1

I have been involved to develop a customized SharePoint 2010 application that uses a custom db for authentication.

Following many tutorials on the internet I was successfully able to implement FBA and the site is up and running for further content development (using BI features of SharePoint).

However, I recently came across a comment on one of the websites (dont have the link now) - For FBA, its better to extend a windows based authentication website, as administration of website becomes easy.

I wanted to know:

  1. Is this statement correct?
  2. Even if I am only targetting non-AD users over the internet (and using only my custom db for authentication), is it necessary to extend from a windows based authentication web app?
  3. Should an FBA web app be extended from windows based or vice versa?
  4. What are the pros and cons of either case?
VXyahoo
  • 11
  • 1

1 Answers1

3
  1. Yes. All my FBA web applications are extended.
  2. I normally have the FBA zone with the public url, and have an internal zone with the windows auth url, so only administrators can get to it
  3. I normally always start with the windows auth, and extend the FBA
  4. You always have issues with FBA, and it is a good idea to have the standard windows based to fallback. Things like search, need a zone to crawl, i always have it crawling the windows auth zone.
djeeg
  • 6,685
  • 3
  • 25
  • 28
  • djeeg, thank you for the reply. I have been playing around some since yesterday and although most of what you say makes sense here is what I understand. Its better to have the FBA websites extended, as most of the functionality needs windows auth. Extending either ways is also fine and it does not make difference to website handling. And yes, its wise to have win based website to fall bak to. Thanks again! – VXyahoo Feb 09 '11 at 05:08
  • DJeeg, I have the same setup, Windows Auth setup for my initially created Web App and then FBA for an extended site put into the Extranet zone. Both zones work properly and I have 2 sites in IIS now. Whats wierd is that the default zone which is only configured for Windows Auth in Central Admin is showing as using Windows, Forms, and Anonymous authentication in IIS. When I disable forms auth in IIS I get access denied when I try to access that zone. I was just wondering if you ran into this issue as well. – Matt Klepeis Oct 12 '11 at 13:44