How to share authentication context between a SharePoint Site and ASP.NET 2.0 application

When we have extranet scenarios when people need to have access not only to SharePoint site but also to a custom ASP.NET 2.0 web application we will require to have the same credentials to access to both app’s. Assuming that both app’s require FBA enable, we can change some entries in the asp.net 2.0 web.config file to accept same SharePoint authentication context.

First we need to set the membership and role provider for both app’s and point to the same authentication database.

<connectionStrings>
    <add name="XXXSqlConnString" connectionString="myconnectionstring" providerName="System.Data.SqlClient" />
</connectionStrings>
<membership defaultProvider="XXXAspNetSqlMembershipProvider">
  <providers>
    <add name="XXXAspNetSqlMembershipProvider" 
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="EPSSqlConnString" 
enablePasswordRetrieval="false" 
enablePasswordReset="true" 
requiresQuestionAndAnswer="false" 
applicationName="/" 
requiresUniqueEmail="true" 
passwordFormat="Hashed" 
maxInvalidPasswordAttempts="5" 
minRequiredPasswordLength="1" 
minRequiredNonalphanumericCharacters="0" 
passwordAttemptWindow="10" 
passwordStrengthRegularExpression="" />
  </providers>
</membership>
<roleManager enabled="true" defaultProvider="XXXAspNetSqlRoleProvider">
  <providers>
    <add name="XXXAspNetSqlRoleProvider" 
type="System.Web.Security.SqlRoleProvider, System.Web,Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
connectionStringName="XXXSqlConnString" 
applicationName="/" />
  </providers>
</roleManager> 

It’s important to set in both web.config files (SharePoint Web Application web.config file and ASP.NET application web.config file the same authentication cookie name.

<authentication mode="Forms">
  <forms name=".mycookiename" loginUrl="/_layouts/Login.aspx" />
</authentication> 

And the most important tip is to copy to the ASP.NET Web Application web.config file from the SharePoint web.config file the MachineKey entry. This, will allow us to share the authentication context between apps, check this post.

<machineKey 
validationKey="XXXXXXXXXXXXXXXX" 
decryptionKey="XXXXXXXXXXXXXXXX" 
validation="SHA1" />

That’s it. From now on your ASP.NET Web App will respect the same authentication cookie you have in SharePoint Site.

4 thoughts on “How to share authentication context between a SharePoint Site and ASP.NET 2.0 application

  1. hi haaron,

    i haven’t received any reply to my previous post..

    have you used the default asp.net provider or have you written a custom provider for authentication.

    Regards,
    Vikas Mestry

  2. This seems not to be working for sp2010. I guess because of claims.

    Did anyone try it there?

    Thanks,

    Tengiz Tutisani

  3. I have the same situation asp.net web application with sharepoint 2007 and i have applied the above steps but still the authentication is not shared, also if i am logged in to the sharepoint site and i go to log in to the asp.net application i got logged out from sharepoint site
    do you have any suggession

Leave a Reply

Your email address will not be published. Required fields are marked *