Geeks With Blogs

Mike H. - Another Geek In Need... WebLog

Removing Forms-based-authentication (FBA) from Internet Presence Web Site (TopNavFlyouts.master) and adding Windows Authentication.




When we deploy Internet Presence Web Site templates (for publishing), we found that the default authentication model provided is Forms-Based-Authentication (or FBA).


This posed a problem on 1 engagement because we needed either Windows Authentication, or we allowed the users to browse Anonymous.


Now, during the basic setup of a Web Application in MOSS, you can stipulate the Allow Anonymous Access.


Further, you can configure the Authentication Provider to be Windows, defaulting to NTLM for authentication.





When you deploy a web application using the Internet Presence Web Site, the actual authentication model deployed is for FBA only! We found this to be a fun challenge.




Implement Windows-based authentication in a Internet Presence Web Site Template.





While working on this, it took us some time to identify what is going on behind the scenes with MOSS. For example, if you deploy an Internet Presence Web Site and then browse the site anonymously you will see a Login link in the far right area of your screen. If you click this link, it initiates a FBA login.aspx object.


Now, deploy a Corporate Intranet Site – which is also a publishing site. Now, when you browse this site anonymous? You actually see the control menu in the upper right where you also see the Site Actions menu link. And if you click Sign-In at this point? You are challenged by Windows with the standard Windows login dialog. So what makes this so different?





I am going to be working with a site we deployed using the Internet Presence Web Site Template. I’ll use the site I built in my Custom Chrome / Branding post for customizing MOSS sites.


This will not be much different from any site you deployed using the same Internet Presence Web Site template.


I will include the code that has the original XLS in the master page, and I’ll include the updated code that we had to place in this file to get the desired effect – commenting out old code and highlighting new code.




Open the TopNavFlyOuts.master that you want to change. We have opened ours and located the flowing body of code near the top of the page:


<table cellpadding="0" cellspacing="0" align="center" width="785" class="masterContent">



            <PublishingWebControls:AuthoringContainer id="authoringcontrols" runat="server">

<td colspan="2" width="100%" class="authoringRegion">

                <span class="siteActionMenu">

<PublishingSiteAction:SiteActionMenu runat="server" />


            <div class="sharepointLogin">

            <!--Authentication for Authors only-->


If you did not follow along with our custom chroming sample, then some things in this area will be a little different, but you’ll still find the “masterContent” class and begin there.


Just after the class=”masterContent”> place your cursor and insert a row (NOTE: Your <TR> goes just before the one following this class definition).


Then type the following code into this area:




      <PublishingWebControls:AuthoringContainer id=”logincontrols” runat=”server” DisplayAudience=”ReadOnly”>

         <div class=”login”>

            <asp:ContentPlaceHolder id=”PlaceHolderLogin” runat=”server”>

               <wssuc:Welcome id=”wc” runat=”server” EnableViewState=”false”></wssuc:Welcome>







Essentially, this code calls the SharePoint custom control code components that will actually trigger Windows to prompt the user for a login – so, now we need to remove our FBA stuff.


Now, we want to locate the original Login placeholder that is used for FBA and remove this. Look for the following code segment just below the <div class=”topLink”>, skip the initial PublishingVariations tag, and look down 2 lines for the <PublishingWebControls:… We’re going to start here. Identify all of the following:


<PublishingWebControls:AuthoringContainer id=”VisibleToReaders” DisplayAudience=”ReadersOnly” runat=”server” _designer:Preview=”” _designer:Values=”&lt;Prop Name=’DisplayAudience’ Enum=’1’ /&gt;&lt;Prop Name=’ControlStyle’&gt;&lt;Prop Name=’Font’ ID=’1’ /&gt;&lt;/Prop&gt;&lt;Prop Name=’Enabled’ Text=’False’ /&gt&lt;Prop Name=’Font’ Ref=’1’ /&gtl&lt;Prop Name=’Page’ ID=’2’ /&gt;&lt;Prop Name=’TemplateControl’ ID=’3’ /&gt;&lt;Prop Name=’AppRelativeTemplateSourceDiretory’ Ref=’-1’ /&gt;”>

<div class=”login”>

            <asp:ContentPlaceHolder id=”PlaceHolderLogin” runat=”server”>

                        <asp:LoginStatus id=”formsAuthLogin” LoginText=”<%$Resources:cms, masterpages_logincontrol_label%>” LogoutText=”<%$Resources:cms, masterpages_logoutcontrol_label%>” LogoutActtion=”RedirectToLoginPage” runat=”server”/>





Ensure that you have located this block properly, then delete it altogether. If you attempt to comment it out, you’ll find another interesting nuance of MOSS. When loading an ASPX object, it parses the ‘id=’ fields of these placeholders, even the commented out ones. So either delete it altogether, or rename the id components of the placeholders (there are 3 of them).


Once you are done, check-in your master page, publish a major version, then approve it.


Now, add the following class to your .CSS (if you followed our custom chroming example, this would be at the end of the my.css object. If you are working raw, you can replace the .login{} class in TopNavFlyOuts.css with the following class:


.login a


            boarder: 0px;

            padding-bottom: 2px;

            padding-top: 2px;

            text-align: left;

            font-family: Verdana;

            font-size: 11px;

            font-style: normal;

            font-weight: bold;

            text-decoration: none;

            color: #667499;



Be sure to check-in and publish your latest style sheet changes.


The next time you browse your site anonymously you’ll see a discreet Sign-In in the upper left of the screen. When you click it you will either automatically be logged in (depending on your IE browser settings), or you will receive the Windows challenge to login.

Posted on Saturday, July 15, 2006 8:10 PM Microsoft Office SharePoint Server 2007 (MOSS) | Back to top

Comments on this post: Microsoft Office SharePoint Server (MOSS) Forms Based Authentication (FBA) - How to remove and use Windows Authenticaion on Internet Presence Web Site template.

# re: Microsoft Office SharePoint Server (MOSS) Forms Based Authentication (FBA) - How to remove and use Windows Authenticaion on Internet Presence Web Site template.
Requesting Gravatar...
Thanks for the information Mike. It worked like charm.
Left by Vishwa Kalyan on Nov 29, 2006 1:28 AM

# re: Microsoft Office SharePoint Server (MOSS) Forms Based Authentication (FBA) - How to remove and use Windows Authenticaion on
Requesting Gravatar...

Can you please add url tag to the "custom chroming sample".

Appreciate it.


Left by brogits on Sep 17, 2008 12:43 PM

Your comment:
 (will show your gravatar)

Copyright © Michael J. Hamilton, Sr. | Powered by: