Close

BLOGS

Authentication(s) in SharePoint - An Overview

Authentication

It is the process by which the identity of a user who requests access to a SharePoint web application and its contents. Authentication controls whether or not a user has permission to access sites on a SharePoint web application. 

Authorization

It is the process by which a user is granted access to specific resources within a SharePoint site.  Authorization controls what documents, lists, libraries, etc. a user can access on a SharePoint site once they have been successfully authenticated.

The result of a claims-based authentication is a claims-based security token, which the SharePoint Security Token Service (STS) generates. The result of a Windows classic mode authentication is a Windows security token. We recommend that you use claims-based authentication for user authentication.

 

SharePoint 2013 supports the following authentication types:

Windows authentication
Windows Authentication is the simplest because it takes advantage of a company’s existing authentication provider (i.e. Active Directory) to validate a user’s credentials and, grant or deny permissions to access to SharePoint sites.  

Windows authentication provides the most seamless user experience for users who already have access to Windows-based network resources because once the user has logged onto the domain, they are not required to provide their credentials again to access SharePoint.  The two most common types of Windows authentication are NTLM and Kerberos.

 

Forms-based authentication

Forms-based authentication is a claims-based identity management system that validates users based on credentials that the user provides via a login form on a web page. When the user submits the form, the username and password that were provided are validated against credentials that are stored in a membership provider such as a SQL Server database.

Forms-based authentication allows for credentials to be created and stored for non-domain users who are external to an organization. Forms-based authentication can be used against credentials that are stored in an authentication provider such as the following:

  1. Active Directory Domain Services
  2. A database such as a SQL Server database
  3. An Lightweight Directory Access Protocol (LDAP) data store such as Novell eDirectory,
  4. Novell Directory Services (NDS), or Sun ONE

 

SAML token-based authentication

A SAML token-based authentication environment relies on at least one identity provider security token service (IP-STS) to handle the actual authentication of users.  Moreover, SAML token-based authentication allows for the authentication of users from multiple attribute stores.

The available types of authentication providers for SAML token-based authentication depends on the IP-STS being used in an environment. If Active Directory Federation Services 2.0 is used, authentication providers (known as attribute stores for AD FS 2.0) can include the following:

  1. Windows Server 2003 Active Directory and AD DS in Windows Server 2008
  2. All editions of SQL Server 2005 and SQL Server 2008
  3. Custom attribute stores

SharePoint 2013 also supports multiple authentication providers for a single web application.  If there is only one zone for a web application and multiple authentication methods are configured, users will be presented with a dropdown box prompting them to choose which authentication provider they wish to use.

Another point to consider is that the SharePoint crawl component requires NTLM to access content. Therefore, at least one zone on a web application must be configured to use NTLM authentication. If NTLM authentication is not configured on the default zone, the crawl component can use a different zone that is configured to use NTLM authentication.

 

Print
Posted: Mar 6, 2018,
Categories: SharePoint & EPM,
Comments: 0,
Author: Urish Arora
Rate this article:
5.0

Urish AroraUrish Arora

Other posts by Urish Arora

, Contact author

Please login or register to post comments.

Name:
Email:
Subject:
Message:
x

SEARCH

Categories

Subscribe to our blog

«May 2019»
MonTueWedThuFriSatSun
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789

  • Featured Posts
  • Recent Posts
  • Recent Comments
Dynamics365Authority is a community platform for Professionals and Students to contribute or share their knowledge and skills on Microsoft Dynamics 365 Technologies. Our primary goal is to invite professionals on Dynamics 365 technology across the world to contribute & share their knowledge and skills through their blogs so that we can help other developers.
Stay updated with Dynamics 365 technology. Improve skills and knowledge from our blogs, articles and code snippets. Learn it. Follow professionals and learn from them.
Unified Service Desk Book(Online Edition) 

FOLLOW US

Stay connected with us on our social media channels for latest articles, blogs posts etc.  We will keep updating regularly on our social media platform and web platform.

FACEBOOK

Follow us on Facebook

 

TWITTER

View all our tweets

 

DYNAMICS365AUTH

Join us now

 

BLOGS

View our blogs

 

 

Latest Blog

Posted: Apr 30, 2019

Find which privileges are applied to which roles in Dynamics 365 with privileges discovery

This blog is about Find which privileges are applied to which roles in Dynamics 365 with privileges discovery

Read more
Posted: Apr 30, 2019

Dynamics 365 Field Security

This blog is about Field Security in Dynamics 365

Read more
Posted: Apr 30, 2019

Access Team Templates in Dynamics 365

This blog is about Access Team Templates in Dynamics 365

Read more
RSS

ADDITIONAL RESOURCES

Dynamics 365 Authority.com - Search the library for "Dynamics 365"

  What's New in Dynamics 365

  Dynamics 365 Documentation

  

  Sign-up for 30 days trial

 

 

Recent comments

Ashish:

Nice blog. Very helpful to get all references to white papers at one place.

Previous Next

About Us

Here comes the Dynamics 365 Authority - Great technical blog posts are hidden gems. They are hard to find simply because not enough of us write them in the first place. Yet technical blogging is one of the best things we can do not only for ourselves, but also as members of the wider community of developers.

Dynamics 365 Authority leverages this platform to help developers and users to move from traditional paper-based process to modern digital business process. Dynamics365Authority.com helps your business grow, evolve and transform.

Dynamics365Authority.com is your Digital Transformation Partner

Recent Posts

Find which privileges are applied to which roles in Dynamics 365 with privileges discovery

This blog is about Find which privileges are applied to which roles in Dynamics 365 with privileges discovery

  • 3
  • Article rating: No rating

Dynamics 365 Field Security

This blog is about Field Security in Dynamics 365

  • 3
  • Article rating: No rating
RSS

Get in touch

Follow Us

 

Tag cloud: Dynamics365Authority.com with Urish Arora; Dynamics365Authority.com; Sales; Leading community site on MS Dynamics 365; Dynamics 365 Authority; Service;Top CRM Blogs; Urish Arora - Australia's leading expert on Digital Transformation;  Digital Transformation; Field Service;Top Articles on MS Dynamics CRM Relationship Insights; Office 365 Security Compliance; Project Service; Microsoft Dynamics 365 for Sales; Relevance Search; Goal Metrics; Activities and Case; Sales Literature;Knowledge Management;

Terms Of UsePrivacy StatementCopyright 2019 by Dynamics365Authority
Back To Top