SlideShare una empresa de Scribd logo

Claims Based Auth in SharePoint 2010

R
RavikantChaturvedi

This document discusses configuring claims-based authentication in SharePoint 2010. It involves 3 main steps: 1. Creating a web application in SharePoint Central Administration and enabling forms-based authentication. 2. Configuring the ASP.NET membership provider and role manager by modifying the web.config files for the web application, Central Administration site, and Security Token Service. 3. Adding users to the SQL database using a membership seeding tool and testing authentication with the users.

Tecnología
1 de 22
Claims Based Authentication in SharePoint 2010 Before starting our actual configuration let us first understand what is claims based authentication? We are going through am simple example: - Now I have Voter-Id Card which is provided by the Government of India. And I am traveling through Indian railway. In train Ticket checker comes and asks for identity at that time I can show my Voter-Id card and he said ok, because:- 1. There is a trust between Indian Government and Indian railway. 2. Voter-ID card describes my identity like my name, age, Address...etc. It means Indian Government provides authority to me, to live or travel anywhere in India .So I can claim I am Indian. And Indian Government is my Identity Provider. Before Starting claim Base Authentication we need to understand some basic Concepts:- What is identity? It is a set of attribute which describe us uniquely (e.g. our name, age, address, email address etc.) What is Claim? Some rights or permission on which bases we can claim we are have the permission for this. What is Security Token? Security token is a collection of Claims valid for unique identity for specific time. htttp://www.parallelminds.biz Claim based security service not always requires own security, it also can be rely on other security providers.
1. Create a web Application in SharePoint Central Administrator, click on Claims based Authentication. 2. Go to Claims Authentication Type section and click on the check box to enable the Enable Forms based Authentication (FBA). And give the name to ASP.Net Membership provider name and ASP.Net Role manager. Note: - These Names are case Sensitive.
3. Once we have created a web application using Claims Based Authentication, we can create a site collection. Now we can access the site choosing Windows Authentication or Forms Based Authentication.
4. Enter your credentials, and then click ok.
5. Now we are able to access our site.
Step B: - Configure the Membership provider and role manager. 1. Open the Command Prompt and navigate to C:WindowsMicrsooft .NetFramework64v2.0.50727 and Run “aspnet_regsql.exe”. This will open ASP .Net SQL Server Setup wizard. On this click on NEXT
2. Specify the Database name. If you don’t specify the database name then it will create a database call aspnetdb. Note: - In Database name only give the Database Server name (Don’t give the instance name because aspnetdb database must be create on root of database, it means in default instance). After clicking Next button on the next screen it will show you Server Name and Database name. Then click on Next button. Important: - if the server is not connected it means on your database server default instance is not created, so when you will try to connect the server using Management studio without giving the Instance name it will give you error “server is not found or named pipe is not enabled “. Needful: - First create a default instance in Database and give the permission to all three accounts when you setup the farm like  (with all the permission like dbcreator, dbowner)  srv_sql  srv_setup  srv_farm
Then we are able to connect with database with only database server name. 3. Use membership seeder tool to create the users in SQL database. You can find the tool and information on that from:- http://cks.codeplex.com/releases/view/7450 After down load the membership seeder tool, in the bin folder again two folders are there name as  Debug  Release  Select release version and run the MembershipSeeder.exe as Run as Administrator
 Next screen will open as below. First click on Configure button  Change the Database server name.it will ask to Restart the MembershipSeeder tool 1. 2.
3.  Then create the user Just type the name of the user in User Prefix box and password.
Step C: - Modify the web. Config file for Membership provider and role manager We need to modify 3 different web.config files for FBA to work. 1.Web.config of FBA Web application, 2. Web.config of Central Administration Site & 3. Web.config of STS. Modify Web.config of FBA Web Application. Add below connection string into web.config file after </SharePoint> and before <system. Web>. (Go to Start->run->type inetmgr -> site ->select your web application -> right click and explore -> select web config) Imp: - Take Backup of webconfig file before doing any changes. <connectionStrings> <add name="SQLConnectionString" connectionString="data source=SPSQL5;Integrated S ecurity=SSPI;Initial Catalog=aspnetdb" /> </connectionStrings> Also add membership provider and Role manager on same web.Config <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false"> <providers> <add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthR oleProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" /> <add connectionStringName="SQLConnectionString" applicationName="/" descript ion="Stores and retrieves roles from SQL Server" name="SQL- RoleManager" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </roleManager> <membership defaultProvider="i"> <providers> <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthM embershipProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e94 29c" /> <add connectionStringName="SQLConnectionString" passwordAttemptWindow="5" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestion AndAnswer="true" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" descr iption="Stores and Retrieves membership data from SQL Server" name="SQL-MembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.360 0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership>
Modify Web.config of the Central Administration web Application. Add below connection string into web.config file after </SharePoint> and before <system.web>. <connectionStrings> <add name="SQLConnectionString" connectionString="data source=SPSQL5;Integrated S ecurity=SSPI;Initial Catalog=aspnetdb" /> </connectionStrings> Also add membership provider and Role manager on same web.Config <roleManager defaultProvider="AspNetWindowsTokenRoleProvider" enabled="true" cacheRol esInCookie="false"> <providers> <add connectionStringName="SQLConnectionString" applicationName="/" descript ion="Stores and retrieves roles from SQL Server" name="SQL- RoleManager" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </roleManager> <membership defaultProvider="SQL-MembershipProvider"> <providers> <add connectionStringName="SQLConnectionString" passwordAttemptWindow="5" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestion AndAnswer="true" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" descr iption="Stores and Retrieves membership data from SQL Server" name="SQL-MembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.360 0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership>
 Modify web.config of STS. We can Navigate the STS web.config from %program files%common filesMicrosoft Sharedweb server extensions14WebServicesSecurityToken And Add Below code before </Configuration> <connectionManagement> <add address="*" maxconnection="10000" /> </connectionManagement> </system.net> <connectionStrings> <add name="SQLConnectionString" connectionString="data source=PMTSLSQL;Integrated Security=SSPI;Initial Catalog=aspnetdb" /> </connectionStrings> <system.web> <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false"> <providers> <add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRo leProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=7 1e9bce111e9429c" /> <add connectionStringName="SQLConnectionString" applicationName="/" descripti on="Stores and retrieves roles from SQL Server" name="SQL- RoleManager" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600. 0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </roleManager> <membership defaultProvider="i"> <providers>
<add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMe mbershipProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyT oken=71e9bce111e9429c" /> <add connectionStringName="SQLConnectionString" passwordAttemptWindow="5" ena blePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="t rue" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" descripti on="Stores and Retrieves membership data from SQL Server" name="SQL- MembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Vers ion=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> </system.web> Step D:- 1. Go to Central Administration ----->Manage Web Application ----->User Policy.
2. Click on Add User and Select Default Zone. Then Click Next.
3. Insert User name and give full Control. Then click on next button.
Thus you can see user in sql aspnetmembership provider is getting recognized by SharePoint and web application. 4. Now we are going to open our site URL in next tab, and enter user name and password. 4. You can see that Ravi is getting authenticated from aspnetmembersipprovider like old forms based authentication. That means SQL database containing aspnetmembershipprovider is identity provider and SharePoint security token service is Relying Party 5. Now we are able to access our site.
Claims Based Auth in SharePoint 2010

Recomendados

Authorization in asp
Authorization in aspAuthorization in asp
Authorization in aspOPENLANE
 
( 16 ) Office 2007 Create An Extranet Site With Forms Authentication
( 16 ) Office 2007 Create An Extranet Site With Forms Authentication( 16 ) Office 2007 Create An Extranet Site With Forms Authentication
( 16 ) Office 2007 Create An Extranet Site With Forms AuthenticationLiquidHub
 
Java EE Services
Java EE ServicesJava EE Services
Java EE ServicesAbdalla Mahmoud
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11Niit Care
 
Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Rakesh Gujjarlapudi
 
C sharp and asp.net interview questions
C sharp and asp.net interview questionsC sharp and asp.net interview questions
C sharp and asp.net interview questionsAkhil Mittal
 
How To Manage API Request with AXIOS on a React Native App
How To Manage API Request with AXIOS on a React Native AppHow To Manage API Request with AXIOS on a React Native App
How To Manage API Request with AXIOS on a React Native AppAndolasoft Inc
 
Oracle fusionmiddlewarecontinuosintegration slideshare_v1
Oracle fusionmiddlewarecontinuosintegration slideshare_v1Oracle fusionmiddlewarecontinuosintegration slideshare_v1
Oracle fusionmiddlewarecontinuosintegration slideshare_v1Rakesh Gujjarlapudi
 

Recomendados

Authorization in asp
Authorization in aspAuthorization in asp
Authorization in aspOPENLANE
 
( 16 ) Office 2007 Create An Extranet Site With Forms Authentication
( 16 ) Office 2007 Create An Extranet Site With Forms Authentication( 16 ) Office 2007 Create An Extranet Site With Forms Authentication
( 16 ) Office 2007 Create An Extranet Site With Forms AuthenticationLiquidHub
 
Java EE Services
Java EE ServicesJava EE Services
Java EE ServicesAbdalla Mahmoud
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11Niit Care
 
Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Rakesh Gujjarlapudi
 
C sharp and asp.net interview questions
C sharp and asp.net interview questionsC sharp and asp.net interview questions
C sharp and asp.net interview questionsAkhil Mittal
 
How To Manage API Request with AXIOS on a React Native App
How To Manage API Request with AXIOS on a React Native AppHow To Manage API Request with AXIOS on a React Native App
How To Manage API Request with AXIOS on a React Native AppAndolasoft Inc
 
Oracle fusionmiddlewarecontinuosintegration slideshare_v1
Oracle fusionmiddlewarecontinuosintegration slideshare_v1Oracle fusionmiddlewarecontinuosintegration slideshare_v1
Oracle fusionmiddlewarecontinuosintegration slideshare_v1Rakesh Gujjarlapudi
 
IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.michele buccarello
 
SSL Setup for Oracle 10g AS
SSL Setup for Oracle 10g ASSSL Setup for Oracle 10g AS
SSL Setup for Oracle 10g ASEnkitec
 
Websphere portal theme menu framework
Websphere portal theme menu frameworkWebsphere portal theme menu framework
Websphere portal theme menu frameworkmichele buccarello
 
Administrators manual
Administrators manualAdministrators manual
Administrators manualScrumDesk
 
( 2 ) Office 2007 Create A Portal
( 2 ) Office 2007 Create A Portal( 2 ) Office 2007 Create A Portal
( 2 ) Office 2007 Create A PortalLiquidHub
 
Luminis Iv Sso 2010
Luminis Iv Sso 2010Luminis Iv Sso 2010
Luminis Iv Sso 2010Melissa Miller
 
Paul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & syncPaul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & syncmdevtalk
 
Enable seo friendly url in websphere portal
Enable seo friendly url in websphere portalEnable seo friendly url in websphere portal
Enable seo friendly url in websphere portalmichele buccarello
 
Configuring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicConfiguring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicHarihara sarma
 
Monitoring, troubleshooting,
Monitoring, troubleshooting,Monitoring, troubleshooting,
Monitoring, troubleshooting,aspnet123
 
4. jsp
4. jsp4. jsp
4. jspAnusAhmad
 
Microsoft Azure,AWS Cloud services and it's use
Microsoft Azure,AWS Cloud services and it's useMicrosoft Azure,AWS Cloud services and it's use
Microsoft Azure,AWS Cloud services and it's useAslam Diwan
 
Ebook8
Ebook8Ebook8
Ebook8kaashiv1
 
Oracle OSB Tutorial 1
Oracle OSB Tutorial 1Oracle OSB Tutorial 1
Oracle OSB Tutorial 1Rakesh Gujjarlapudi
 
Microsoft Lync Server 2010 Installation
Microsoft Lync Server 2010 InstallationMicrosoft Lync Server 2010 Installation
Microsoft Lync Server 2010 InstallationShahab Al Yamin Chawdhury
 
Aspnet auth advanced_cs
Aspnet auth advanced_csAspnet auth advanced_cs
Aspnet auth advanced_csshagilani
 
IBM Connections 4.5 bidirectional synchronization
IBM Connections 4.5 bidirectional synchronizationIBM Connections 4.5 bidirectional synchronization
IBM Connections 4.5 bidirectional synchronizationmichele buccarello
 
Create Applicationwith IIS 7
Create Applicationwith IIS 7Create Applicationwith IIS 7
Create Applicationwith IIS 7Sandeep Verma
 
Basic API Creation with Node.JS
Basic API Creation with Node.JSBasic API Creation with Node.JS
Basic API Creation with Node.JSAzilen Technologies Pvt. Ltd.
 
SharePoint 2010 authentications
SharePoint 2010 authenticationsSharePoint 2010 authentications
SharePoint 2010 authenticationsWyngate Solutions
 
Cis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry universityCis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry universitylhkslkdh89009
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11Vivek chan
 

Más contenido relacionado

La actualidad más candente

IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.michele buccarello
 
SSL Setup for Oracle 10g AS
SSL Setup for Oracle 10g ASSSL Setup for Oracle 10g AS
SSL Setup for Oracle 10g ASEnkitec
 
Websphere portal theme menu framework
Websphere portal theme menu frameworkWebsphere portal theme menu framework
Websphere portal theme menu frameworkmichele buccarello
 
Administrators manual
Administrators manualAdministrators manual
Administrators manualScrumDesk
 
( 2 ) Office 2007 Create A Portal
( 2 ) Office 2007 Create A Portal( 2 ) Office 2007 Create A Portal
( 2 ) Office 2007 Create A PortalLiquidHub
 
Paul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & syncPaul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & syncmdevtalk
 
Enable seo friendly url in websphere portal
Enable seo friendly url in websphere portalEnable seo friendly url in websphere portal
Enable seo friendly url in websphere portalmichele buccarello
 
Configuring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicConfiguring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicHarihara sarma
 
Monitoring, troubleshooting,
Monitoring, troubleshooting,Monitoring, troubleshooting,
Monitoring, troubleshooting,aspnet123
 
Microsoft Azure,AWS Cloud services and it's use
Microsoft Azure,AWS Cloud services and it's useMicrosoft Azure,AWS Cloud services and it's use
Microsoft Azure,AWS Cloud services and it's useAslam Diwan
 
Aspnet auth advanced_cs
Aspnet auth advanced_csAspnet auth advanced_cs
Aspnet auth advanced_csshagilani
 
IBM Connections 4.5 bidirectional synchronization
IBM Connections 4.5 bidirectional synchronizationIBM Connections 4.5 bidirectional synchronization
IBM Connections 4.5 bidirectional synchronizationmichele buccarello
 
Create Applicationwith IIS 7
Create Applicationwith IIS 7Create Applicationwith IIS 7
Create Applicationwith IIS 7Sandeep Verma
 

La actualidad más candente (19)

IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.
 
SSL Setup for Oracle 10g AS
SSL Setup for Oracle 10g ASSSL Setup for Oracle 10g AS
SSL Setup for Oracle 10g AS
 
Websphere portal theme menu framework
Websphere portal theme menu frameworkWebsphere portal theme menu framework
Websphere portal theme menu framework
 
Administrators manual
Administrators manualAdministrators manual
Administrators manual
 
( 2 ) Office 2007 Create A Portal
( 2 ) Office 2007 Create A Portal( 2 ) Office 2007 Create A Portal
( 2 ) Office 2007 Create A Portal
 
Luminis Iv Sso 2010
Luminis Iv Sso 2010Luminis Iv Sso 2010
Luminis Iv Sso 2010
 
Paul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & syncPaul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & sync
 
Enable seo friendly url in websphere portal
Enable seo friendly url in websphere portalEnable seo friendly url in websphere portal
Enable seo friendly url in websphere portal
 
Configuring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicConfiguring kerberos based sso in weblogic
Configuring kerberos based sso in weblogic
 
Monitoring, troubleshooting,
Monitoring, troubleshooting,Monitoring, troubleshooting,
Monitoring, troubleshooting,
 
4. jsp
4. jsp4. jsp
4. jsp
 
Microsoft Azure,AWS Cloud services and it's use
Microsoft Azure,AWS Cloud services and it's useMicrosoft Azure,AWS Cloud services and it's use
Microsoft Azure,AWS Cloud services and it's use
 
Ebook8
Ebook8Ebook8
Ebook8
 
Oracle OSB Tutorial 1
Oracle OSB Tutorial 1Oracle OSB Tutorial 1
Oracle OSB Tutorial 1
 
Microsoft Lync Server 2010 Installation
Microsoft Lync Server 2010 InstallationMicrosoft Lync Server 2010 Installation
Microsoft Lync Server 2010 Installation
 
Aspnet auth advanced_cs
Aspnet auth advanced_csAspnet auth advanced_cs
Aspnet auth advanced_cs
 
IBM Connections 4.5 bidirectional synchronization
IBM Connections 4.5 bidirectional synchronizationIBM Connections 4.5 bidirectional synchronization
IBM Connections 4.5 bidirectional synchronization
 
Create Applicationwith IIS 7
Create Applicationwith IIS 7Create Applicationwith IIS 7
Create Applicationwith IIS 7
 
Basic API Creation with Node.JS
Basic API Creation with Node.JSBasic API Creation with Node.JS
Basic API Creation with Node.JS
 

Similar a Claims Based Auth in SharePoint 2010

SharePoint 2010 authentications
SharePoint 2010 authenticationsSharePoint 2010 authentications
SharePoint 2010 authenticationsWyngate Solutions
 
Cis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry universityCis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry universitylhkslkdh89009
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11Vivek chan
 
SharePoint 2010 - User Profile Store
SharePoint 2010 - User Profile Store SharePoint 2010 - User Profile Store
SharePoint 2010 - User Profile Store Joshua Haebets
 
Cis 407 i lab 6 of 7
Cis 407 i lab 6 of 7Cis 407 i lab 6 of 7
Cis 407 i lab 6 of 7helpido9
 
( 16 ) Office 2007 Create An Extranet Site With Forms Authentication
( 16 ) Office 2007 Create An Extranet Site With Forms Authentication( 16 ) Office 2007 Create An Extranet Site With Forms Authentication
( 16 ) Office 2007 Create An Extranet Site With Forms AuthenticationLiquidHub
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
06 asp.net session08
06 asp.net session0806 asp.net session08
06 asp.net session08Vivek chan
 
SpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptxSpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptxSUFYAN SATTAR
 
Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Danny Jessee
 
Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010Steve Sofian
 
Deploy sql express and share point foundation
Deploy sql express and share point foundationDeploy sql express and share point foundation
Deploy sql express and share point foundationTep Chanveasna
 
need help completing week 6 ilab.. i will upload what I currently ha.docx
need help completing week 6 ilab.. i will upload what I currently ha.docxneed help completing week 6 ilab.. i will upload what I currently ha.docx
need help completing week 6 ilab.. i will upload what I currently ha.docxniraj57
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11Mani Chaubey
 
Web Technologies - forms and actions
Web Technologies - forms and actionsWeb Technologies - forms and actions
Web Technologies - forms and actionsAren Zomorodian
 

Similar a Claims Based Auth in SharePoint 2010 (20)

SharePoint 2010 authentications
SharePoint 2010 authenticationsSharePoint 2010 authentications
SharePoint 2010 authentications
 
Cis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry universityCis407 a ilab 6 web application development devry university
Cis407 a ilab 6 web application development devry university
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11
 
ASP.NET Lecture 5
ASP.NET Lecture 5ASP.NET Lecture 5
ASP.NET Lecture 5
 
Create Components in TomatoCMS
Create Components in TomatoCMSCreate Components in TomatoCMS
Create Components in TomatoCMS
 
SharePoint 2010 - User Profile Store
SharePoint 2010 - User Profile Store SharePoint 2010 - User Profile Store
SharePoint 2010 - User Profile Store
 
Cis 407 i lab 6 of 7
Cis 407 i lab 6 of 7Cis 407 i lab 6 of 7
Cis 407 i lab 6 of 7
 
( 16 ) Office 2007 Create An Extranet Site With Forms Authentication
( 16 ) Office 2007 Create An Extranet Site With Forms Authentication( 16 ) Office 2007 Create An Extranet Site With Forms Authentication
( 16 ) Office 2007 Create An Extranet Site With Forms Authentication
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
06 asp.net session08
06 asp.net session0806 asp.net session08
06 asp.net session08
 
Tutorial asp.net
Tutorial asp.netTutorial asp.net
Tutorial asp.net
 
SpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptxSpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptx
 
Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010
 
Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010
 
Deploy sql express and share point foundation
Deploy sql express and share point foundationDeploy sql express and share point foundation
Deploy sql express and share point foundation
 
need help completing week 6 ilab.. i will upload what I currently ha.docx
need help completing week 6 ilab.. i will upload what I currently ha.docxneed help completing week 6 ilab.. i will upload what I currently ha.docx
need help completing week 6 ilab.. i will upload what I currently ha.docx
 
08 asp.net session11
08 asp.net session1108 asp.net session11
08 asp.net session11
 
Web Technologies - forms and actions
Web Technologies - forms and actionsWeb Technologies - forms and actions
Web Technologies - forms and actions
 
7. struts
7. struts7. struts
7. struts
 

Último

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 

Último (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 

Claims Based Auth in SharePoint 2010

  • 1. Claims Based Authentication in SharePoint 2010 Before starting our actual configuration let us first understand what is claims based authentication? We are going through am simple example: - Now I have Voter-Id Card which is provided by the Government of India. And I am traveling through Indian railway. In train Ticket checker comes and asks for identity at that time I can show my Voter-Id card and he said ok, because:- 1. There is a trust between Indian Government and Indian railway. 2. Voter-ID card describes my identity like my name, age, Address...etc. It means Indian Government provides authority to me, to live or travel anywhere in India .So I can claim I am Indian. And Indian Government is my Identity Provider. Before Starting claim Base Authentication we need to understand some basic Concepts:- What is identity? It is a set of attribute which describe us uniquely (e.g. our name, age, address, email address etc.) What is Claim? Some rights or permission on which bases we can claim we are have the permission for this. What is Security Token? Security token is a collection of Claims valid for unique identity for specific time. htttp://www.parallelminds.biz Claim based security service not always requires own security, it also can be rely on other security providers.
  • 2. 1. Create a web Application in SharePoint Central Administrator, click on Claims based Authentication. 2. Go to Claims Authentication Type section and click on the check box to enable the Enable Forms based Authentication (FBA). And give the name to ASP.Net Membership provider name and ASP.Net Role manager. Note: - These Names are case Sensitive.
  • 3.
  • 4.
  • 5. 3. Once we have created a web application using Claims Based Authentication, we can create a site collection. Now we can access the site choosing Windows Authentication or Forms Based Authentication.
  • 6. 4. Enter your credentials, and then click ok.
  • 7. 5. Now we are able to access our site.
  • 8. Step B: - Configure the Membership provider and role manager. 1. Open the Command Prompt and navigate to C:WindowsMicrsooft .NetFramework64v2.0.50727 and Run “aspnet_regsql.exe”. This will open ASP .Net SQL Server Setup wizard. On this click on NEXT
  • 9. 2. Specify the Database name. If you don’t specify the database name then it will create a database call aspnetdb. Note: - In Database name only give the Database Server name (Don’t give the instance name because aspnetdb database must be create on root of database, it means in default instance). After clicking Next button on the next screen it will show you Server Name and Database name. Then click on Next button. Important: - if the server is not connected it means on your database server default instance is not created, so when you will try to connect the server using Management studio without giving the Instance name it will give you error “server is not found or named pipe is not enabled “. Needful: - First create a default instance in Database and give the permission to all three accounts when you setup the farm like  (with all the permission like dbcreator, dbowner)  srv_sql  srv_setup  srv_farm
  • 10. Then we are able to connect with database with only database server name. 3. Use membership seeder tool to create the users in SQL database. You can find the tool and information on that from:- http://cks.codeplex.com/releases/view/7450 After down load the membership seeder tool, in the bin folder again two folders are there name as  Debug  Release  Select release version and run the MembershipSeeder.exe as Run as Administrator
  • 11.  Next screen will open as below. First click on Configure button  Change the Database server name.it will ask to Restart the MembershipSeeder tool 1. 2.
  • 12. 3.  Then create the user Just type the name of the user in User Prefix box and password.
  • 13. Step C: - Modify the web. Config file for Membership provider and role manager We need to modify 3 different web.config files for FBA to work. 1.Web.config of FBA Web application, 2. Web.config of Central Administration Site & 3. Web.config of STS. Modify Web.config of FBA Web Application. Add below connection string into web.config file after </SharePoint> and before <system. Web>. (Go to Start->run->type inetmgr -> site ->select your web application -> right click and explore -> select web config) Imp: - Take Backup of webconfig file before doing any changes. <connectionStrings> <add name="SQLConnectionString" connectionString="data source=SPSQL5;Integrated S ecurity=SSPI;Initial Catalog=aspnetdb" /> </connectionStrings> Also add membership provider and Role manager on same web.Config <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false"> <providers> <add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthR oleProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" /> <add connectionStringName="SQLConnectionString" applicationName="/" descript ion="Stores and retrieves roles from SQL Server" name="SQL- RoleManager" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </roleManager> <membership defaultProvider="i"> <providers> <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthM embershipProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e94 29c" /> <add connectionStringName="SQLConnectionString" passwordAttemptWindow="5" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestion AndAnswer="true" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" descr iption="Stores and Retrieves membership data from SQL Server" name="SQL-MembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.360 0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership>
  • 14. Modify Web.config of the Central Administration web Application. Add below connection string into web.config file after </SharePoint> and before <system.web>. <connectionStrings> <add name="SQLConnectionString" connectionString="data source=SPSQL5;Integrated S ecurity=SSPI;Initial Catalog=aspnetdb" /> </connectionStrings> Also add membership provider and Role manager on same web.Config <roleManager defaultProvider="AspNetWindowsTokenRoleProvider" enabled="true" cacheRol esInCookie="false"> <providers> <add connectionStringName="SQLConnectionString" applicationName="/" descript ion="Stores and retrieves roles from SQL Server" name="SQL- RoleManager" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </roleManager> <membership defaultProvider="SQL-MembershipProvider"> <providers> <add connectionStringName="SQLConnectionString" passwordAttemptWindow="5" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestion AndAnswer="true" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" descr iption="Stores and Retrieves membership data from SQL Server" name="SQL-MembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.360 0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership>
  • 15.  Modify web.config of STS. We can Navigate the STS web.config from %program files%common filesMicrosoft Sharedweb server extensions14WebServicesSecurityToken And Add Below code before </Configuration> <connectionManagement> <add address="*" maxconnection="10000" /> </connectionManagement> </system.net> <connectionStrings> <add name="SQLConnectionString" connectionString="data source=PMTSLSQL;Integrated Security=SSPI;Initial Catalog=aspnetdb" /> </connectionStrings> <system.web> <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false"> <providers> <add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRo leProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=7 1e9bce111e9429c" /> <add connectionStringName="SQLConnectionString" applicationName="/" descripti on="Stores and retrieves roles from SQL Server" name="SQL- RoleManager" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600. 0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </roleManager> <membership defaultProvider="i"> <providers>
  • 16. <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMe mbershipProvider, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyT oken=71e9bce111e9429c" /> <add connectionStringName="SQLConnectionString" passwordAttemptWindow="5" ena blePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="t rue" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" descripti on="Stores and Retrieves membership data from SQL Server" name="SQL- MembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Vers ion=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> </system.web> Step D:- 1. Go to Central Administration ----->Manage Web Application ----->User Policy.
  • 17.
  • 18. 2. Click on Add User and Select Default Zone. Then Click Next.
  • 19.
  • 20. 3. Insert User name and give full Control. Then click on next button.
  • 21. Thus you can see user in sql aspnetmembership provider is getting recognized by SharePoint and web application. 4. Now we are going to open our site URL in next tab, and enter user name and password. 4. You can see that Ravi is getting authenticated from aspnetmembersipprovider like old forms based authentication. That means SQL database containing aspnetmembershipprovider is identity provider and SharePoint security token service is Relying Party 5. Now we are able to access our site.