SlideShare a Scribd company logo

SharePoint Saturday Utah - Do you claim to be from the Azure Sky?

Download as PPTX, PDF
Liam Cleary [MVP]
Liam Cleary [MVP]

SharePoint Saturday Utah - Do you claim to be from the Azure Sky?

Technology
1 of 20
Do you claim to be from the Azure sky? Liam Cleary
About Me • Solution Architect @ SusQtech (Winchester, VA) • SharePoint MVP since 2007 • Working with SharePoint since 2002 • Worked on all kinds of projects • Internet • Intranet • Extranet • Anything SharePoint Really • Involved in Architecture, Deployment, Customization and Development of SharePoint
You can teach a student a lesson for a day; but if you can teach him / her to learn by creating curiosity, they will continue the learning process as long as they live. Clay P. Bedford
I am hoping for a different kind of Curiosity today 
Security with SharePoint • Isn't this an oxymoron? Just kidding!!
Agenda • SharePoint Authentication • What is available? • What is claims authentication? • SharePoint and Claims? • Identity Providers • Azure Control Service • Google, Windows Live ID, Yahoo, Facebook • Custom IDP • What to choose?
SharePoint Authentication
SharePoint Authentication • Multiple Types of Authentication Support • Windows • NTLM • Kerberos • Basic • Anonymous • Digest • Forms-based Authentication • Lightweight Directory Access Protocol (LDAP) • Microsoft SQL Server • ASP.NET Membership and Role Providers • SAML Token-based Authentication • Active Directory Federate Services • 3rd Party Identity Providers • Lightweight Directory Access Protocol (LDAP)
Authentication – Claims Why introduce Claims Authentication? • Wide Support • Standards Based • WS-Federation 1.1 • WS-Trust 1.4 • SAML Token 1.1 AuthN • Single Sign On • Federation • Already many providers • Microsoft standard approach • Fed up custom coding everything, every time • Gets round (some) Office Integration problems • Easy to configure with little effort • Multiple Web Config changes, Web Application Changes and then of course the actual configuration of your identity provider
Authentication – Claim Terminology • Identity • Info about a Person or Object (AD, Google, Windows Live, Facebook etc.) • Claim • Attributes of the Identity (User ID, Email, Age etc.) • Token • Binary Representation of Identity • Set of Claims and the Signature • Relying Party (aka RP) • Users Token • Secure Token Service (STS) • Issuer of Tokens for Users
Authentication – Sign In Process Identity Provider SharePoint 2010 Security Token Service aka RP aka IP-STS 1. Resource Requested 2. AuthN Request / Redirect 3. AuthN Request 4. Security Token 5. Security Token Request 6. Service Token 7. Resource Request w/Service Token 8. Resource Sent
Authentication – Identity Provider • No need for Membership and Role Provider • Single Sign Built in • Central Managed and Entry point for all Authentication • Utilizes Windows Identity Framework How to build an Identity Provider • Create new ASP.NET Security Token Web Service Web Site • Configure Certificate Settings and Name in <AppSettings> • Check Issuer Name within Certificates MMC • Create new Claims-aware ASP.NET Web Site (testing) • Add STS Reference to Claims-aware ASP.NET Web Site • Set Claims • Test • Real World will need code changes: • Connect to authentication system • Modify Claims • Authentication Logic
Azure Control Service • Microsoft ADFS Type Cloud Based Service • Central Point for offloading Authentication • Supports SAML 1.1 / SAML 2.0 • Support • Facebook • Google • Windows Live ID • Yahoo • Custom IDP • Open ID type authentication • Support for 3rd Party Integration • Claim Mapping through configuration
Sign-In Process with Azure ACS & SharePoint 2010 DEMO
Azure Control Service - ACS
Azure Control Service - SharePoint
DEMO
What to else to know? • Given the choice • Microsoft ADFS • Custom Identity provider • Azure ACS • Multiple Providers • Custom Claims Provider will be needed • If Augmentation of claims is needed from LOB, Custom IDP • All users will experience the “nothing” redirect • Redirect, Redirect and Redirect  • SharePoint does not support SAML 2.0 Assertions • For internal LOB for Auth to ACS – maybe overkill • Expose Internal LOB Auth to ACS through provider
Thanks to our sponsors!
Thank you & Questions Email: liamc@susqtech.com Work: http://www.susqtech.com Twitter: @helloitsliam Blog: http://blog.helloitsliam.com

Recommended

Stop Those Prying Eyes Getting To Your Data SPTechCon
Stop Those Prying Eyes Getting To Your Data SPTechConStop Those Prying Eyes Getting To Your Data SPTechCon
Stop Those Prying Eyes Getting To Your Data SPTechConLiam Cleary [MVP]
 
SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...Liam Cleary [MVP]
 
SharePoint Saturday The Conference DC - How the bcs saved my marriage
SharePoint Saturday The Conference DC - How the bcs saved my marriageSharePoint Saturday The Conference DC - How the bcs saved my marriage
SharePoint Saturday The Conference DC - How the bcs saved my marriageLiam Cleary [MVP]
 
The SUG - Documents & Records Management, Really
The SUG - Documents & Records Management, ReallyThe SUG - Documents & Records Management, Really
The SUG - Documents & Records Management, ReallyLiam Cleary [MVP]
 
SharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San FranciscoSharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San FranciscoLiam Cleary [MVP]
 
SharePoint Fest Denver - Documents and Records Management in SharePoint
SharePoint Fest Denver - Documents and Records Management in SharePointSharePoint Fest Denver - Documents and Records Management in SharePoint
SharePoint Fest Denver - Documents and Records Management in SharePointLiam Cleary [MVP]
 
SharePoint Saturday Utah - The Art of the Possible Keynote
SharePoint Saturday Utah - The Art of the Possible KeynoteSharePoint Saturday Utah - The Art of the Possible Keynote
SharePoint Saturday Utah - The Art of the Possible KeynoteLiam Cleary [MVP]
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azureMichele Leroux Bustamante
 

Recommended

Stop Those Prying Eyes Getting To Your Data SPTechCon
Stop Those Prying Eyes Getting To Your Data SPTechConStop Those Prying Eyes Getting To Your Data SPTechCon
Stop Those Prying Eyes Getting To Your Data SPTechConLiam Cleary [MVP]
 
SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...Liam Cleary [MVP]
 
SharePoint Saturday The Conference DC - How the bcs saved my marriage
SharePoint Saturday The Conference DC - How the bcs saved my marriageSharePoint Saturday The Conference DC - How the bcs saved my marriage
SharePoint Saturday The Conference DC - How the bcs saved my marriageLiam Cleary [MVP]
 
The SUG - Documents & Records Management, Really
The SUG - Documents & Records Management, ReallyThe SUG - Documents & Records Management, Really
The SUG - Documents & Records Management, ReallyLiam Cleary [MVP]
 
SharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San FranciscoSharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San FranciscoLiam Cleary [MVP]
 
SharePoint Fest Denver - Documents and Records Management in SharePoint
SharePoint Fest Denver - Documents and Records Management in SharePointSharePoint Fest Denver - Documents and Records Management in SharePoint
SharePoint Fest Denver - Documents and Records Management in SharePointLiam Cleary [MVP]
 
SharePoint Saturday Utah - The Art of the Possible Keynote
SharePoint Saturday Utah - The Art of the Possible KeynoteSharePoint Saturday Utah - The Art of the Possible Keynote
SharePoint Saturday Utah - The Art of the Possible KeynoteLiam Cleary [MVP]
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azureMichele Leroux Bustamante
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
External collaboration with Azure B2B
External collaboration with Azure B2BExternal collaboration with Azure B2B
External collaboration with Azure B2BSjoukje Zaal
 
External collaboration with Azure B2B
External collaboration with Azure B2B External collaboration with Azure B2B
External collaboration with Azure B2B Sjoukje Zaal
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
 
The Power of Social Login
The Power of Social LoginThe Power of Social Login
The Power of Social LoginMichele Leroux Bustamante
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2
 
Portal and Intranets
Portal and Intranets Portal and Intranets
Portal and Intranets Redar Ismail
 
Rev Your Engines - SharePoint Performance Enhancements
Rev Your Engines - SharePoint Performance EnhancementsRev Your Engines - SharePoint Performance Enhancements
Rev Your Engines - SharePoint Performance EnhancementsEric Shupps
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 
SharePoint 2013 Search Operations
SharePoint 2013 Search OperationsSharePoint 2013 Search Operations
SharePoint 2013 Search OperationsSPC Adriatics
 
Azure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2BAzure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2BSjoukje Zaal
 
What‘s new in Office 365
What‘s new in Office 365What‘s new in Office 365
What‘s new in Office 365SPC Adriatics
 
DevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easyDevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easySjoukje Zaal
 
Social Login
Social LoginSocial Login
Social LoginMichele Leroux Bustamante
 
SharePoint and Office 365 Performance Best Practices
SharePoint and Office 365 Performance Best PracticesSharePoint and Office 365 Performance Best Practices
SharePoint and Office 365 Performance Best PracticesEric Shupps
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BSjoukje Zaal
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013SPC Adriatics
 
Securing SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthSecuring SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthKashif Imran
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryPavel Revenkov
 
SharePoint Saturday The Conference DC - Are you who you say you are share poi...
SharePoint Saturday The Conference DC - Are you who you say you are share poi...SharePoint Saturday The Conference DC - Are you who you say you are share poi...
SharePoint Saturday The Conference DC - Are you who you say you are share poi...Liam Cleary [MVP]
 
SharePoint Saturday Austin - Share point authentication and authorization
SharePoint Saturday Austin - Share point authentication and authorizationSharePoint Saturday Austin - Share point authentication and authorization
SharePoint Saturday Austin - Share point authentication and authorizationLiam Cleary [MVP]
 

More Related Content

What's hot

SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
External collaboration with Azure B2B
External collaboration with Azure B2BExternal collaboration with Azure B2B
External collaboration with Azure B2BSjoukje Zaal
 
External collaboration with Azure B2B
External collaboration with Azure B2B External collaboration with Azure B2B
External collaboration with Azure B2B Sjoukje Zaal
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2
 
Portal and Intranets
Portal and Intranets Portal and Intranets
Portal and Intranets Redar Ismail
 
Rev Your Engines - SharePoint Performance Enhancements
Rev Your Engines - SharePoint Performance EnhancementsRev Your Engines - SharePoint Performance Enhancements
Rev Your Engines - SharePoint Performance EnhancementsEric Shupps
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 
SharePoint 2013 Search Operations
SharePoint 2013 Search OperationsSharePoint 2013 Search Operations
SharePoint 2013 Search OperationsSPC Adriatics
 
Azure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2BAzure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2BSjoukje Zaal
 
What‘s new in Office 365
What‘s new in Office 365What‘s new in Office 365
What‘s new in Office 365SPC Adriatics
 
DevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easyDevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easySjoukje Zaal
 
SharePoint and Office 365 Performance Best Practices
SharePoint and Office 365 Performance Best PracticesSharePoint and Office 365 Performance Best Practices
SharePoint and Office 365 Performance Best PracticesEric Shupps
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BSjoukje Zaal
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013SPC Adriatics
 
Securing SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthSecuring SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthKashif Imran
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryPavel Revenkov
 

What's hot (20)

SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
 
External collaboration with Azure B2B
External collaboration with Azure B2BExternal collaboration with Azure B2B
External collaboration with Azure B2B
 
External collaboration with Azure B2B
External collaboration with Azure B2B External collaboration with Azure B2B
External collaboration with Azure B2B
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...
 
The Power of Social Login
The Power of Social LoginThe Power of Social Login
The Power of Social Login
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure Enterprise
 
Portal and Intranets
Portal and Intranets Portal and Intranets
Portal and Intranets
 
Rev Your Engines - SharePoint Performance Enhancements
Rev Your Engines - SharePoint Performance EnhancementsRev Your Engines - SharePoint Performance Enhancements
Rev Your Engines - SharePoint Performance Enhancements
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13
 
SharePoint 2013 Search Operations
SharePoint 2013 Search OperationsSharePoint 2013 Search Operations
SharePoint 2013 Search Operations
 
Azure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2BAzure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2B
 
What‘s new in Office 365
What‘s new in Office 365What‘s new in Office 365
What‘s new in Office 365
 
DevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easyDevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easy
 
Social Login
Social LoginSocial Login
Social Login
 
SharePoint and Office 365 Performance Best Practices
SharePoint and Office 365 Performance Best PracticesSharePoint and Office 365 Performance Best Practices
SharePoint and Office 365 Performance Best Practices
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2B
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013
 
Securing SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthSecuring SharePoint Apps with OAuth
Securing SharePoint Apps with OAuth
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
 

Similar to SharePoint Saturday Utah - Do you claim to be from the Azure Sky?

SharePoint Saturday The Conference DC - Are you who you say you are share poi...
SharePoint Saturday The Conference DC - Are you who you say you are share poi...SharePoint Saturday The Conference DC - Are you who you say you are share poi...
SharePoint Saturday The Conference DC - Are you who you say you are share poi...Liam Cleary [MVP]
 
SharePoint Saturday Austin - Share point authentication and authorization
SharePoint Saturday Austin - Share point authentication and authorizationSharePoint Saturday Austin - Share point authentication and authorization
SharePoint Saturday Austin - Share point authentication and authorizationLiam Cleary [MVP]
 
ESPC15 - Extending Authentication and Authorization
ESPC15 - Extending Authentication and AuthorizationESPC15 - Extending Authentication and Authorization
ESPC15 - Extending Authentication and AuthorizationEdin Kapic
 
Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011Joris Poelmans
 
NIC 2014 Modern Authentication for the Cloud Era
NIC 2014 Modern Authentication for the Cloud EraNIC 2014 Modern Authentication for the Cloud Era
NIC 2014 Modern Authentication for the Cloud EraMorgan Simonsen
 
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...Envision IT
 
Extending Authentication and Authorization
Extending Authentication and AuthorizationExtending Authentication and Authorization
Extending Authentication and AuthorizationEdin Kapic
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)Jay Simcox
 
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupUnderstanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupEPC Group
 
unit 1 Federated Identity Management_4.pptx
unit 1 Federated Identity Management_4.pptxunit 1 Federated Identity Management_4.pptx
unit 1 Federated Identity Management_4.pptxzmulani8
 
Envision it Webinar - Extranet Identity Management and Authentication for Sha...
Envision it Webinar - Extranet Identity Management and Authentication for Sha...Envision it Webinar - Extranet Identity Management and Authentication for Sha...
Envision it Webinar - Extranet Identity Management and Authentication for Sha...Envision IT
 
Introduction to sitecore identity
Introduction to sitecore identityIntroduction to sitecore identity
Introduction to sitecore identityGopikrishna Gujjula
 
Using Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management ChallengesUsing Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management ChallengesMichael Collier
 
Single SignOn with Federation using Claims
Single SignOn with Federation using ClaimsSingle SignOn with Federation using Claims
Single SignOn with Federation using ClaimsVolkan Uzun
 
Envision it SharePoint Extranet Webinar Series - Federation and Office 365
Envision it SharePoint Extranet Webinar Series - Federation and Office 365Envision it SharePoint Extranet Webinar Series - Federation and Office 365
Envision it SharePoint Extranet Webinar Series - Federation and Office 365Envision IT
 
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas VochtenO365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas VochtenNCCOMMS
 
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...Michael Collier
 
Антон Бойко (Microsoft Azure MVP, Ukrainian Azure Community Founder) «Azure M...
Антон Бойко (Microsoft Azure MVP, Ukrainian Azure Community Founder) «Azure M...Антон Бойко (Microsoft Azure MVP, Ukrainian Azure Community Founder) «Azure M...
Антон Бойко (Microsoft Azure MVP, Ukrainian Azure Community Founder) «Azure M...DataArt
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365Jan Egil Ring
 

Similar to SharePoint Saturday Utah - Do you claim to be from the Azure Sky? (20)

SharePoint Saturday The Conference DC - Are you who you say you are share poi...
SharePoint Saturday The Conference DC - Are you who you say you are share poi...SharePoint Saturday The Conference DC - Are you who you say you are share poi...
SharePoint Saturday The Conference DC - Are you who you say you are share poi...
 
SharePoint Saturday Austin - Share point authentication and authorization
SharePoint Saturday Austin - Share point authentication and authorizationSharePoint Saturday Austin - Share point authentication and authorization
SharePoint Saturday Austin - Share point authentication and authorization
 
ESPC15 - Extending Authentication and Authorization
ESPC15 - Extending Authentication and AuthorizationESPC15 - Extending Authentication and Authorization
ESPC15 - Extending Authentication and Authorization
 
Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011
 
NIC 2014 Modern Authentication for the Cloud Era
NIC 2014 Modern Authentication for the Cloud EraNIC 2014 Modern Authentication for the Cloud Era
NIC 2014 Modern Authentication for the Cloud Era
 
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
 
Extending Authentication and Authorization
Extending Authentication and AuthorizationExtending Authentication and Authorization
Extending Authentication and Authorization
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)
 
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupUnderstanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
 
unit 1 Federated Identity Management_4.pptx
unit 1 Federated Identity Management_4.pptxunit 1 Federated Identity Management_4.pptx
unit 1 Federated Identity Management_4.pptx
 
Envision it Webinar - Extranet Identity Management and Authentication for Sha...
Envision it Webinar - Extranet Identity Management and Authentication for Sha...Envision it Webinar - Extranet Identity Management and Authentication for Sha...
Envision it Webinar - Extranet Identity Management and Authentication for Sha...
 
Introduction to sitecore identity
Introduction to sitecore identityIntroduction to sitecore identity
Introduction to sitecore identity
 
Using Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management ChallengesUsing Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management Challenges
 
Single SignOn with Federation using Claims
Single SignOn with Federation using ClaimsSingle SignOn with Federation using Claims
Single SignOn with Federation using Claims
 
Envision it SharePoint Extranet Webinar Series - Federation and Office 365
Envision it SharePoint Extranet Webinar Series - Federation and Office 365Envision it SharePoint Extranet Webinar Series - Federation and Office 365
Envision it SharePoint Extranet Webinar Series - Federation and Office 365
 
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas VochtenO365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
O365Con18 - Hybrid SharePoint Deep Dive - Thomas Vochten
 
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
 
Антон Бойко (Microsoft Azure MVP, Ukrainian Azure Community Founder) «Azure M...
Антон Бойко (Microsoft Azure MVP, Ukrainian Azure Community Founder) «Azure M...Антон Бойко (Microsoft Azure MVP, Ukrainian Azure Community Founder) «Azure M...
Антон Бойко (Microsoft Azure MVP, Ukrainian Azure Community Founder) «Azure M...
 
Who are you?
Who are you?Who are you?
Who are you?
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365
 

Recently uploaded

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 

Recently uploaded (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

SharePoint Saturday Utah - Do you claim to be from the Azure Sky?

  • 1. Do you claim to be from the Azure sky? Liam Cleary
  • 2. About Me • Solution Architect @ SusQtech (Winchester, VA) • SharePoint MVP since 2007 • Working with SharePoint since 2002 • Worked on all kinds of projects • Internet • Intranet • Extranet • Anything SharePoint Really • Involved in Architecture, Deployment, Customization and Development of SharePoint
  • 3. You can teach a student a lesson for a day; but if you can teach him / her to learn by creating curiosity, they will continue the learning process as long as they live. Clay P. Bedford
  • 4. I am hoping for a different kind of Curiosity today 
  • 5. Security with SharePoint • Isn't this an oxymoron? Just kidding!!
  • 6. Agenda • SharePoint Authentication • What is available? • What is claims authentication? • SharePoint and Claims? • Identity Providers • Azure Control Service • Google, Windows Live ID, Yahoo, Facebook • Custom IDP • What to choose?
  • 8. SharePoint Authentication • Multiple Types of Authentication Support • Windows • NTLM • Kerberos • Basic • Anonymous • Digest • Forms-based Authentication • Lightweight Directory Access Protocol (LDAP) • Microsoft SQL Server • ASP.NET Membership and Role Providers • SAML Token-based Authentication • Active Directory Federate Services • 3rd Party Identity Providers • Lightweight Directory Access Protocol (LDAP)
  • 9. Authentication – Claims Why introduce Claims Authentication? • Wide Support • Standards Based • WS-Federation 1.1 • WS-Trust 1.4 • SAML Token 1.1 AuthN • Single Sign On • Federation • Already many providers • Microsoft standard approach • Fed up custom coding everything, every time • Gets round (some) Office Integration problems • Easy to configure with little effort • Multiple Web Config changes, Web Application Changes and then of course the actual configuration of your identity provider
  • 10. Authentication – Claim Terminology • Identity • Info about a Person or Object (AD, Google, Windows Live, Facebook etc.) • Claim • Attributes of the Identity (User ID, Email, Age etc.) • Token • Binary Representation of Identity • Set of Claims and the Signature • Relying Party (aka RP) • Users Token • Secure Token Service (STS) • Issuer of Tokens for Users
  • 11. Authentication – Sign In Process Identity Provider SharePoint 2010 Security Token Service aka RP aka IP-STS 1. Resource Requested 2. AuthN Request / Redirect 3. AuthN Request 4. Security Token 5. Security Token Request 6. Service Token 7. Resource Request w/Service Token 8. Resource Sent
  • 12. Authentication – Identity Provider • No need for Membership and Role Provider • Single Sign Built in • Central Managed and Entry point for all Authentication • Utilizes Windows Identity Framework How to build an Identity Provider • Create new ASP.NET Security Token Web Service Web Site • Configure Certificate Settings and Name in <AppSettings> • Check Issuer Name within Certificates MMC • Create new Claims-aware ASP.NET Web Site (testing) • Add STS Reference to Claims-aware ASP.NET Web Site • Set Claims • Test • Real World will need code changes: • Connect to authentication system • Modify Claims • Authentication Logic
  • 13. Azure Control Service • Microsoft ADFS Type Cloud Based Service • Central Point for offloading Authentication • Supports SAML 1.1 / SAML 2.0 • Support • Facebook • Google • Windows Live ID • Yahoo • Custom IDP • Open ID type authentication • Support for 3rd Party Integration • Claim Mapping through configuration
  • 14. Sign-In Process with Azure ACS & SharePoint 2010 DEMO
  • 16. Azure Control Service - SharePoint
  • 17. DEMO
  • 18. What to else to know? • Given the choice • Microsoft ADFS • Custom Identity provider • Azure ACS • Multiple Providers • Custom Claims Provider will be needed • If Augmentation of claims is needed from LOB, Custom IDP • All users will experience the “nothing” redirect • Redirect, Redirect and Redirect  • SharePoint does not support SAML 2.0 Assertions • For internal LOB for Auth to ACS – maybe overkill • Expose Internal LOB Auth to ACS through provider
  • 19. Thanks to our sponsors!
  • 20. Thank you & Questions Email: liamc@susqtech.com Work: http://www.susqtech.com Twitter: @helloitsliam Blog: http://blog.helloitsliam.com