locked
Best way to implement authentication and authorization for a sharepoint 2010 website. RRS feed

  • Question

  • Hi
    I come across different authentication methods in Sharepoint 2010. The sharepoint website we are develpoing as of now is Intranet. Later we are planning to move it to Internet(Public) site. What will be the best way to implement authentication and authorization for our website.

    If windows authentication(Classic mode authentication) is default for a sharepoint website (2010) , I have a few questions ragarding windows authentication.

    1) In case of windows authentication, where should we maintain  users?

    2) In case of windows authentication, how are the users created?

    3) In case of windows authentication, how can I perform authorization.

     

    If we want to use FBA(Form based authentication) in sharepoint 2010, I have a few questions ragarding FBA in sharepoint 2010.

    1) In case of FBA(using Claim based authentication) , if we want to use custom database(where we are storing user details and  roles) rather than bulitin SQL membership  provider, how can we achieve this?

    Can anyone provide some useful resources to implement authentication(Windows or FBA or dual) and authorization for a sharepoint 2010 website with sample code?

    Please reply ASAP.

    Thanks & Regards
    Mahendra Babu

    • Edited by asin43 Tuesday, September 7, 2010 7:28 AM
    Tuesday, September 7, 2010 6:04 AM

Answers

  • 1) In case of windows authentication, where should we maintain  users?

    Answer: Users can be created in Active Directory(AD)       

    2) In case of windows authentication, how are the users created?

    Answer: Users can be created in Active Directory. Configure a User Profile Synchrionization job it will automatically pull the users & groups.

    3) In case of windows authentication, how can I perform authorization.

    Answer: If you have proper mapping of users to groups in Active directory , all the groups will be synchronized in Sharepoint and you can use this groups to enforce authorization.

    For FBA Authentication

    You can have your own database to create the users and you have to take care about the user mapping with roles

     


    vinod kumar Bhasyam
    Tuesday, September 7, 2010 10:42 AM

All replies

  • 1)In case of windows authentication, where should we maintain  users?

    Share point is integrated with Active directory (AD) So users are users are stored in AD

    2) In case of windows authentication, how are the users created?

    IN AD you can creatae new Users.Once created in AD  you can add that user to share point under people and group

    3) In case of windows authentication, how can I perform authorization

    Authorization can be handled by default in share point....You can restrict users from Web application level to just item level

    For public users you have two options either you can go with Anonymous  access or Forms authentication


    Destin
    Tuesday, September 7, 2010 6:31 AM
  • 1) In case of windows authentication, where should we maintain  users?

    Answer: Users can be created in Active Directory(AD)       

    2) In case of windows authentication, how are the users created?

    Answer: Users can be created in Active Directory. Configure a User Profile Synchrionization job it will automatically pull the users & groups.

    3) In case of windows authentication, how can I perform authorization.

    Answer: If you have proper mapping of users to groups in Active directory , all the groups will be synchronized in Sharepoint and you can use this groups to enforce authorization.

    For FBA Authentication

    You can have your own database to create the users and you have to take care about the user mapping with roles

     


    vinod kumar Bhasyam
    Tuesday, September 7, 2010 10:42 AM