users and groups site collection isolation

Nov 7, 2012 at 5:30 AM

After following one of the FBA sharepoint configuration howtos, i found that i can not isolate the users and groups from one site collection to other.

 

There is a way to manage with this Pack users and groups separately from one site collection to other?

 

Tx

Coordinator
Nov 7, 2012 at 5:52 AM

Currently SharePoint only supports a single membership provider per Web Application.  All of the users from that membership provider will be available in all site collections under that web application.  You could create multiple web applications, and move the site collections you would like to isolate under each of these web applications.  You would need to define a seperate membership provider configuration for each web application you want to isolate.  If you like, you can still have each seperate configuration share the same aspnetdb database by giving each membership provider configuration a seperate applicationName property.  For example, for two isolated membership providers you might have something like this:

 

<add name="IsolatedOneMembershipProvider"
                    type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
                    connectionStringName="FBADB"
                    enablePasswordRetrieval="false"
                    enablePasswordReset="true"
                    requiresQuestionAndAnswer="false"
					requiresUniqueEmail="true"
                    passwordFormat="Hashed"
                    maxInvalidPasswordAttempts="5"
                    minRequiredPasswordLength="7"
                    minRequiredNonalphanumericCharacters="1"
                    passwordAttemptWindow="10"
                    passwordStrengthRegularExpression=""
                    applicationName="/isolatedone"
/>

<add name="IsolatedTwoMembershipProvider"
                    type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
                    connectionStringName="FBADB"
                    enablePasswordRetrieval="false"
                    enablePasswordReset="true"
                    requiresQuestionAndAnswer="false"
					requiresUniqueEmail="true"
                    passwordFormat="Hashed"
                    maxInvalidPasswordAttempts="5"
                    minRequiredPasswordLength="7"
                    minRequiredNonalphanumericCharacters="1"
                    passwordAttemptWindow="10"
                    passwordStrengthRegularExpression=""
                    applicationName="/isolatedtwo"
/>

Nov 7, 2012 at 6:30 AM

Thanks

so with this configuration i will have only one membership database but how about the configuration of the web.config of each webapp and most important the configuration of the central administration app how can i configure here the token provider for example to attend both web applications?

 

also any problems using this FBA pack one 2013 foundation

 

Thanks

Coordinator
Nov 7, 2012 at 2:19 PM

In this case, following the usual configuration instructions, you would have an individual membership configuration in the web application's web config. You would have all of the membership configurations in the central admin web.config and token provider web.config.

What I usually do is put all of my membership configurations in the machine.config file (C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG).  Then you don't have to copy them into each individual web.config.  Unfortunately you still have to put them all in the token provider web.config, as it overrides the machine.config at some point.

I haven't tested this with 2013 yet (on my todo list!), but this user reports that it seems to work:

http://sharepoint2010fba.codeplex.com/discussions/402232