Tuesday

FBA and the Microsoft Office System


This is an article that tends to describe the interaction of Forms Based Authentication in MOSS 2007 and how it affects the functionality of Microsoft Office products.

What is FBA?
FBA is the Forms Based Authentication solution that provides an authentication method for users who need to authenticate against your SharePoint site using web forms as input method and data store as credentials store.
There are different FBA solutions available to the .Net Framework. Some of these solutions make use of SQL Server as the source for the user credentials, Windows Live IDs, XML, SharePoint lists and many more.

Implementing FBA in SharePoint
Implementing FBA in SharePoint takes different approaches depending on the solution you adopt. There are many third party tools and open source files that you can obtain from the internet which you can use to implement FBA on your SharePoint site. I will not use this medium to describe how to implement FBA but instead I will add below URL of sites where you can get help.

  1.  http://splistmp.codeplex.com/releases/view/7001
  2.  https://www.nothingbutsharepoint.com/sites/itpro/Pages/Configuring-Forms-Based-Authentication.aspx
  3.  http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/
  4.  http://cks.codeplex.com/releases/view/17901
  5.  http://www.shetabtech.com/english/SharePointLiveAuth/default.aspx
  6.  http://sp2010claimsfbaexs.codeplex.com/
  7.  http://www.codeproject.com/Articles/19055/Form-Authentication-for-MOSS-2007-Site

From all the above you can configure your SharePoint Farm to use FBA for authentication.

Using FBA in SharePoint
Using FBA in SharePoint has its limitations compared with Windows authentication.  Generally, users who have Active Directory accounts can use their accounts to log on to Windows and the same credentials will also be used to authenticate against any SharePoint site that uses windows authentication. But using FBA means you will be presented with web forms – login page whenever you visit the SharePoint site in which you then input your login credentials in the form of a “username” and a “password”.
This method heavily depends on the ASP.NET 2.0 provider, relevant skills in web development, configuration of .NET, IIS and SharePoint.

Functionality Issues of using FBA with Microsoft Office Products
When you configure a SharePoint Web Application to use FBA, during the configuration the “Enable Client Integration Box” is cleared by default. This means most Microsoft Office integration is disabled.
  1. Support for remote interfaces is turned off such as WebDav, SOAP, RPC (remote procedure calls), Web Folders and Web services.
  2. Functionality items are turned off, Open in Outlook, Explorer View, Create an Access View, Open in Windows Explorer, Export to Spreadsheet and open in Datasheet view also New Document is not available.
  3. Upload multiple pictures, Edit picture, download picture and send to are all disabled.
  4. Edit in Word, Excel, PowerPoint are disabled, Connect to Outlook and Discuss are not available.
  5. Syncing SharePoint data with Microsoft Office Outlook no longer works .

To enable all the above functionality in SharePoint, the “Enable Client Integration” box will need to be checked in the Central Administration for the Authentication Provider of the Web Application.
There’s a degraded user experience and functionality when using FBA partly because of how it was configured and also due to compatibilities issues created by Microsoft.
These issues have been identified in Office 2003 and Office 2007 and Microsoft has provided service packs which as improved the functionality being experienced only in Office 2007.

Compatibilities and Workarounds
Currently, compatibilities issues are present in the Microsoft Office SharePoint Server 2007 and Office System 2003 which I believe has not been resolved. So any organisation implementing MOSS 2007 but has not upgraded Office 2003 should have an assessment done to prevent failures in their implementations.
As I have described previously above, there are service packs available for the Microsoft Office SharePoint Server 2007 and Office System 2007 which has improved the user experience when using Form Based Authentication (FBA) as an authentication method for SharePoint, this is the MOSS 2007 Service Pack 2 and 2007 Office Suite SP2.  The MOSS 2007 Service Pack 2 that was shipped April 28th 2009, now has added and improved functionality which includes Microsoft Save as PDF or XPS, substantial improvements to FBA support in Word, Excel, PowerPoint and SharePoint Designer 2007.
The following are tests I have carried out using the different versions of MOSS 2007 Service Packs, Office 2007 and Office 2003.
MOSS Version
Office Version
Tests Carried Out
Conclusion
Microsoft Office SharePoint Server 2007 with Service Pack 1 and below
Office System 2007 with Service Pack 1 and below
-          Open in Word does not work well
-          Connect to Outlook does not work well
-          Export to Spreadsheet does not work at all.
MOSS 2007 and Office 2007 does not support FBA very well, User experience is not degraded, user credentials will need to entered many times
Microsoft Office SharePoint Server 2007 with Service Pack 2
Office System 2007 with Service Pack 1 and below
-          Open in Word does not work well
-          Connect to Outlook does not work well
-          Export to Spreadsheet does not work at all.
MOSS 2007 and Office 2007 does not support FBA very well, User experience is not degraded, user credentials will need to entered many times
Microsoft Office SharePoint Server 2007 with Service Pack 2
Office 2003
-          Upload Mulitple Works
-          Open in Word not working
-          Export to Spreadsheet not working
-          Connect to Outlook not working
FBA Client integration does not work with Office 2003
Microsoft Office SharePoint Server 2007 with Service Pack 2
Office System 2007 with Service Pack 2
-          Everything works (with the “Remember me” check box ticked.
-          Open in Word works(login page presented, enter in your credentials and it just fine)
-          Connect to Outlook works (if “remember me” check box is ticked)
-          Export to Excel works (if “remember me” check box is ticked)
This is the best experience with FBA as both Office 2007 SP2 and MOSS 2007 SP2 support FBA fully and integrates very well.

When working in Office 2007 SP1 and below, Office 2003 users can still work with documents in SharePoint libraries and lists, but with working in SharePoint libraries they must right-click items and choose to save a copy to disk. They can then edit and update the document, and then upload it and check it back in when they are finished editing.

Conclusion
In this article I have described what the Form Based Authentication is and ways in which is can be implemented and have provided different resources available to use with FBA. Also I have been able to describe the impact of using FBA and the main functionality issues you can encounter when using FBA in Office System. Then, finally I was able to discuss my findings with using the different versions of MOSS 2007 and Office System 2007.

Further Reading
  1. http://www.codeproject.com/Articles/16822/The-Anatomy-of-Forms-Authentication
  2. http://msdn.microsoft.com/en-us/library/bb977430.aspx
  3. http://blogs.technet.com/b/office_sustained_engineering/archive/2009/04/16/service-pack-2-for-the-2007-microsoft-office-system-due-to-ship-april-28th.aspx

No comments: