The CKS:Internet/Extranet Edition has released a pre-beta release of a Forms Based Authentication Solution.
This set of great features adds some missing out-of-the box functionality in Microsoft Office SharePoint Server 2007. The solution can be downloaded at Codeplex.
The functionality I like the most is:
- Ability for external users who authenticate themselves through forms based authentication to change their password through a web part. The web part is highly customizable in terms of error messages and labels.
- Ability for the SharePoint administrator to add external users who will authenticate through forms based authentication within the site settings of your site collection. There is no need to set up an extra website for user management, nor to do the administration of users directly in a database.
After installing the set of features, I had some problems though.
- In the user management pages, I could not get an overview of already created users. The UsersDisp.aspx threw an Unknown error.
- Some of the other user management pages had the same problems.
The solution is already available, but unfortunately is not yet included in the downloadable pre-beta version of the Forms Based Authentication Solutions. I found the working .aspx pages in a blogpost on the Van Laan on Sharepoint and all things Microsoft blog. From there the working .aspx pages can be downloaded. Just copy-paste the downloaded pages over the installed .aspx pages in the 12 hive under TEMPLATE\LAYOUTS\FBA\MANAGEMENT.
In the same blogpost, I found a great tip to change the default view of those user management pages, which display only 5 users at a time: it is very easy to change this to more users on one page.
As my external users were now able to change their password, I wanted to enforce a certain minimal password policy. To achieve this, I changed the web.config file of my web application set up with forms based authentication.
Look for the providers tag in the web.config: you'll find the add name tag, which specifies your provider for forms based authentication. In it, you'll find some properties which you can change to set up a password policy such as:
- minRequiredPasswordLength: the number specified is the minimal length for a valid password
- minRequiredNonalphanumericCharacters: the number specified is the minimul non-alphanumeric characters which the password must contain.
To activate this new policy, you should remove your previous definition of your provider. This can be achieved by adding a remove name tag, as shown in the screenshot below.