FBA: the Downside

ASP.NET forms-based authentication (FBA) is currently a popular choice for extranet solutions in SharePoint. However, implementing FBA isn’t one of the more pleasant experiences in SharePoint. It requires hand-editing the web.config file and doesn’t have much of a UI in the Central Administration console for configuration. Furthermore, rich client integration features are affected a bit. In Central Administration, when you assign your web application to use an FBA provider, the Enable Client Integration check box is cleared by default. This is SharePoint’s way of warning you about some future potential problems. If client integration is turned on for FBA, Microsoft claims that most Office integration features should work, but that they need to be thoroughly tested first. You can find FBA client integration workarounds and tricks on the web, and some are even hosted on CodePlex, but Microsoft doesn’t support them. Finally, keep in mind that using FBA requires purchasing an external connector license, which will increase the total solution cost. My general recommendation regarding FBA is to try to avoid it if possible, or follow the advice in the MSDN article “Forms Authentication in SharePoint Products and Technologies (Part 1): Introduction” at msdn.microsoft.com/en-us/library/bb975136.aspx, which states, “Before using forms authentication, determine why to use forms authentication in the first place: What is the business driver?”

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.