Slinger's Thoughts

March 27, 2008

Adding a Change Password function for Forms Based Authentication users.

Filed under: SharePoint — Tags: , — slingeronline @ 8:53 am

We have a MOSS site with Dual Authentication.  Internal users authenticate against the Active Directory, and external users authenticate against an SQL database.  In order to make it easier to manage users, I installed some of the features for forms based authentication from Codeplex.  Here’s where I ran into a problem.  When we set up a user in FBA we can specify the password, and that’s where it ends.  If they forget their password we can’t choose which one to assign them.  When you use the “Reset Password” option from the FBA tools, it sets the password to a string of gibberish.  I needed a way for our external users to reset their password to something they could actually remember.

For more instructions on how I set up Dual Authentication, the article is here. I stopped short of allowing anonymous access because we didn’t really want it. (We may implement it at some time in the future.)  So that I wouldn’t have to constantly access the SQL database used, I found this site on Codeplex useful for some tools to manage our external users.  The only ones I installed were the Manage Users and Manage Roles tools.  I didn’t really have a place to put the rest, or I didn’t want any of them.  So now we’re left with that pesky password issue.  There are several sites that have ways to do this, and I kind of mashed together the solutions from a few of them to get what I have.  I started out here, and started to set up a way for my users to change passwords.   Everything was going along great, but the syntax wasn’t quite right, and the page didn’t look all that fantastic.  Fortunately, I also found this site, and used the code from there in combination with the solution from the first site and put together for myself a nice solution.  There were a few problems however so I made some changes, and I still have on problem that I don’t know how to get around.  The first one is the validation.  It just straight up doesn’t work, so I removed it from my aspx page.  For us it didn’t matter all that much anyway.  The real problem for us, is that the link to the change password page shows up for both our internally authenticated and our external users.  Our internal users cannot use this control as it does not interact with the Active Directory.  What I would really like is a way to hide this control depending on the authorization type, but I don’t think anyone has come up with a way to do it yet.  It’s also not a bad idea to check the other links on these sights as they give some insight into how you can do other things in SharePoint also.  (This is where I learned how to hide the “Open in Windows Explorer” link.)



  1. “The real problem for us, is that the link to the change password page shows up for both our internally authenticated and our external users.”

    Not sure how SP friendly this might be, but perhaps you could encapsulate the web part with some custom ASP that checked the host header
    (something like:
    hostname = CStr(Request.ServerVariables(“HTTP_HOST”))
    , for instance)
    and rendered the part depending on that variable? I’m assuming that your FBA users access the site at one URL, and the internal users another.

    Comment by Don — May 1, 2008 @ 9:27 am

  2. Don,

    You are correct in that assumption. (We currently do not allow anonymous users, and are not planning to in the near future due to licensing issues.) I am willing to try what you recommend. My question is where would I put that code? I would imagine that if I placed it in the login.aspx page itself, that I would get the link for all users, but the page would simply show up as “File not found” for our internal users. I will look into where I could place the code and see what my results are. Thanks for your input.

    Comment by Slinger — May 1, 2008 @ 9:32 am

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Blog at

%d bloggers like this: