Archive for July, 2008

SharePoint FBA – Change password

Tuesday, July 22nd, 2008

The story thus far:

You’ve decided to make a SharePoint website available, but don’t want to use active directory to manage your users. You can either use an off the shelf MembershipProvider (which I highly recommend) or roll your own (which starts out looking like only a little bit of work, and then turns out to be a lot by the time you implement lockout, change password, account expiration, etc). The reason you’d want to roll your own is if you are keeping your membership information in your own schema and don’t want to take the time to convert to the aspnetsqlmembership provider, or you need to communicate with some other system via an api.

So, after you’ve inserted your membership provider into SharePoint, you need a way for your users to change their passwords. Easy, stick a ChangePassword control onto an application page, and you’re good to go.

Then you notice, the PasswordRegularExpression used in the MembershipProvider isn’t working for the client side validation in IE. No one you know uses IE – but some user somewhere might complain about it someday. Best to look into it now.

You’ve set this regular expression on the ChangePassword.NewPasswordRegularExpression:

NewPasswordRegularExpression = '@\"(?=.{7,})(?=(.*\d){1,})(?=(.*\W){1,})'

The reason IE does not validate correctly is bceause you’ve used the look ahead assertion ?= in the regular expression, which is only available in javascript version 1.5 and up. IE 6 and IE7 are only running with javascript 1.3.

Solution? Well, you need to break the regular expression up into multiple ones, and stick the regular expression validators on the changepassword template. Would be nice if you could plug a new javascript version into IE for your users, but that’s a different story altogether.

Tags:
Posted in Uncategorized | No Comments »

FBA User does not exist or is not unique

Sunday, July 20th, 2008

Been asked this question a few times lately. Remember that when you define a MembershipProvider for forms based authentication for sharepoint (or any asp.net) you can add as many as you want. The way you tell SharePoint which one you mean is to put the name of the membershipprovider before the username like this:

factoryhmembershipprovider:username

Thus, when you call the _vti_bin/usergroup.asmx webservice, you need to specify which membershipprovider you want to use (especially if you are not using the default one – which is always active directory in SharePoint).

If you just throw your username over, SharePoint will try it against active directory (the default) and you probably won’t get the result you are looking for.  It will respond with:

User does not exist or is not unique.

Posted in Uncategorized | No Comments »

Sharepoint Forms Based Authentication groups

Thursday, July 10th, 2008

An interesting fact to note: you can’t remove a forms based authentication user from a Sharepoint group via the usergroup webservice until they have successfully been added to at least one group.

Otherwise you will get a SoapServerException which looks like this:

0×81020054

The user does not exist or is not unique.

Posted in Sharepoint/MOSS | No Comments »