am Youshouldprobablylookforsomeresourcesonstartingoffindevelopment.Theresalistof prereqsyoushouldknowandunderstandbeforedivingdownthisroad.Authenticationisoneof themoreadvancedchapters.Checkoutsharepoint.stackexchange.com,postyourquestionsthere aroundstartingdevelopment,youllgetsomegreatfreeresourcesforlearningit. Reply Disha says: September20,2012at10:53am
5/16/2013
Page 11 of 13
FoundonelinkallwithActivedirectory,Iwillgiveatry.topieceofcodeforResetting password,. http://www.codeproject.com/Articles/18102/HowtoAlmostEverythingInActiveDirectoryvia C#46 Reply 11. sonali says: October3,2012at6:56am Hi Imgettingthiserror CustomLoginPage.LoginisnotallowedherebecauseitdoesnotextendclassSystem.Web.UI.Page. Anyhelpwouldbeappreciated Thanks Reply David Lozzi says: October3,2012at9:20am Hisonali, Imnotsurewhyyoudbegettingthiserror.Whereareyouseeingit?InVSorinSP? Reply sonali says: October3,2012at2:43pm HiDavidthanksforreply,theerrorgetsolvednow,itwasmymistakeincode, 12. mezzo says: January5,2013at11:54am Dearall, i haveaquestion. i amusingbothFBAandWindowsAuthenticationforawebapplicationaccordingtoyoursteps. i havedevelopedaloginforminsteadofthedefaultsharepointwebpage.andifusingVS2010,ican deployitverywell. thencomestotheproductionenvironment,iusepsfiletodeploythattothewholefarm,using InstallSPSolution: AddSPSolutionliteralpathC:\CustomLoginPageEx.wsp InstallSPSolutionIdentityCustomLoginPageEx.wspAllWebApplicationsGACDeploymentForce thesolutioniswelldeployed,butwhenigotothewebapplicationthatusingFBAandWindows authentication,iwillreceiveasecurityexceptionerrorasbelow:
5/16/2013
Page 12 of 13
SecurityException Description:Theapplicationattemptedtoperformanoperationnotallowedbythesecuritypolicy. Tograntthisapplicationtherequiredpermissionpleasecontactyoursystemadministratororchange theapplicationstrustlevelintheconfigurationfile. ExceptionDetails:System.Security.SecurityException:Requestfailed. SourceError: Anunhandledexceptionwasgeneratedduringtheexecutionofthecurrentwebrequest.Information regardingtheoriginandlocationoftheexceptioncanbeidentifiedusingtheexceptionstacktrace below. StackTrace: [SecurityException:Requestfailed.] System.Reflection.Assembly._GetType(Stringname,BooleanthrowOnError,BooleanignoreCase)+0 System.Web.UI.Util.GetTypeFromAssemblies(ICollectionassemblies,StringtypeName,Boolean ignoreCase)+201 System.Web.UI.TemplateParser.GetType(StringtypeName,BooleanignoreCase,Boolean throwOnError)+323 System.Web.UI.TemplateParser.ProcessInheritsAttribute(StringbaseTypeName,String codeFileBaseTypeName,Stringsrc,Assemblyassembly)+10891548 System.Web.UI.TemplateParser.PostProcessMainDirectiveAttributes(IDictionaryparseData)+365 whileafterihavemodifiedthewebapplicatonweb.configtrustleveltoFull,theloginpagecanbe used. butsinceFullisnotsogood,isthereanothertosolvethis? besides,ihavesettheVSprojectAssemblypropertytowebapplicationinsteadofGAC..,willthat matter? thankyousomuchifyoucanhelpmesolvethis!!!!!!! Mezzo Reply David Lozzi says: January7,2013at1:19pm I haventtriedawebapplicationassemblywiththissolution.Itisafullfarmsolution,GAC and fulltrustlevelrequired. Reply 13. goutham says: February11,2013at12:44am Nicearticles,Ifollowedthestepsandgotitworkingforthefirsttime.Iloggedoutandthentried signinagain,butIkeptonreceiving402ForbiddenError.Anyideawhatcouldbethecause http://davidlozzi.com/2011/07/15/sharepoint-2010-create-unique-login-page-with-forms-based-authe... 5/16/2013
Page 13 of 13
Reply David Lozzi says: February11,2013at9:13am unfortunatelyIhaventrunintothis.Postitoveratsharepoint.stackexchange.com,seeif the communityhas. Reply 14. Pingback:Custom logon page causes 401 on SharePoint 2013 | Question and Answer
BlogatWordPress.com. |Theme:Splendio byDesignDisease.
5/16/2013

Create Unique Login Page With Forms Based Authentication

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Create Unique Login Page With Forms Based Authentication

Uploaded by

Copyright:

Available Formats

SharePoint 2010: Create unique login page with forms based authentication | David Lozzi's Blog

David Lozzi's Blog

usingSystem; usingMicrosoft.SharePoint.IdentityModel.Pages; namespaceCustomLoginPage { publicpartialclassLogin:FormsSignInPage { protectedvoidPage_Load(objectsender,EventArgse) { }}}

References http://blogs.msdn.com/b/kaevans/archive/2010/07/09/creatingacustomloginpageforsharepoint 2010.aspx?wa=wsignin1.0 (http://blogs.msdn.com/b/kaevans/archive/2010/07/09/creatingacustom loginpageforsharepoint2010.aspx?wa=wsignin1.0) Abouttheseads (http://en.wordpress.com/abouttheseads/)

PostedbyDavidLozzi inSP2010Authentication,SP2010Customization Tagged:Branding,ClaimsBasedAuthentication,FBA,FormsAuthentication,SharePoint

BlogatWordPress.com. |Theme:Splendio byDesignDisease.

You might also like