I went through Steve Peschka’s blog explaining how to set up FBA with LDAP provider in SharePoint 2010:
What a wonderful post. It describes all the steps precisely and with clear instructions. I configured FBA in no time after going through the post.
Next thought came to my mind was how to get rid of the OOB login page (“_forms/default.aspx”) and use my own. Again I found another post from Kirk Evans blog that did the magic:
It describes how to create your own login page that is somewhat similar to “_forms/default.aspx” and you will use a login control to accomplish the task.
Everything went good so far. But what if I want to add my own form with userid and password fields and do not want to use “_layouts/simple.master”? I dug a little further and found “Microsoft.SharePoint.IdentityModel” namespace has “SPClaimsUtility.AuthenticateForm” method that would do the work for me.
I created another application page within the same project I used for creating login page as given by Kirk Evans blog. After little modification this is how the login page and its background code look like (Deployment option is same as given by Kirk Evans blog):
<%@ Assembly Name="$SharePoint.Project.AssemblyFullName$" %>
<%@ Page Language="C#" AutoEventWireup="true" Inherits="LdapContosoAuthentication.Layouts.LdapContosoAuthentication.LoginCustmCntrlPage" CodeBehind="LoginCustmCntrlPage.aspx.cs"%>
<form id="form1" runat="server">
<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
<asp:TextBox ID="TextBox2" runat="server" TextMode="Password"></asp:TextBox>
<asp:Label ID="Label1" runat="server"></asp:Label>
<asp:Button ID="Button1" runat="server" onclick="Button1_Click" Text="Submit" />
public partial class LoginCustmCntrlPage : System.Web.UI.Page
protected void Page_Load(object sender, EventArgs e)
protected void Button1_Click(object sender, EventArgs e)
bool status = SPClaimsUtility.AuthenticateFormsUser(Context.Request.UrlReferrer, TextBox1.Text, TextBox2.Text);
Label1.Text = "Wrong Userid or Password";
if (Context.Request.QueryString.Keys.Count > 1)
You can download the VS 2010 solution from here. I also tried to use default masterpage from any site instead of “_layouts/simple.master” in another custom login page. But it seems not possible as you are still not logged in. One alternative is having similar masterpage in layouts folder and use it from there.
This is a great article. I am using Share Point 2010 but I am using Visual Studio 2008. I want to accomplish the same task but with VB.NET and I dont see an option to create an Empty Share Point Project in my Visual Studio 2008. I was thinking of creating a simple project and then creating a SampleLogin.ASPX.
But after I create that project i have to deploy the Dlls and Page to some specific locations. Can you please tell me where should I drop these new dll and page on my share point server?
Great article, really saved our time
Just follow the steps to add your .dll file
1. Drop the .dll into the GAC of your sharepoint server
2. Edit the "<SafeControls>" section of your web.config
3. Now go to the Site Actions->Site Seetings->Galleries->Webpart
4. Use the Upload menu option to upload your file.
For more details on Sharepoint 2010/ Sharepoint 2007 please visit
How are you handling Remember Me functionality?
good articale. but i am facing a problem while impementing this solution. i think i am missing some thing importantn. i have build a simple sp2010 application page and deployed it in 14 hive. when i tried to set that page as my login page i am keep geting chalanged for user name and password. even i provide valid domain username and password i hv been kicked out. please help me out.
"But it seems not possible as you are still not logged in." - What if we use Sharepoint.webcontrols.UnsecuredLayoutsPageBase rather than System.UI.Page. Shouldn't it work.
Could you help me in understanding where the FedAuth cookie is getting set in the whole flow.
I have downloaded the solution and set the login page as the path "~/layouts/LdapContosoAuthentication/Login.aspx" with correct file names, then i get the message 404 page not found.