In SharePoint 2010(like in previous versions) You can enable forms authentication along with standard AD authentication. Thanks to that the internal users can log in to SharePoint using theirs domain accounts and external users can use prepared accounts which are kept in the database. Here is very good instruction step by step how to enable this funcionality.
Now, if You were able to configure mixed authentication then when You’ll try to log in to SharePoint You should see standard login page:
When You select “Windows Authentication” Your AD account will be used. Selecting “Form authentication” will result in showing new page where You will have to provide login and password(not AD account).
You can change this standard page with Your custom login page – it’s very simple. To achieve that You have to create a new .aspx page which inherits from Microsoft.SharePoint.IdentityModel.Pages.FormsSignInPage class.
Below You can find the code for .aspx page with some comments:
<%@ Page Language="C#" MasterPageFile="~/_layouts/simple.master" AutoEventWireup="true" Inherits="zavaz.CustomLoginPage.Forms.ASPX.SignInForm, zavaz.CustomLoginPage.Forms, Version=1.0.0.0, Culture=neutral, PublicKeyToken=17b6953c6c0dd4db" %>
<%@ Assembly Name="Microsoft.SharePoint.ApplicationPages, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"%>
<%@ Import Namespace="Microsoft.SharePoint.ApplicationPages" %>
<%@ Register Tagprefix="SharePoint" Namespace="Microsoft.SharePoint.WebControls" Assembly="Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<%@ Register Tagprefix="Utilities" Namespace="Microsoft.SharePoint.Utilities" Assembly="Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<%@ Import Namespace="Microsoft.SharePoint" %>
<%@ Assembly Name="Microsoft.Web.CommandUI, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<asp:Content ContentPlaceHolderId="PlaceHolderAdditionalPageHead" runat="server">
//Loading jQuery scripts
<script language="javascript" type="text/javascript" src="/_layouts/zavaz.CustomLoginPage/JS/jquery.min.js" ></script>
<script language="javascript" type="text/javascript" src="/_layouts/zavaz.CustomLoginPage/JS/jquery.corner.js" ></script>
<script language="javascript" type="text/javascript" >
$(document).ready(function () {
//Hidding unnecessary elements from masterpage
$('#s4-simple-card').attr("id", "s4-simple-card2");
$('#s4-simple-header').hide();
$('#s4-simple-card-top').hide();
$('#s4-simple-card-content').css("margin", "0px");
$('.s4-simple-iconcont').hide();
$('#s4-simple-content').css("margin", "0px");
$('#s4-simple-content h1:first').hide();
$('.s4-die').hide();
//-------------------
//Round corners of the div
$('.rounded').corner("10px");
});
</script>
<style type="text/css">
html, body {height:100%; margin:0; padding:0;}
#page-background {position:fixed; top:0; left:0; width:100%; height:100%;}
#content {position:relative; z-index:1; padding:10px;}
</style>
</asp:Content>
<asp:Content ContentPlaceHolderId="PlaceHolderPageTitle" runat="server">
//Required from inherited class "FormsSignInPage"
<SharePoint:EncodedLiteral ID="ClaimsFormsPageTitle" runat="server" text="<%$Resources:wss,login_pagetitle%>" EncodeMethod='HtmlEncode'/>
</asp:Content>
<asp:Content ContentPlaceHolderId="PlaceHolderPageTitleInTitleArea" runat="server">
//Required from inherited class "FormsSignInPage"
<SharePoint:EncodedLiteral ID="ClaimsFormsPageTitleInTitleArea" runat="server" text="<%$Resources:wss,login_pagetitle%>" EncodeMethod='HtmlEncode'/>
</asp:Content>
<asp:Content ContentPlaceHolderId="PlaceHolderSiteName" runat="server"/>
<asp:Content ContentPlaceHolderId="PlaceHolderMain" runat="server">
<div style="background-color: Black; width: 100%; height: 100px">
<br />
<img src='/_layouts/images/zavaz.CustomLoginPage/Logo.png' alt='' />
</div>
<div style="background-color: Gray; width: 100%; height: 10px"></div>
<center>
<div id="content" class="rounded" style="width: 300px; height: auto; margin-top: 15%; background:transparent; filter:progid:DXImageTransform.Microsoft.gradient(startColorstr=#99000000,endColorstr=#99000000); zoom: 1;">
//Standard Login control with set custom MembershipProvider FBAMembershipProvider
<asp:Login ID="signInControl" style="width: 250px" FailureText="<%$Resources:wss,login_pageFailureText%>" MembershipProvider="FBAMembershipProvider"
runat="server" DisplayRememberMe="true" TextBoxStyle-Width="250px" RememberMeSet="true" LoginButtonStyle-CssClass="ms-buttonheightwidth" UserNameLabelText="User name" TextLayout="TextOnTop" PasswordLabelText="Password" LabelStyle-Font-Bold="false" LabelStyle-Font-Size="Large" LabelStyle-ForeColor="White" LabelStyle-Font-Names="Calibri" LabelStyle-CssClass="ms-standardheader ms-inputformheader" TextBoxStyle-CssClass="ms-input" CheckBoxStyle-Font-Bold="false" CheckBoxStyle-Font-Names="Calibri" CheckBoxStyle-ForeColor="White" CheckBoxStyle-CssClass="ms-standardheader ms-inputformheader" CheckBoxStyle-Font-Size="Large" FailureTextStyle-Wrap="true" FailureTextStyle-Font-Names="Calibri" FailureTextStyle-Font-Size="Small" LoginButtonStyle-Font-Names="Calibri" LoginButtonStyle-Font-Size="Large" LoginButtonImageUrl="/_layouts/images/zavaz.CustomLoginPage/GoForward.png" LoginButtonType="Image" TitleText="" TitleTextStyle-ForeColor="White" TitleTextStyle-Font-Bold="true" TitleTextStyle-Wrap="true" TitleTextStyle-Font-Names="Calibri" TitleTextStyle-Font-Size="Larger" />
//Link for internal users to log in using AD account
<asp:LinkButton ID="lbInternalUsers" Text="Active Directory Login" runat="server" Font-Names="Calibri" Font-Size="Small" CssClass="ms-standardheader ms-inputformheader" Font-Bold="true" ForeColor="Wheat" OnClick="lbInternalUsers_OnClick" />
//Label displaying errors
<asp:Label ID="lblError" runat="server" Font-Bold="true" ForeColor="Red" EnableViewState="false"></asp:Label>
</div>
</center>
//Required from inherited class "FormsSignInPage"
<SharePoint:EncodedLiteral runat="server" EncodeMethod="HtmlEncode" ID="ClaimsFormsPageMessage" Visible="false" />
</asp:Content>
And here is the code behind for the .aspx page:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using Microsoft.SharePoint.IdentityModel.Pages;
using Microsoft.SharePoint;
using Microsoft.SharePoint.Administration;
using Microsoft.SharePoint.Utilities;
using zavaz.CustomLoginPage.Data.Classes;
using zavaz.CustomLoginPage.Data.Helpers;
using System.Diagnostics;
using System.Text.RegularExpressions;
namespace zavaz.CustomLoginPage.Forms.ASPX
{
public class SignInForm : FormsSignInPage
{
protected Label lblError;
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
}
protected override void OnLoad(EventArgs e)
{
try
{
base.OnLoad(e);
}
catch { }
}
protected void lbInternalUsers_OnClick(object sender, EventArgs e)
{
try
{
if (null != SPContext.Current && null != SPContext.Current.Site)
{
SPIisSettings iisSettings = SPContext.Current.Site.WebApplication.IisSettings[SPUrlZone.Default];
if (null != iisSettings && iisSettings.UseWindowsClaimsAuthenticationProvider)
{
SPAuthenticationProvider provider = iisSettings.WindowsClaimsAuthenticationProvider;
Redirect(provider);
}
}
}
catch (Exception ex)
{
lblError.Text = ex.Message;
}
}
private void Redirect(SPAuthenticationProvider provider)
{
string comp = HttpContext.Current.Request.Url.GetComponents(UriComponents.Query, UriFormat.SafeUnescaped);
string url = provider.AuthenticationRedirectionUrl.ToString();
if (provider is SPWindowsAuthenticationProvider)
{
comp = EnsureUrl(comp, true);
}
SPUtility.Redirect(url, SPRedirectFlags.Default, this.Context, comp);
}
private string EnsureUrl(string url, bool urlIsQueryStringOnly)
{
if (!url.Contains("ReturnUrl="))
{
if (urlIsQueryStringOnly)
{
url = url + (string.IsNullOrEmpty(url) ? "" : "&");
}
else
{
url = url + ((url.IndexOf('?') == -1) ? "?" : "&");
}
url = url + "ReturnUrl=";
}
return url;
}
}
}
The final effect:
To use above page You need to:
- Copy .dll file to the GAC(for example using gacutil.exe)
- .aspx, .js files to the LAYOUTS directory
- In the .aspx(line 83) file change the logo image to Your custom one
- Configure FBA – link how to do it is at the beggining of this post.
July 4th, 2011 on 18:46
Thanks.. I needed something exactly like this.
But can you explain how the flow is working in this new custom login page.
Thanks again.
September 2nd, 2011 on 11:40
Hi, Nice Post,
I am new to sharepoint, this is the what i am looking for. Could you please provide more detail how to deploy this? And if you can please attach source file. this will be great help.
September 2nd, 2011 on 11:50
Hi Navi,
I’ll will update the post in the evening with the source code and description how to deploy this solution
September 2nd, 2011 on 13:02
Oh That is Great, I’ll wait
September 5th, 2011 on 07:20
nice post i got form here really valuable knowledge
thanks a lot
December 6th, 2011 on 06:11
Tomasz,
Thanks sooo much for this. We recently implemented Windows and Forms auth on a site a didn’t like the credentials drop down list on the default login page either.
I didn’t have Visual Studio 2010 but thanks to your article, I was able to copy /_forms/default.aspx to /_forms/CustomLogin.aspx and make all coding changes in the aspx page without a code behind page. This saved me so much time and so many headaches by not having to create the DLL and registering it in the GAC.
And now my users have a less confusing login page.
December 6th, 2011 on 07:39
Glad I could help
December 8th, 2011 on 09:28
Hi Zavaz,
Thanks for sharing wonderful solution for custom page. My name is bharath from india can you do me a favour please?
could you please send me the source code.That will help me so much.
Thanking you and all the best for your new articles.
January 16th, 2012 on 16:38
Hi,
i am a SharePoint-Beginner and have a question: do i need the Codebehind for the asp-file?
Thanking you!
January 16th, 2012 on 17:04
Hi Anatol,
Theoretically no, You don’t need it if You want to do some simple things, for example You can code some simple actions like events in the aspx file. Nevertheless, sooner or later You will have to use .cs files to create some classes and more advanced stuff.
January 18th, 2012 on 08:58
Thanks. My question was about the current project. Do i need the .cs file for this signin-project? because my Visual Studio cant find some components (zavaz.CustomLoginPage.Data.Classes).
January 19th, 2012 on 09:08
My bad, I forgot about this using statements. The answer is: Yes, You can code everything in the .aspx file without using a .cs file.
February 24th, 2012 on 15:09
Thanks for the post. I found your blog from researching an Obj Ref error in the OnLoad event of the FormsSigninPage. I noticed you have a try catch wrapping the base.OnLoad call. Why? Why does the error occur?
February 24th, 2012 on 15:28
Hi Tim,
Usually I always wrap all the code in the try catch block – just in case
If it goes to Your error I think that You probably don’t have the SharePoint:EncodeLiteral controls on Your ASPX page. Please look closer at the code of my ASPX page. It contains three SharePoint:EncodedLiteral controls which are needed as You inherit the code from FormsSignInPage class. In my opinion if You add this controls to Your ASPX code(into the appropriate content placeholders) then You’ll get rid of the Obj Ref Error that You are facing.
March 17th, 2012 on 10:36
Hi Zavaz,
Wonderfull post.
Could you please provide more detail how to deploy this? And if you can please attach source file.it will help me a lot.please
April 13th, 2012 on 14:25
Great post!!! Thank you!!!
April 24th, 2012 on 16:44
Hi
Thanks soooo much for this, it helped me in a way you can’t imagine, however after i installed it i can’t edit it, any ideas why? I am the admin in the server and the sharepoint farm /site….
May 26th, 2012 on 11:34
i am getting an error when i tried to use ur code for creating custom login page for both fab and windows.
the error is below, can u help me out how it works in sp2010, for 2 days i am struck with this issue only..
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 5/27/2012 2:53:30 AM
Event time (UTC): 5/26/2012 9:23:30 PM
Event ID: a3a61950e4494b25ab9490e54c4503ec
Event sequence: 5
Event occurrence: 1
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/324180076/ROOT-1-129825409966520010
Trust level: WSS_Minimal
Application Virtual Path: /
Application Path: C:\inetpub\wwwroot\wss\VirtualDirectories\3636\
Machine name: HIFX-2
Process information:
Process ID: 3804
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: NullReferenceException
Exception message: Object reference not set to an instance of an object.
Request information:
Request URL: http://hifx-2:3636/_layouts/LoginPage/HifxLoginPage.aspx?ReturnUrl=An unhandled exception has occurred.fsitesAn unhandled exception has occurred.fHIFXAn unhandled exception has occurred.fSitePagesAn unhandled exception has occurred.fHome.aspx
Request path: /_layouts/LoginPage/HifxLoginPage.aspx
User host address: fe80::2dca:c845:f1d9:d645WSS_Minimal
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 5
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at Microsoft.SharePoint.SPWebPartCollectionInitialState.SPWebPartCollectionInitialStateCore(WebPartDataOrigin dataOrigin, SPWeb web, Uri pageUrl, String serverRelativeUrl, PageView pageView, UserMode initialUserMode, Boolean includeHidden, Boolean forRender, Boolean canCustomizePages, Boolean canPersonalizeWebParts, Boolean canAddDeleteWebParts, HttpContext context)
at Microsoft.SharePoint.SPWebPartCollectionInitialState..ctor(SPWeb web, Uri pageUrl, PageView pageView, Int32 count, Object[,] resultSet, Boolean includeHidden, Boolean forRender, HttpContext context)
at Microsoft.SharePoint.WebPartPages.SPWebPartManager.SPWebPartManagerCore(SPWebPartCollectionInitialState initialState)
at Microsoft.SharePoint.WebPartPages.SPWebPartManager..ctor()
at ASP._layouts_v4_master.__BuildControlm() in c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\v4.master:line 39
at ASP._layouts_v4_master.__BuildControl__control20() in c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\v4.master:line 37
at ASP._layouts_v4_master.__BuildControl__control2() in c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\v4.master:line 10
at ASP._layouts_v4_master.__BuildControlTree(_layouts_v4_master __ctrl) in c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\v4.master:line 1
at ASP._layouts_v4_master.FrameworkInitialize() in c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\7a747e40\1212a4eb\App_Web_v4.master.2a428413.mxiigxjk.0.cs:line 0
at System.Web.UI.MasterPage.CreateMaster(TemplateControl owner, HttpContext context, VirtualPath masterPageFile, IDictionary contentTemplateCollection)
at System.Web.UI.Page.get_Master()
at System.Web.UI.Page.ApplyMasterPage()
at System.Web.UI.Page.PerformPreInit()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Custom event details:
May 30th, 2012 on 08:09
But what You can’t edit? You can’t add users/roles?
May 30th, 2012 on 08:23
Firstly I’d change the account under which w3wp process is runing to any user account which is part of the IISWPG group.
Secondly, I can see that YOu modified my login page. Have You tried to implement it without any modifications? Maybe You’ve made some mistake somewhere in the code?
May 31st, 2012 on 11:05
hi,
instead of active directory login can we have our own custom login form there, i.e; username and password like above for fba.if so can u mail me the code are url. my mail id is susheel.surabhi@gmail.com
July 24th, 2012 on 15:48
Hi zavaz,
Thank you for the post! Looks this is almost close to what am looking for.
Can you please tell me that how can i use this code if I want to do only Windows authentication using similar login screen? Actually I dont want to use FBA since I dont have any external users. My users are in active directory and they should access site from internal(office) and also from internet(outside office)(by extending). So whenever I browse extended windows authentication claims based site from internet, I should be prompted for windows AD credentials. Upon valid credential, home page should get loaded.
Thanks,
AK
July 24th, 2012 on 16:39
Awesome!! Saved me HOURS trying to do this myself. THank you! Works perfectly!
September 13th, 2012 on 21:17
Nice article. I came across this because I’m having trouble with my own custom login page, and your version exhibits the same issue. The problem is that in Internet Explorer and Chrome, the browser doesn’t prompt the user to save (or update) the login credentials withinthe browsers own password storage feature. i.e. when you click submit in Firefox, the browser prompts the user with the question: “Would you like to remember the password for ‘my@email.com’ on mysite.com?”
Have you noticed this is absent too in IE and Chrome? Is it because most custom applications attach a master page, which changes the IDs of the asp:login UserName and Password controls when rendered? Any advice on how to fix this?
Any help would be appreciated.
QMKevin
September 20th, 2012 on 16:38
.. I will give it a try , one more question I am goggling for Forgot Password link which recovers password and send the new password to the email of active directory user, Any help would be appreciated.
September 20th, 2012 on 17:51
Hi,
Thank you for this customization!! Seems I reached very close to what Iam looking for.nice way to clarify FBA and Windows authintication.
Just I want to make sure this customization is included with FBA or is only for AD users…because I dont want include FBA at all in my custom login screen, I want to make it only for AD users.
Can you please tell me that how can i use this code if I want to do only Windows authentication using similar login screen?
October 10th, 2012 on 07:49
Hi Zavaz
Great Post i could achieve exactly what i was looking for .
Thanks for sharing this.
however i am facing one issue ,i have hosted my site to access over internet when i tray to log in with AD user it prompts me for credentials but unable to log in after providing right credentials.
This works when i try this within the network(internally)
Also this works when i browse the site in Mozilla Firefox over internet
Appreciate any help in resolving this issue
October 10th, 2012 on 17:28
I simply want windows authentication on the sign in page. In that case is the .dll file really required or is there some minor tweaking we can perform without replacing too much code or pages.
Thanks for the post! This is great!
October 11th, 2012 on 17:35
How important is the .dll file and what does it do? Would we need it to simply have a functioning link for windows authentictation? Or can we skip that step of handling it and simply relay on the .aspx and .js file you provided?
Thanks
October 15th, 2012 on 11:29
@kensley
The .dll is required for my project. In general if You need just the windows authentication then You don’t need any sign in page, as SharePoint will try to automatically authenticate every user who is opening any SharePoint site. If SharePoint will be unable to authenticate the user, then it will open a popup where credentials should be type in.
@Guest
The .dll is required for my project. Additionally You would have to modify the .aspx page – remove the sign in control and leave just the link button
@Tanaji Chavan
Unfortunatelly, I don’t know what causes the issue ;(
November 20th, 2012 on 17:36
Thank you so much for this code!! I was searching all over for something like this and your code finally got me where I needed to go. Thank you!
November 20th, 2012 on 18:07
Thanks for the post! You can enhance that even further by relaying on CSS to style the page, as along as you properly set your CSS selectors onto your page where needed. I discovered by this approach, you can create a liquid form that will shape to the size of your desktop width size if for some reason the screen was smaller.
Thanks again
November 26th, 2012 on 07:05
This is a great post really. But I have one doubt. Will it works for both forms based and windows authentication?
November 26th, 2012 on 08:04
Yes, it will
November 26th, 2012 on 08:13
In the .aspx file we have inherit attribute in the page directive. How to give the value to inherit attribute. I am getting Exception. Can you please explain the way to link our code page to the application page? or provide me any link to refer.
November 26th, 2012 on 09:43
Follow this rule: “ClassNamespace.ClassName, DllFileName, Version=DllVersion, Culture=DllCulture, PublicKeyToken=DllPublicKeyToken”. If You still have problems try to search google for FQN(Fully Qualified Name)
December 11th, 2012 on 22:09
Is this all i need to only display the windows auth?
February 4th, 2013 on 16:04
Thank you for this great post! I have a question about the search crawl. When I configured the Sign In Form the search didn’t work. I am getting an error in crawl saying “SharePoint server has been moved to other server”. How can I resolve this problem? thanks.
February 12th, 2013 on 05:11
to Zavaz, thanks for this wonderful guide, I can achieve the login objective.
@Mod, if I may help to answer, you need to extend the website (i.e to another port) and allow only Windows NTLM authentication. Then the search crawl only search this site instead of original FBA site.
February 12th, 2013 on 22:11
@alisanta, it worked. Thank you!
February 13th, 2013 on 08:59
Great post! I’ve just started setup of new SP2013 site and was wondering if you planned to update the solution to work with 2013? I tried using as is and was getting error:
Could not load file or assembly ‘Microsoft.SharePoint.IdentityModel, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c’ or one of its dependencies. The system cannot find the file specified.
I then created a new empty SharePoint application in vs2013 and added the reference to the new IdentityModel 15.0.0.0 but I’m still having difficulty deploying.
I’d really love to see an updated version of your guide as it’s exactly what I need to get my sp site up and running.
Thanks
March 7th, 2013 on 19:01
Zavaz,
have you tried this solution in share point 2013. We have done it earlier in 2010 but in 2013 after authenticating from SQL user profile or AD (through customized authentication) its not logging into share point site. I will post the specific error or scenario but in mean time if you have any idea what could be missing please reply. if you are aware of any link where this solution is given in 2013 please mention it.
Thanks.
March 8th, 2013 on 18:56
My spouse and I absolutely love your blog and find a lot
of your post’s to be just what I’m looking for. Does one
offer guest writers to write content for you personally?
I wouldn’t mind publishing a post or elaborating on a lot of the subjects you write related to here. Again, awesome web log!
March 11th, 2013 on 06:54
Thanks for the wonderfull post but i am unable to implement this solution in SharePoint 2013. I am also having one doubt that is it also work for Sql Server authentication as you mentioned only one authentication in your code or your login page also i.e. Active Directory authentication.
When i am trying this code with SharePoint 2013, it gives an unexaptional error and in your code Provider returns the NULL value.
Will you please help me to implement this code on SharePoint 2013 or provide me some different code or link for SharePoint 2013?