Claims based authentication in SharePoint 2010 - SharePoint Saturday Vietnam

•

0 likes•463 views

The document provides an overview of identity, authentication, and authorization in Microsoft SharePoint 2010. It discusses identity providers, claims-based identity, and how claims-based authentication works in SharePoint 2010. The document also demonstrates configuring claims-based authentication using Windows Live ID and provides additional resources on claims-based authentication in SharePoint.

Technology

Binh Thanh Nguyen
Solutions Architect and Project Manager
Bamboo Solutions Corporation Vietnam

• Identity and Identity Providers
• Authentication and Authorization
• Identity challenges in SharePoint 2007
• Claims-Based Identity
• Claims-Based Authentication in
Microsoft SharePoint 2010
• Demo
• Q&A

• What is Identity?
– A set of attributes to describe a user

• What is Identity Providers?
– Composed of attributes/identifiers
• Examples:
– Active Directory, Directory Services

• What is Authentication (AuthN)?
– Authentication is the process of
identification and validation of a
user's identity
• What is Authorization (AuthZ)?
– Determines whether that identity
has access to a particular resource
such as sites, content, and other
features the user can access.

• Authentication is intertwined within
SharePoint 2007
• Very Complex in doing the
configuration
• Access control only through
attribute providers

So… What is the SOLUTIONS ???

• What is Claims? Issuer: Police
Dept.
Issuer: VN
Railway
– Information Full Name Name

about the user ID Number Frequent flyer
number
… such as Full Address Train number

name, e-mail, Regional Bus

age, group, Date of birth Seat number

etc.
Date of issue Date of issue
Sex

Picture

Request ID Card

ID Card
Trust

ID Card

Ticket

Ticket

• The service component that builds, signs,
and issues security tokens.
• Supports multiple credential types
• Identity Provider STS (IP-STS) and a Relying
Party STS(RP-STS).
– An IP-STS is an STS that issues tokens that
can be used to request service tokens
from RP-STSs.
– An RP-STS can also consume other types of
tokens (or credentials), for example an NT
token that comes from the domain
controller or the (KDC)
• STSs can be chained

• SharePoint STS is always relying party STS
Built on Windows Identity Foundation
(WIF)
• Multiple authentication types
• Identity Provider neutral
– Configured via Central Admin or
PowerShell
• Delegation of user identity between
applications.

Send Cookie
Send token
Issue token
Send token
Issue token
Authenticate

Browser Issuer
Get / Active Directory

302
AuthN

SAML Token

Post
Process Token
Cookie

Cookie

302 Process Claims

• Support existing identity infrastructure
– Active Directory
– LDAP, SQL
– WebSSO and Identity Management Systems
• Multiple authentication methods per
SharePoint Web Application
• Enable automatic, secure identity delegation
– Cross-machines & cross-farm
• Support “no-credential” connections to
External web services
• Standards-based and Interoperable

Configure claims-based authentication
using Windows Live ID

• MSDN and Technet:
– http://technet.microsoft.com/en-
us/library/ff973117.aspx#section3
– http://blogs.technet.com/b/ritaylor/archive/20
09/06/03/claims-based-authentication-an-
overview.aspx
– http://technet.microsoft.com/en-
us/sharepoint/ff678022.aspx#lesson2
– http://blogs.msdn.com/b/russmax/archive/201
0/05/27/understanding-sharepoint-2010-
claims-authentication.aspx
• Microsoft PDC:
– http://www.microsoftpdc.com/2009/SVC26

Similar to Claims based authentication in SharePoint 2010 - SharePoint Saturday Vietnam

Claim Based Authentication in SharePoint 2010 for Community Day 2011

Joris Poelmans

SharePoint, ADFS and Claims Auth

Kashif Imran

In this Webinar, Envision IT demonstrates how ADFS federation can allow external users to access an Extranet, their DMZ accounts or other external identities, and use single sign-on to other systems beyond SharePoint. View more details and the webinar recording here: http://www.envisionit.com/products/events/Pages/SharePoint-Extranet-Spring-Webinar-Series-Federation-and-SharePoint-On-Premise.aspx

Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...

Envision IT

SPSBE 2013 Claims for devs

Steven Van de Craen

SharePoint Saturday Utah - Do you claim to be from the Azure Sky?

Liam Cleary [MVP]

How will SharePoint 2013 allow organizations to collaborate and share knowledge with clients and partners? SharePoint empowers organization to build extranet sites and partner portals inexpensively and securely. Learn about the Product Catalog site template and how you can to use it. Learn about the new improvements in SharePoint 2013 regarding extranets. Learn how SharePoint 2013 can help your organization open its doors to its clients and partners securely.

SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...

Brian Culver

SharePoint Saturday The Conference DC - Are you who you say you are share poi...

Liam Cleary [MVP]

Federated and fabulous identity

Andre N. Klingsheim

This session will teach you everything that you need to know in order to understand SharePoint Apps, authentication and authorization. Learn about the different type of Apps, the underlying Apps architecture and how to configure an on-premises environment to support Apps. Also you will learn about the different authentications options available for integrating apps, devices, and applications for on-prem scenarios, in the cloud and hybrid.

Understanding SharePoint Apps, authentication and authorization infrastructur...

SPC Adriatics

SharePoint Saturday Austin - Share point authentication and authorization

Liam Cleary [MVP]

SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud

Danny Jessee

Claims Based Authentication in SharePoint 2010

Jonathan Schultz

SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud

Danny Jessee

NIC 2014 Modern Authentication for the Cloud Era

Morgan Simonsen

Presentation

Laxman Kumar

The Who, What, Why and How of Active Directory Federation Services (AD FS)

Jay Simcox

Claims-Based Identity in SharePoint 2010

Danny Jessee

Claims-Based Identity, Facebook, and the Cloud

Danny Jessee

SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud

Danny Jessee

Early Adopting Java WSIT-Experiences with Windows CardSpace

Oliver Pfaff

Similar to Claims based authentication in SharePoint 2010 - SharePoint Saturday Vietnam (20)

Claim Based Authentication in SharePoint 2010 for Community Day 2011

SharePoint, ADFS and Claims Auth

Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...

SPSBE 2013 Claims for devs

SharePoint Saturday Utah - Do you claim to be from the Azure Sky?

SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...

SharePoint Saturday The Conference DC - Are you who you say you are share poi...

Federated and fabulous identity

Understanding SharePoint Apps, authentication and authorization infrastructur...

SharePoint Saturday Austin - Share point authentication and authorization

SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud

Claims Based Authentication in SharePoint 2010

SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud

NIC 2014 Modern Authentication for the Cloud Era

Presentation

The Who, What, Why and How of Active Directory Federation Services (AD FS)

Claims-Based Identity in SharePoint 2010

Claims-Based Identity, Facebook, and the Cloud

SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud

Early Adopting Java WSIT-Experiences with Windows CardSpace

Recently uploaded

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

Presentation on how to chat with PDF using ChatGPT code interpreter

naman860154

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

🐬 The future of MySQL is Postgres 🐘

RTylerCroy

Handwritten Text Recognition for manuscripts and early printed texts

Maria Levchenko

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

CNv6 Instructor Chapter 6 Quality of Service

giselly40

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Friends Colony Women Seeking Men

Delhi Call girls

How to convert PDF to text with Nanonets

naman860154

Histor y of HAM Radio presentation slide

vu2urc

[2024]Digital Global Overview Report 2024 Meltwater.pdf

hans926745

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

Heather Hedden, Senior Consultant at Enterprise Knowledge, presented “The Role of Taxonomy and Ontology in Semantic Layers” at a webinar hosted by Progress Semaphore on April 16, 2024. Taxonomies at their core enable effective tagging and retrieval of content, and combined with ontologies they extend to the management and understanding of related data. There are even greater benefits of taxonomies and ontologies to enhance your enterprise information architecture when applying them to a semantic layer. A survey by DBP-Institute found that enterprises using a semantic layer see their business outcomes improve by four times, while reducing their data and analytics costs. Extending taxonomies to a semantic layer can be a game-changing solution, allowing you to connect information silos, alleviate knowledge gaps, and derive new insights. Hedden, who specializes in taxonomy design and implementation, presented how the value of taxonomies shouldn’t reside in silos but be integrated with ontologies into a semantic layer. Learn about: - The essence and purpose of taxonomies and ontologies in information and knowledge management; - Advantages of semantic layers leveraging organizational taxonomies; and - Components and approaches to creating a semantic layer, including the integration of taxonomies and ontologies

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Enterprise Knowledge

MySQL Webinar, presented on the 25th of April, 2024. Summary: MySQL solutions enable the deployment of diverse Database Architectures tailored to specific needs, including High Availability, Disaster Recovery, and Read Scale-Out. With MySQL Shell's AdminAPI, administrators can seamlessly set up, manage, and monitor these solutions, ensuring efficiency and ease of use in their administration. MySQL Router, on the other hand, provides transparent routing from the application traffic to the backend servers in the architectures, requiring minimal configuration. Completely built in-house and supported by Oracle, these solutions have been adopted by enterprises of all sizes for their business-critical applications. In this presentation, we'll delve into various database architecture solutions to help you choose the right one based on your business requirements. Focusing on technical details and the latest features to maximize the potential of these solutions.

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Miguel Araújo

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

GenCyber Cyber Security Day Presentation

Michael W. Hawkins

In an era where artificial intelligence (AI) stands at the forefront of business innovation, Information Architecture (IA) is at the core of functionality. See “There’s No AI Without IA” – (from 2016 but even more relevant today) Understanding and leveraging how Information Architecture (IA) supports AI synergies between knowledge engineering and prompt engineering is critical for senior leaders looking to successfully deploy AI for internal and externally facing knowledge processes. This webinar be a high-level overview of the methodologies that can elevate AI-driven knowledge processes supporting both employees and customers. Core Insights Include: Strategic Knowledge Engineering: Delve into how structuring AI's knowledge base is required to prevent hallucinations, enable contextual retrieval of accurate information. This will include discussion of gold standard libraries of use cases support testing various LLMs and structures and configurations of knowledge base. Precision in Prompt Engineering: Learn the art of crafting prompts that direct AI to deliver targeted, relevant responses, thereby optimizing customer experiences and business outcomes. Unified Approach for Enhanced AI Performance: Explore the intersection of knowledge and prompt engineering to develop AI systems that are not only more responsive but also aligned with overarching business strategies. Guiding Principles for Implementation: Equip yourself with best practices, ethical guidelines, and strategic considerations for embedding these technologies into your business ecosystem effectively. This webinar is designed to empower business and technology leaders with the knowledge to harness the full potential of AI, ensuring their organizations not only keep pace with digital transformation but lead the charge. Join us to map a roadmap to fully leverage Information Architecture (IA) and AI chart a course towards a future where AI is a key pillar of strategic innovation and business success.

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

Earley Information Science

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

Recently uploaded (20)

GenAI Risks & Security Meetup 01052024.pdf

Presentation on how to chat with PDF using ChatGPT code interpreter

Driving Behavioral Change for Information Management through Data-Driven Gree...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

🐬 The future of MySQL is Postgres 🐘

Handwritten Text Recognition for manuscripts and early printed texts

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

CNv6 Instructor Chapter 6 Quality of Service

08448380779 Call Girls In Friends Colony Women Seeking Men

How to convert PDF to text with Nanonets

Histor y of HAM Radio presentation slide

[2024]Digital Global Overview Report 2024 Meltwater.pdf

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

GenCyber Cyber Security Day Presentation

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

Claims based authentication in SharePoint 2010 - SharePoint Saturday Vietnam

2. Binh Thanh Nguyen Solutions Architect and Project Manager Bamboo Solutions Corporation Vietnam

3. • Identity and Identity Providers • Authentication and Authorization • Identity challenges in SharePoint 2007 • Claims-Based Identity • Claims-Based Authentication in Microsoft SharePoint 2010 • Demo • Q&A

5. • What is Identity? – A set of attributes to describe a user

6. • What is Identity Providers? – Composed of attributes/identifiers • Examples: – Active Directory, Directory Services

8. • What is Authentication (AuthN)? – Authentication is the process of identification and validation of a user's identity • What is Authorization (AuthZ)? – Determines whether that identity has access to a particular resource such as sites, content, and other features the user can access.

10. • Authentication is intertwined within SharePoint 2007 • Very Complex in doing the configuration • Access control only through attribute providers So… What is the SOLUTIONS ???

11.

12. • What is Claims? Issuer: Police Dept. Issuer: VN Railway – Information Full Name Name about the user ID Number Frequent flyer number … such as Full Address Train number name, e-mail, Regional Bus age, group, Date of birth Seat number etc. Date of issue Date of issue Sex Picture

13. Request ID Card ID Card Trust ID Card Ticket Ticket

14.

15. • The service component that builds, signs, and issues security tokens. • Supports multiple credential types • Identity Provider STS (IP-STS) and a Relying Party STS(RP-STS). – An IP-STS is an STS that issues tokens that can be used to request service tokens from RP-STSs. – An RP-STS can also consume other types of tokens (or credentials), for example an NT token that comes from the domain controller or the (KDC) • STSs can be chained

16. • SharePoint STS is always relying party STS Built on Windows Identity Foundation (WIF) • Multiple authentication types • Identity Provider neutral – Configured via Central Admin or PowerShell • Delegation of user identity between applications.

17. Send Cookie Send token Issue token Send token Issue token Authenticate

18. Browser Issuer Get / Active Directory 302 AuthN SAML Token Post Process Token Cookie Cookie 302 Process Claims

19. -Classic -Claims

20.

21. • Support existing identity infrastructure – Active Directory – LDAP, SQL – WebSSO and Identity Management Systems • Multiple authentication methods per SharePoint Web Application • Enable automatic, secure identity delegation – Cross-machines & cross-farm • Support “no-credential” connections to External web services • Standards-based and Interoperable

22. Configure claims-based authentication using Windows Live ID

23.

24. • MSDN and Technet: – http://technet.microsoft.com/en- us/library/ff973117.aspx#section3 – http://blogs.technet.com/b/ritaylor/archive/20 09/06/03/claims-based-authentication-an- overview.aspx – http://technet.microsoft.com/en- us/sharepoint/ff678022.aspx#lesson2 – http://blogs.msdn.com/b/russmax/archive/201 0/05/27/understanding-sharepoint-2010- claims-authentication.aspx • Microsoft PDC: – http://www.microsoftpdc.com/2009/SVC26

25. THANK YOU!

Claims based authentication in SharePoint 2010 - SharePoint Saturday Vietnam

Recommended

Recommended

More Related Content

Similar to Claims based authentication in SharePoint 2010 - SharePoint Saturday Vietnam

Similar to Claims based authentication in SharePoint 2010 - SharePoint Saturday Vietnam (20)

Recently uploaded

Recently uploaded (20)

Claims based authentication in SharePoint 2010 - SharePoint Saturday Vietnam