SharePoint Claims Based Authentication – Working With Identity in Applications
Working with identity in SharePoint can prove to be very complex and thorny, cultivating a need for technology to provide simplified paths. It can certainly be uncomplicated in specific circumstances when there is only a single entity that is accessing SharePoint, such as when Kerberos (provided by Active Directory Domain Services ([AD DS]) is leveraged. Where the complexity starts to come in though is when more information is desirable. Not all SharePoint applications can be ran within the context of Kerberos or by having someone delegated a username and password. This is further complicated when SharePoint needs to be accessed both internally within the enterprise and externally on the cloud by customers. There are also times when someone in the business needs to access an application at a remote office or outside source, allowing them to do so with the same method of accessing it devoid of having a separate login is critical.
The answer to all of this is to have an indistinguishable approach that fits all these scenarios, with a single method in place meeting typical industrial computing standards of the business world. It needs to have clear boundaries but also be flexible enough so that it won’t soon be outdated or inextensible. It has to be something that can be implemented on many levels including the different products that vendors and developers alike can use. Claims based identity is meant to supply the solution to this type of difficulty.
Next Section >> Claims Based Identity