Hi guys
Do you need to do some planning around security for your SharePoint 2010 applications?.
Claims-Based Identity security is the way to go. Here is a little information to put the concepts in perspective.
Claims-Based Identity security:
• It is the best practice direction advised by Microsoft
• It decouples SharePoint from authentication provider
• Supports multiple authentication providers for one URL
• Identity can be passed without Kerberos delegation
• It enables federation between organizations
• “PeoplePicker” controls understands claims
Key Components of Claims-Based Identity are:
1. Active Directory Federation Services (AD FS) 2.0
• Providing custom Security Token Service (STS) which builds, signs and issues security tokens
• Facilitates single sign-on for users (no duplicate accounts)
• Identity federation - one organizations accepts identities provided by the other organisations e.g. strategic partners
2. Windows Identity Foundation (WIF) 1.0 -pronounced “Dub-I-F”
• Makes it easier for developers to create claims-aware applications
• Support for verifying a token’s signature and extracting its claims
• Classes for working with claims
• Visual Studio project types
3. Windows CardSpace 2.0
• the end user component of Microsoft’s user access
• platform for developers that helps simplify access to applications and other systems with an open claims-based model
• Behind each card a user sees is an information card
• It’s an XML file that represents a relationship with an identity provider
• It contains what’s needed to request a token for a particular identity
• The Information Card Foundation is a multi-vendor group dedicated to making this technology successful
