- Understanding SharePoint security model requires understanding the difference between 'Authentication process and Authorization process'
- Authentication is the mechanism by which systems securely identify the user attempting to access a resource
- Authorization is the mechanism by which a system determines the level of access the authenticated user
- SharePoint itself does not perform any authentication.
- The authentication process is handled by an underlying authentication system, For example windows authentication is handled by Windows Server and IIS.
- SharePoint only performs authorization to secured sources contained in sites,lists,libraries...
- SharePoint 2010 offers two different authentication mode : Classic authentication mode and Claims-based authentication mode
Classic mode Authentication:
- It refers to the integrated windows authentication
- You cannot configure the form based application if your web application is using Classic mode authentication
- You can convert a web application from Classic mode authentication to Claims-based by only using Powershell Command and it an irreversible process
Claims-based Authentication:
- SharePoint 2010 is built upon Windows Identity Foundation
- It enables authentication from as well as non-windows based system.
- This also provides the capability to have multiple authentication in a single URL
- Claim-based authentication is built upon Windows Identity Framework
No comments:
Post a Comment