Monday, July 19, 2010

Enabling Forms Based Authentication for PWA site

There are two authentication types for SharePoint: Forms based and Windows based authentication. There are a lot of articles dedicated to configuring SharePoint to use either both of one of these authentication modes. For instance, this one. But in our post we would like to point out the way how to use Forms-based authentication for Project Server 2010 to enable non-domain users to log in to PWA site.

Suppose you’ve already configured new web application to use Forms Based authentication. Let’s say the name of ASP.NET Membership provider used for it is My_FBA_Provider, and the name of ASP.NET Role manager name is My_FBA_Role. Also suppose you have already created test user (let its login/password pair be test_user1/p@ssw0rd) and verified it’s workability for some test site collection belonging to your web application. Now let’s go through the following list of steps to allow our user to login to PWA.

1. Create PWA site.

Go to your Central Administration site and navigate to Application Management-> Manage service applications-> Project Server Service Application-> Create Project Web App Site. Here you should select proper SharePoint Web Application to host Project Web App – select the one which is configured for Forms Based authentication.

Fill the rest info and click OK button.

2. Add user to PWA.

After the PWA site is provisioned you can login to it using your admin Windows credentials. Navigate to your PWA site, select “Windows Authentication” option from the drop-down list and fill-in your administrator’s credentials to popup window.

Now go to Server Settings->Manage Users->New User page and fill-in “User logon account” field using the following template: FBA_PROVIDER_NAME:USER_NAME. As you can see on the screenshot below, in our case we have My_FBA_Provider:test_user1.

Fill-in the rest of information like you do for any domain user.

3. Login.

Now you can use test user credentials to login to your PWA site. Click “Sign in as Different User” menu item on the top of page, and select “Forms Authentication” option from the drop-down list:

After that, fill-in user’s login/password pair like you do for any web application with Forms Based authentication:

In this case neither domain nor FBA provider prefixes should be added to user name.

Now you can operate with new user like you do with any other domain user.