Presentation is loading. Please wait.

Presentation is loading. Please wait.

Key Point: Federation relationships are based on trust.

Similar presentations


Presentation on theme: "Key Point: Federation relationships are based on trust."— Presentation transcript:

1

2

3

4 Key Point: Federation relationships are based on trust

5

6 SharePoint Federation Gateway

7 Multiple, Unique, Dynamic Temporal Single, Instance specific, Dynamic Single, Unique, Static, Stable ss ss /authenticationinstant /authenticationmethod /authenticationinstant /authenticationmethod

8 Identify Authentication and provisioning AD ADFS Public (other) Perform Claims Rationalization (Families) ID’s Roles Groups Define SharePoint Container Security Web App Policies Site Security

9

10 URL’s and Federation Realms Explicit Allow or Deny Web Application Policy on zone Explicit Allow SP Groups Direct Permission

11 Internal authentication AD for corporate users (AD) Extranet with external authentication Collaboration by Role Incoming Groups Mapped to Roles Separating by Roles (Sales, Legal and Portal Users) Audience: Private Federation for Partners (ADFS) Read Only + Audience: Consumer ID for customers (Live, G.., FB)

12 Private Federation with ADFS

13 SharePoint Federation Gateway

14

15 i:0#.w|domain\sAMAccountName 1: “I” for identity claim (user unique identifier) 3: Reserved as 0 (to enable more claim types in the future) Claim value6: Issuer W=Windows 4: Claim Type encoded value (#=User Logon Name) ClaimType : Value: Value Type: OriginalIssuer : domain\saMAccountName Windows

16 1: “I” for identity claim (user unique identifier) 3: Reserved as 0 (to enable more claim types in the future) Claim value6: Issuer Type T=Trusted 4: Claim Type encoded value (e=UPN) Original Issuer name: Name of membership role provider, name of trusted STS ClaimType : Value: Value Type: OriginalIssuer : TrustedProvider:fedpartner

17 1: C for Claim 3: Reserved as 0 (to enable more claim types in the future) Claim value 6: Issuer S=SharePoint STS 4: Claim Type encoded value (‘(‘ = IsAuthenticated) ClaimType : Value: Value Type: OriginalIssuer : true SecurityTokenService

18 C for Claim3: Reserved as 0 (to enable more claim types in the future) Claim value6: Issuer Type T=Trusted 4: Claim Type encoded value (“Next” ASCII Char) Original Issuer name: Name of membership role provider, name of trusted STS TrustedPartner TrustedProvider:fedpartner ClaimType : Value: Value Type: OriginalIssuer :

19 Internal authentication AD for corporate users (AD) Extranet with external authentication Collaboration by Role Incoming Groups Mapped to Roles Separating by Roles (Sales, Legal and Portal Users) Audience: Private Federation for Partners (ADFS) Read Only + Audience: Consumer ID for customers (Live, G.., FB)

20 Public Federation with Azure

21 Internal authentication AD for corporate users (AD) Extranet with external authentication Collaboration by Role Incoming Groups Mapped to Roles Separating by Roles (Sales, Legal and Portal Users) Audience: Private Federation for Partners (ADFS) Read Only + Audience: Consumer ID for customers (Live, G.., FB)

22 Custom Claims Provider

23 Internal authentication AD for corporate users (AD) Extranet with external authentication Collaboration by Role Incoming Groups Mapped to Roles Separating by Roles (Sales, Legal and Portal Users) Audience: Private Federation for Partners (ADFS) Read Only + Audience: Consumer ID for customers (Live, G.., FB) BONUS – FB Group Claim Provider

24 SharePoint Federation Gateway

25

26

27

28

29

30


Download ppt "Key Point: Federation relationships are based on trust."

Similar presentations


Ads by Google