Tuesday, July 16, 2013

What's new in Authentication in SP2013

  • SP13 includes improvements in claim infrastructure and authentication features that enable new server to server and app authentication.
  • Applies to: SP13 Enterprise, SP13 Standard, SP13 foundation
  • Enhanced claim based authentication make easier and enable new scenarios and functionality for exchange server 2013, Lync 2013 and apps in SharePoint Store and App Catalog.
  • SP13 introduce the support for Server to Server and app authentication by utilizing and extending the Open Authorization 2.0 (OAuth2.0) web authorization protocol.
  • OAuth is an industry standard protocol that provides temporary, redirection-based authorization.
  • A user or a web application that acts on behalf of a user can request authorization to temporarily access specified network resources from a resource owner.
  • Support for OAuth in SP13 allows users to grant apps in SharePoint Store and App Catalog access to specified, protected user resources and data (including lists, documents, photographs and videos) without requiring the app to obtain, store, or submit the user's credentials.
  • OAuth allows app and services to act on behalf of the users for limited access SharePoint resources. Example: this enable an app, such as a third-party photo printing app, to access and copy the files in the specified folder upon user request, without having to use or verify the user account credentials.

User Authentication and Authorization in SP13
Authentication: User authentication in SP13 is the process that verifies the identity of a user who requests access to a SharePoint web application. An authentication provider issues the authenticated user a security token that encapsulates a set of claims-based assertions about the user and is used to verify a set of permissions that are assigned to the user.

Authorization: User authorization in SP13 is the process that determines the users who can perform defined operations on a specified rescores within a SharePoint web application.

Claim based authentication is default authentication in SP13 because Server-to-Server and app authentication are based on claim authentication.
Windows Classic authentication method is still available in SP13 and can be configured using PowerShell.
Authentication method supported by SP13
  • Windows claim
  • SAML -based claim
  • FBA (Form Based Authentication)
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)