SharePoint 2010 Security Part 2

Learn how to integrate SharePoint 2010 with external security providers, and other advanced security topics.
Course info
Rating
(30)
Level
Advanced
Updated
May 8, 2012
Duration
1h 48m
Table of contents
Custom STS
Name Resolution
Azure ACS and SharePoint 2010
Description
Course info
Rating
(30)
Level
Advanced
Updated
May 8, 2012
Duration
1h 48m
Description

This course introduces several advanced security topics in SharePoint 2010. It first walks you through how to create a custom STS using WIF and integrate it with your SharePoint 2010 applications. Next it discusses the role of the claims augmentation provider in SharePoint 2010. Finally, it covers how to integrate Azure ACS with SharePoint 2010.

About the author
About the author

Sahil Malik has been a Microsoft MVP for the past 8 years, author of several books and numerous articles in both the .NET and SharePoint space, consultant and trainer who delivers talks at conferences internationally.

More from the author
More courses by Sahil Malik
Section Introduction Transcripts
Section Introduction Transcripts

Custom STS
Hello everyone, my name is Sahil Malik, and in this video I will be picking up some of the interesting advanced topics of our SharePoint Security that I wasn't able to cover in my previous videos. Why are we talking about this? Because security is extremely important, and I'm not saying that just to be boring, because it is extremely important as --- far as something that we need to learn. Because we're used to classic mode authentication, this is what we've been doing in a lot of applications, especially SharePoint, for a very long time. But the world is moving towards claims based authentication. If you look at. NET 4. 5, every principle it now inherits from claims principle. Everything is inherited, is going to be a claims-based identity going forward. And the flexibility that claims based authentication gives you are the kind of applications that we want to be able to write today, claims based authentication is almost a necessity for that. This video --- can be considered as part two. So, if you haven't seen part one yet, I would encourage you to go check it out, it's already available on Pluralsight. This is a video I'd recorded a while ago, and you can find various topics over here; there's some background about SharePoint Security in general, I talked about claims based authentication, some basics about it. I talked about the concept of claims augmentation. So the concepts that I'll be covering in this video and in this course build upon the concepts that are already covered in this video over here. There is a chance that this might be renamed to SharePoint 2010 Security part one, so whichever it is, but I would highly recommend that you view this video first.

Name Resolution
Sahil Mailik: Hello. My name is Sahil Mahlik from WinSmarts. com and in this video I will be continuing the discussion that I had in the previous video, which was when you establish security using an external STS we noticed that there was a problem that SharePoint had no idea how to perform name resolution, so all the people pickers doing resolution and searched would basically return every user as a valid user, which is obviously a problem. Now in this particular video I'm going to combine a couple of concepts that we learned previously and I'm going to show practical application of that. And given the name resolution is absolutely critical you can think that whenever you're using an external STS for all practical purposes you will probably have to have name resolution code added into the solution as well. So the background that you must have in order to able to view this video is that so far you should have viewed my security related SharePoint security (inaudible) videos, specifically you must have viewed the previous video, which is establishing claims face authentication with SharePoint using a customer STS. This is a video that is immediately preceding to this one. So we know that claims space authentication is actually really important. We also know that in most of the scenarios it will allow you to, it will require you to rely on an external IP STS identity provider security token service. The obvious question, then, is that when you're relying on an external IP STS, when and how do you do name resolution?