Many of our customers have use cases where by they would like to take a specific custom action when an FBA (forms based authentication) user logs in to their SharePoint Extranet. Some examples may be to update a back-end CRM system, or redirect the user to a specific page. It is actually fairly simple to implement this logic. The Visual Studio project and source code for this article can be downloaded by clicking the download link at the bottom of this page.
First under the 12 hive, open the C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\TEMPLATE\LAYOUTS folder. Find the login.aspx file, and make a copy of it called CustomLogin.aspx. This will be our new user login page.
Next, open the web.config for your SharePoint application, find the <authentication/> element, and change it from:
<forms loginUrl="/_layouts/login.aspx" />
<forms loginUrl="/_layouts/CustomLogin.aspx" />
Now, create a new Class Library project in Visual Studio, or alternatively download my sample project from the link below. Your project will need references to Microsoft.SharePoint.dll, Microsoft.SharePoint.ApplicationPages.dll, and System.Web.
Rename the automatically created Class1.cs to CustomLoginPage.cs. To save time and effort, the CustomLoginPage class will derive from Microsoft.SharePoint.ApplicationPages.LoginPage. Here's what the class should look like:
public class CustomLoginPage : Microsoft.SharePoint.ApplicationPages.LoginPage
protected override void OnLoad(EventArgs e)
this.login.LoggedIn += new EventHandler(OnLoggedIn);
// Fires after user has sucessfully logged in
void OnLoggedIn(object sender, EventArgs e)
// Get the user
MembershipUser user = Membership.GetUser(this.login.UserName);
if (user != null)
// Do something interesting such as redirect or update CRM
As you can see, it is a simple matter of subscribing to the base page's login control's LoggedIn event, and then taking action when that event fires. Inside the event handler, you can instantiate a MembershipUser object for the newly logged in user, and then do something interesting.
It should also be noted that the login control has three other events which may be salient to your particular use case.
- LoggingIn - Occurs when a user submits login information, but before authentication takes place.
- Authenticate - Occurs when a user is authentication takes place.
- LoggedIn - Occurs when a user logs in to the web site, and has been authenticated.
- LoginError - Occurs when a login error is detected.
Next, open the CustomLogin.aspx page created in the first step, and modify its Assembly and Page declarations to point towards the new custom code behind assembly. If you're using my sample project, your declaration will look exactly like this:
<%@ Assembly Name="SPSolutions.Custom, Version=220.127.116.11, Culture=neutral, PublicKeyToken=e9db3057acd9c0f6"%>
<%@ Page Language="C#" Inherits="SPSolutions.Custom.CustomLoginPage" MasterPageFile="~/_layouts/simple.master"%>
Finally, place the compiled assembly into the _app_bin folder of your SharePoint web application (e.g. C:\Inetpub\wwwroot\wss\VirtualDirectories\adventureworks.local.dev\_app_bin). Optionally, you could also place the assembly into the GAC.
(Quick, painless registration is required for access to this download)