0
SPS Philly
Platinum
Gold
Silver Web
SharePointUser Group
• SharePoint
• End Users
• Administrators
• Architects
• Developers
• IT Pros
• Meetings: 2nd Tuesday...
Dan Usher
Lead Associate
Booz Allen Hamilton
usher_daniel@bah.com
http://www.sharepointdan.com
http://www.yammer.com/spyam
http://go.spdan.com/kerberos2010
http://go.spdan.com/kerberos2013
http://go.spdan.com/multihopwinrm
http://xkcd.com/1240/
Security in General
Security in General
Anonymous
Authentication
Is In Site Group?
Does user have claim attribute?
Web Application / Site Collection
Secured Site ...
Source:http://go.spdan.com/iisauth
ASP.NETAuthentication
•
•
•
•
•
•
http://go.spdan.com/cba
http://go.spdan.com/cba
http://go.spdan.com/claimsencoding
http://go.spdan.com/claimsencoding
1. Resource Requested
2. AuthN Request / Redirect
3. AuthN Request
4. Security Token
5. Security Token Request
6. Service ...
https://sts.domain.com
•
•
•
•
•
•
Usher_Daniel@bah.com
@binarybrewery
www.sharepointdan.com
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
2014-04-05 - SPSPhilly - Authentication and Authorization
Upcoming SlideShare
Loading in...5
×

2014-04-05 - SPSPhilly - Authentication and Authorization

314

Published on

n today’s complex market place of corporate partnerships and relationships, sharing information is pertinent to ensuring that business operations are conducted in a secure computing environment with trusted entities being provided access to protected information.
In this session, Dan will discuss the basics of authentication and authorization in relation to the SharePoint platform. Further, we will be discussing the technical underpinnings of the SharePoint platform’s processing of a user’s identity dependent on identity provider and authorization settings.
As a part of this session we will demonstrate different authentication and authorization configurations that are common place in today’s business settings to include when to use:
• Integrated Windows Authentication
• Forms Based Authentication using SQL Server
• ADFS as a Trusted Identity Provider
• Threat Management Gateway with Kerberos (Constrained Delegation using client certs)
After attending this session, attendees will have a better grasp of the configuration complexities involved with each scenario as well as the user experience impacts based on the path taken.

Published in: Technology, Design
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
314
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "2014-04-05 - SPSPhilly - Authentication and Authorization"

  1. 1. SPS Philly
  2. 2. Platinum Gold Silver Web
  3. 3. SharePointUser Group • SharePoint • End Users • Administrators • Architects • Developers • IT Pros • Meetings: 2nd Tuesday of the month, MicrosoftMalvern, 5:30-8 pm WEB: www.TriStateSharePoint.org EMAIL: info@TriStateSharePoint.org TWITTER: @tristateSP
  4. 4. Dan Usher Lead Associate Booz Allen Hamilton usher_daniel@bah.com http://www.sharepointdan.com
  5. 5. http://www.yammer.com/spyam
  6. 6. http://go.spdan.com/kerberos2010 http://go.spdan.com/kerberos2013 http://go.spdan.com/multihopwinrm
  7. 7. http://xkcd.com/1240/
  8. 8. Security in General
  9. 9. Security in General
  10. 10. Anonymous Authentication Is In Site Group? Does user have claim attribute? Web Application / Site Collection Secured Site / Site Collection / Content Content Repository Content
  11. 11. Source:http://go.spdan.com/iisauth ASP.NETAuthentication
  12. 12. • • • • • • http://go.spdan.com/cba
  13. 13. http://go.spdan.com/cba
  14. 14. http://go.spdan.com/claimsencoding
  15. 15. http://go.spdan.com/claimsencoding
  16. 16. 1. Resource Requested 2. AuthN Request / Redirect 3. AuthN Request 4. Security Token 5. Security Token Request 6. Service Token 7. Resource Request w/Service Token 8. Resource Sent Identity Provider Security Token Service aka IP-STS SharePoint 2010 aka RP
  17. 17. https://sts.domain.com
  18. 18. • • • • • •
  19. 19. Usher_Daniel@bah.com @binarybrewery www.sharepointdan.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×