• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Claims Based Authentication in SharePoint 2010
 

Claims Based Authentication in SharePoint 2010

on

  • 1,196 views

 

Statistics

Views

Total Views
1,196
Views on SlideShare
1,196
Embed Views
0

Actions

Likes
0
Downloads
20
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Claims Based Authentication in SharePoint 2010 Claims Based Authentication in SharePoint 2010 Presentation Transcript

    • Claims-Based Authentication SharePoint 2010 Jonathan Schultz (@SharePointValue) Skyline Technologies, Inc. 11/15/2011
    • About Skyline Technologies• Leading Microsoft solutions provider – Develops and tailors IT applications to meet the business and technical objectives of customers – Serves clients in the manufacturing and retail to healthcare, transportation, and logistics industries• Microsoft Partner with Gold competencies in Business Intelligence, Content Management, Portals and Collaboration, and Web Development and Silver competencies in Data Platform, Project and Portfolio Management, Search, and Software Development.• Provides a pathway to speed your company toward its vision.• Recognized by businesses nationwide as a team of smart, experienced people and a Microsoft Gold Certified Partner organization specializing in adapting Microsoft solutions to individual client’s needs.
    • Agenda• What are Claims?• Why would you use them?• Claims-Based Authentication – Basic Architecture – Trusted Identity Providers – Advanced Concepts• Claims Development Tasks• Reality of Claims Based Authentication• Reference Materials
    • What are Claims?• Attributes about a User• Need to Come from Someone You Trust• Driver’s License Example – Trusted Provider = State of Wisconsin – Claims • Name = Jonathan Schultz • Age = 35 • Organ Donor = No
    • Why Use Claims?• Claim Augmentation – Security Groups from Active Directory – HRMS/CRM Attributes • Title/Role• Federation – Partner Network • Business to Business – Subsidiaries – Web 2.0 (Windows Live, Facebook, etc.)• Advanced Authentication & Authorization
    • Basic Claims Scenario
    • Claims Based Architecture
    • Terminology• Security Token Service (STS) – Identity Provider (IP-STS) – Relying Party (RP-STS)• Security Assertion Markup Language (SAML)• Windows Identity Framework (formerly Geneva)• Trusted Login Provider
    • Under the Covers
    • Claims-to-Windows Token Service
    • Claims Based Architecture Notes• New in SharePoint 2010• Authentication Prompt for Multiple Providers• All Intra/Inter Farm Calls are Claims Based – i.e. Service Applications• Claims-to-Windows Token Service Needed for Some Service Applications, i.e. PerformancePoint Services
    • Claims Development Tasks• Custom Login Pages – Extranet Scenarios – Branding – “Remember Me” Capability – Home Realm Discovery• Custom Claim Providers – Claims Augmentation – Claims Picking / Resolution• Trusted Login Providers – WIF SDK
    • Reality of Claims Based Authentication• Claims Authorization uses OR logic, not AND – Scenario: Authorize US HR User • Location Claim = US • Department Claim = HR • Will also succeed for US IT because of US OR HR• Trusted Identity Providers – Cookie Driven (Watch out for domains/paths) – Time Based Expiration (Server Times)• Claims + Kerberos + SSRS = Problem
    • Reference Materials• Claims and Security Technical Articles for SharePoint 2010• Implementing Claims-Based Authentication with SharePoint Server 2010 – White Paper• A Guide to Claims-Based Identity and Access Control – Patterns & Practices• Custom Claims-Based Security in SharePoint 2010• Steve Peschka’s Blog: Share-n-dipity