12/19/2011

SharePoint 2010 Security model


  • Understanding SharePoint security model requires understanding the difference between 'Authenticaton process and Authorization process'
  • Authentication is the mechanism by which systems securely identify the user attemting to access a resource 
  • Authorization is the mechanism by which a system determines the level of access the authenticated user 

  • SharePoint itself does not perform any authentication.
  • The authentication process is handled by an underlying authentication system, For example windows authentication is handled by Windows Server and IIS.
  • SharePoint only performs authorization to secured sources contained in sites,lists,libraries...
  • SharePoint 2010 offers two different authentication mode : Classic authentication mode and Claims-based authentication mode
  Classic mode Authentication:
  •  It refers to the integrated windows authentication
  •  You cannot configure the form based application if your web application is using Classic mode authentication 
  •  You can convert a web application from Classic mode authentication to Claims-based by only using  Powershell Command and it an irrevsible process
Claims-based Authentication:
  •  SharePoint 2010 is built upon Windows Identity Foundation 
  •  It enables authentication from as well as non-windows based system.
  •  This also provides the capability to have multiple authentication in a single URL
  •  Claim-based authentication is built upon Windows Identity Framework 

No comments:

Post a Comment