The Microsoft Office Server System (SharePoint 2007) has many exiciting new security mechanisms built into it that allows one to build a highly guarded collobration environment that provide a unique, fluid user experience. In previous versions of SharePoint, sometimes implementing very granular security options had the negative side effect of degrading the rich communications and collobrations feature of the product, required heavy development efforts, or additional hardware and software purchase (for such things as Windows Rights Management).....

Read More

Implementing a Pluggable Authentication Provider

Download MOSS Flat Text File Membership Provider

---

Procuring ASP.NET 2.0 Forms Authentication

The Membership Class, which is detailed more exhaustivly in other articles, uses the Membership Provider specified in WCAM and the web.config file of the relevant web application to work with the membership data store, and like the other classes relating to authentication, the methods of these classes are static. There are variety of features that are available in the membership class, but most notably these methods can be used to create and delete users (or catch membership exceptions) as well as retrieve and update data that is stored in the MembershipUser class. When implementing forms based authentication, the custom login form that is available within the internet presenence site, or when creating a custom login form use the ValidateUser method of this class to authenticate the user when the credentials are submitted.....

Implementing Pluggable Single Sign-On

The Microsoft SSO Service API is independent of the specific authentication mechanisms that are discussed in previous articles. The unique feature of the new MOSS SSO is that the Microsoft Single Sign On service is now a pluggable feature, by which you can leverage whichever SSO provider that you would like, be it a custom one that you have made or one provided by a third party. When doing so, the default SSO provider, SpsSsoProvider, will no longer be used. Because only one SSO service can be used, it is a one or other choice. A MOSS administrator/architect has to decided whether they want to bind the default SSO provider or use one of there one choosing, each which carries its own implications.....

---

Implementing Information Rights Management (IRM)

Distributing local information through unwanted channels is one of the largest problems that exist within a SharePoint environment. Because SharePoint is meant to provide users with large faculities in order to share and work with arbitrary business data, this can sometimes lead to users sharing information that should otherwise not be shared. A major method to procur added assurance that will help to eliminate intentional and/or accidental redistribution of sensitive or classified business information is to persistently protect the the business data under multiple circumstances, across multiple environments.....

---

Code Access Security in MOSS

Code Access Security (CAS) in relation to Microsoft Office SharePoint Server defines code access rights by means of permissions. A permission is a first-class object that represents a right to access certain resources. A FileIOPermission object for instance represents the right to perform certain operations on certain files. Permission objects actually represent sets of more primitive permissions, and it is always possible to take the union or intersection of two permission objects of the same type. A PermissionSet object groups permissions of different types.....

One of the largest causes for complaints in previous versions of SharePoint was the lack of Securable Objects (SO) that existed only allowing end-users the option of securing items at the library level. Within SharePont 2007, this concept of Securable Objects is exposed and allows end users the option to bind a specific identity to a specific object. There are several different objects within MOSS that are allowed as securable procuring an environment that allows a very granular level of permissions.....

Read More

---

Building A Simple SharePoint 2007 (MOSS) / WSSv3 WebPart

The way that WebParts are programmed in WSS 3.0 has changed drastically, however the benefits of programming WebPart instead of standalone .NET application remains the same. One of the most important things that is covered with the introduction of WSS 3.0 is the legacy style of creating WebParts (although both inherit from the WebPart class, in 3.0 this class is located in System.Web.UI.WebControls.WebParts namespace, and in WSS 2.0 this base class was located in the Microsoft.SharePoint.Pages namespace) is still maintained, and although the environment may have changed, programmatic efforts will not have been wasted.....

Read More

---

Integrating MOSS (SharePoint 2007) and WSS v3 with ASP.NET 2.0

The new version of WSS, Windows SharePoint Services 3.0, is integrated more tightly with the ASP.NET 2.0 framework model. Similar to the previous versions of SharePoint, the concepts of extending and de-extending websites with the SharePoint framework still exists, meaning that an administrator must still provision the WSS assets onto a an IIS website to have a full fledged WSS site, however the extending process is slightly different and the differences that segregated SPS areas and WSS site collection are now merged into one cohesive unit under site collections.....

Read More

Introduction to Antigen and Purpose

Implementing Antigen within your SharePoint environment has several purposes. Most evident, and apparent within initial deployment, is to harden your SharePoint environment since it will begin to accumulate several business process within an arbitrary organization. Since several processes will be automated or reinvented with the introduction of SharePoint into your corporate environment......

Read More

---

Antigen Visio Diagram

Antigen diagram that gives a very high level overview of the operational characteristics of Antigen, and where it fits within a SharePoint environment.....

Read More

---

Installing Antigen

As SharePoint becomes an industry standard for collobration and communications platforms, playing roles for project management and business critical application hosting, securing the platform becomes increasingly important across the enterprise.....

Read More

---

Antigen Services and Jobs

The Antigen Services are what are the backbone of the Antigen framework. By implementing these services within your environment, it not only allows your detection engine to interact with your SharePoint environment, but also allows you to manage processes and other methods related to the client applications.....

Read More

---

Using Antigen Clients

The Antigen Services are what are the backbone of the Antigen framework. By implementing these services within your environment, it not only allows your detection engine to interact with your SharePoint environment, but also allows you to manage processes and other methods related to the client applications.....

Read More

---

Aggregating AV Vendors

Corporate antivirus SharePoint protection is only as good as your AV vendor builds and how well you assimilate updates to their arbitrary AV scanning engines. For that reason, Antigen has built in mechanisms that will allow you to aggregate and incorporate AV vendors various scan engines into one cohesive unit protecting your SharePoint content repositories.....

Read More

---

Antigen with Multiple Scan Engines

As detailed in other articles, Antigen for SharePoint supports the opportunity of not conforming to just a singular vendor scanning engine, but offering faculties of assimilating the functionality from multiple vendors scan engines in order to properly examine your content repositories thus leveraging as much intelligence as possible.....

Read More

---

Scan Jobs Within The Antigen Framework

There are several types of scan jobs that exist within the Antigen framework, each of which may be appropriate for an arbitrary task depending on your requirements. The three scan jobs that exist within Antigen for SharePoint are.....

Read More

---

Using the Antigen for SharePoint WebParts

One of the most significant pieces of functionality that can be implemented within a corporate antivirus policy is the display and archiving of virus infected notifications, their origin, and how those files are handled within a communications and collaborations environment. Within the Antigen for SharePoint framework, these events are called “event notifications”.....

Read More


Introduction to Data Protection Manager and Business Continuity Planning (BCP)

A proper SharePoint environment should cover all aspects involved in a traditional computing environment, plus more since SharePoint can serve as the basic repository for all of your business information and business processes. One of the most overlooked aspects of a SharePoint environment however is that of disaster recovery and proper data transport planning and storage in case of an emergency, to mitigate several types of data loss risks.....

Read More

---

Introduction to Microsoft Data Protection Manager Marriage with SharePoint

Having a disaster recovery plan for your SharePoint deployment isn’t an option; it’s a necessity in order to protect precious enterprise data. Enterprises will expunge an unlimited amount of funds extending the rich functionality of SharePoint, however when it comes to actually setting up methods and procedures that are meant to enhance.....

Read More

---

Protecting Your SharePoint Network with Microsoft Data Protection Manager

After you conclude your initial configuration of Microsoft Data Protection Manager, protecting your SharePoint servers should be the next task to complete so that you can ensure that your critical business data is protected in accordance with a properly structured SharePoint disaster recovery policy.....

Read More

---

Integrating Data Protection Manager into Your Current Backup Strategy

Microsoft Data Protection Manager does not replace normal backup strategies using tape media for off-site storage backup; this is still a necessary step for appropriate portal data protection. This is for several reasons, however the most clear is that if something does happen at the local data center, such as a natural disaster or corporate espionage.....

Read More

---

Why Microsoft Data Protection Manager Will Replace Your SharePoint Tape Backups

Typically, within organizations it is common to have a backup strategy where your critical SharePoint data is backed up to tape, and either taken to secure on-site locations or to a designated off-site sheltered faculty. Tape backups have been a reliable way to backup SharePoint data for an extended period of time.....

Read More

---

What is Disaster Recovery in Relation To SharePoint

Disaster recovery can be an issue at many levels. Damage could inflict SharePoint file stores, custom development (ASP.NET 2.0 WebParts, SharePoint WebParts, or Framed Applications), design / branding efforts (master pages, manual modifications), and most importantly your stored business data.....

Read More

---

Caveats of Protecting Your SharePoint Environment with Microsoft Data Protection Manager

There are certain caveats that exist when using Microsoft Data Protection Manager within your SharePoint environment that have to be taken into consideration when planning your deployment and disaster recovery strategy. These caveats are very important when considering the impact that they might have on your enterprise environment and disaster recovery.....

Read More

---

What is ISA server, and what does it have to do with MOSS (SharePoint 2007)?

Often times, one person is tasked within an organization to be responsible for several platforms. If you have MOSS 2007, you also might have a range of other sister server platforms such as EPM, DPM, LCS, MIIS, or a variety of supplementary Microsoft platforms. The one server that is characteristically common within an external, as well as internal, facing SharePoint deployment is ISA server 2006 for its inherent security routines and web caching solutions, along with several other security options that can be typically of interest to SharePoint administrators such as honey pots and intrusion detection systems.....

Read More

---

First Steps in Implementing ISA Server With SharePoint

After the initial installation of ISA server, securely publishing your SharePoint portal is a fairly straightforward process that can be facilitated by either a network or SharePoint administrator. Within ISA server 2004, this process typically required setting up the appropriate listeners and web publishing rules so that the proper resources.....

Read More

---

Setting up HTTP Compression For Your SharePoint Portal

HTTP compression is one of the neatest features of ISA server that can help to streamline your portal by reducing filesizes. HTTP compression is a fairly simple technology whose main goal is shrinking data packets using intelligent process whereby data which is disused can be handled more efficiently for your SharePoint portal.....

Read More

---

Implementing Flood Control to Protect Your SharePoint Server

Flooding as a malicious computer term is becoming almost a household term, through the media news regarding denial of service attacks on different corporations, in different industries, for different purposes. SharePoint portals are a particularly attractive target since businesses will tend to rely on them for virtual teams.....

Read More

Introduction to Knowledge Management Systems

Knowledge management is composed of multiple academic, scientific and artistic disciplines which are a form of industry model that deals with various perspectives of intelligence found in the background of the company. The disciplinary model focuses on creating of knowledge, sharing with the business, and codification and how the actions instigate novelty and education.....

Read More

---

Developing Knowledge Management Structure

Knowledge management is composed of multiple academic, scientific and artistic disciplines which are a form of industry model that deals with various perspectives of intelligence found in the background of the company. The disciplinary model focuses on creating of knowledge, sharing with the business, and codification and how the actions instigate novelty and education.....

Read More

---

Formation and Elicitation of Knowledge Management

KM also known as knowledge management from processing perspectives is troubled with the dissemination, creation and usage of knowledge within the company. A well-structured process is in demand for placing for managerial knowledge to be successful. The processes could be separated into the following steps.....

Read More

---

Building Effective Communications Using Fitting Skills

Technology connects the world in amazing ways. Technology ties together the educational assets, which speed up the process of sending and receiving through a system computing communication channel. The skills of technology materialize supporting the dissimilar skill and expertise organization, while developing the plans to prevail. The computer models and technology developments today says it all for technology, since just when a person thinks they have it all figured out, a new method of communication comes along.....

Read More

---

Knowledge Management Schemes

Knowledge administration has emerged into the business line of attack aiming at solving current business confrontations increasing effectiveness of nucleus processing of business at the same time simultaneously developing incessant originality and novelty.....

Read More

Web Service Security and SharePoint Articles

SharePoint and SOA Architectures

SharePoint as a communications and collobration solutions provides robust faculities to build out scalable and extendable architectures that conform with SOA. We will begin by defining how we use the information architectures terms, information management, document management and content management. Because these terms are considered interchangeable concepts, it is best to clarify the definitions as followed:

• Document Content – Typically, the human mind tends to separate a document from the actual contents. So for example, instead of saying, “I read what you wrote” we are saying, “We read the document”. Therefore, we are conveying that we not only saw the document, but we also read the contents.....

Read More

---

SharePoint and .NET Web Services Part I

As you can see from the following code, a complete XML Web Service is very easy to produce in ASP.NET. This is easily consumable in MOSS at a later date through the OOB webparts, and can be extremly valuable when aggregating business critical data.

using System;
using System.Web.Services;

public class Calculator {

[WebMethod]

public double Add(double a, double b) {

return a + b;

}

}.....

Read More

---

SharePoint and .NET Web Services Part II

In Part I, there was an explainination how the XML Serialization attributes could be used to customize XML. It was also explored a little in general about ASP.NET XML Web Services. Specifically the XML they expect to receive and how they come up with the default XML format. In this second part in this series, we are going to finish up talking about the XML Serialization Attributes and dive into how ASP.NET parses the incoming XML, calls your method, and writes the result as XML back to the pipe.

Arrays

I’ve saved arrays for last because they contain the most interesting aspects in my opinion. To best demonstrate this topic, I’ve modified the Person class to be able to contain more than one address. The code in Listing 6 shows the first attempt, using a normal array (as opposed to an ArrayList).....

Read More

---

Web Services Security and Architecture

Web services are becoming increasingly more commonplace within every business environment in numerous industries, and are particularly common within a SharePoint environment for a variety of different purposes. With the introduction of any new technology, as web services are to several enterprises, always brings into light new security issues that must be dealt with. Although Web services provide excellent transfer interoperability with various types of business data to expose and serve in relation to our SharePoint portal, there is also the need to harden and secure these Web services in order to mitigate any risk to SharePoint as well other business applications.....

Read More