Form Based Authentication
What is Form Based Authentication? Form Based Authentication (FBA) provides your own authentication method using a web form. More and more companies are using FBA as a way of extending a site for non-Active Directory (AD) users.
SharePoint standard installation uses as default AD to query the Domain Controller and to check user credentials through Windows Authentication. FBA uses a custom database created separate from AD to store user credentials. Authentication using FBA is executed by a SQL DB query. When FBA is used to extend SharePoint sites, external users (non AD users) have access to SharePoint.
Why would you allow access to external users? A practical reason for extending a SharePoint site through FBA is collaboration on documents with your clients or vendors.
There are tons of blog posts about the implementation and the use of Forms Based Authentication in a SharePoint environment. Here are few of the most popular resources:
- – Andrew Connell – Dual Authentication Providers and Anonymous Access
- – TechNet – Configure forms-based authentication
- – CodeProject.com – Form Authentication for MOSS 2007 Site
- – ITCreme.com – FBA for SharePoint 2007
- – Nick Swan – SharePoint 2007 Forms Authentication
- – FiveNumber.com – Form Based Authentication in Sharepoint 2007
- – Forms Based Authentication in MOSS
- – DevCow.com – FBA Walk-through
- – FBA in SharePoint Products and Technologies
- – Implement Form Based Authentication
Users who authenticate with FBA do not have the same level of functionality available as users who authenticate with a Windows Authentication method. Basically the client integration features would not work:
- – Links that start client applications are not visible
- – Documents are opened directly in the browser with no client applications support
- – Users cannot edit documents on the site using the client applications. However, users can download and edit the document locally, and then upload the document back to the server
Here is some more information on FBA shortcomings: “Expected Behavior When Client Integration is Disabled”