How does forms based authentication work in SharePoint 2010?

Question

We are setting up a new extranet farm and we want to use SharePoint 2010. We have some usability issues with authentication on our old farm, so I'd like to do things right (or at least righter) on this one.

Does SharePoint 2010 have an OOB way to support forms based authentication that will look in a trusted domain to validate an ID/password before searching a SQL datastore or is this something I'm going to have to write myself?

We are planning to set up alternative access mappings so that users within the office can use NTLM and SSO, but when outside the office, they'll access the site through SSL and we want them to be able to use the FBA form to enter their network credentials and get authorization.

Can anyone point me to a good resource or even a 3rd party provider that supports this already?

Answer 1

In SharePoint 2010 you can actually have dual authentication methods on a site when you use Claims Based authentication. This link should help you get FBA set on on 2010. http://blogs.technet.com/b/speschka/archive/2009/11/05/configuring-forms-based-authentication-in-sharepoint-2010.aspx

Answer 2

You might also try using Microsoft Forefront Unified Access Gateway for it's advanced authentication schemes. Using UAG you can set up a form that authenticates a user to their windows account on the extranet access, while continuing to use the regular windows account on the intranet.

Reference:

Why enable SharePoint extranet access with Forefront UAG?, Microsoft TechNet

Published: January 11, 2010

Updated: February 1, 2011