SlideShare une entreprise Scribd logo

Develop Custom Claim Providers

A
AntonioMaio2

Developing Custom Claim Providers to Enable Authorization in SharePoint - Antonio Maio. With the release of SharePoint 2010, Microsoft introduced the concepts of Claims Based Authentication and Authorization. SharePoint 2013 went a step further making Claims Based Authentication the default method for authenticating users when they login. Claims, and identities in general, are playing a bigger role in the security capabilities of systems like SharePoint, enabling us to solve some new and exciting security challenges. Typically we authorize the content that users have access to using SharePoint permissions, however authentication scenarios can be extended in new and interesting ways by developing a custom component called a Custom Claim Provider. This session will introduce the concepts of Claims Based Authentication and Authorization in SharePoint and provide step by step instructions on how to develop and deploy Custom Claim Providers. The session will also walk through several examples of how custom Claim Providers can enhance SharePoint security and authorization.

Logiciels
1  sur  42
Télécharger pour lire hors ligne
Developing Custom Claim Providers to Enable Authorization in SharePoint Antonio Maio Senior SharePoint Architect & Senior Manager Microsoft SharePoint Server MVP Email: Antonio.maio@protiviti.com Blog: www.trustsharepoint.com Slide share: http://www.slideshare.net/AntonioMaio2 Twitter: @AntonioMaio2
Agenda  Introduction: Claims in SharePoint 2013  Getting the Right Claims for Authorization  Developing a Custom Claim Provider  Example Claim Providers  Deployment and Final Considerations
Introduction: Claims in SharePoint 2013
Authentication vs Authorization  Authentication Process of determining that a user is who they say they are  Authorization Process of determining resources a user has access to and the level of access they are granted
Authentication Options  Claims Based Authentication (Default)  Forms Based Authentication (FBA – thru Claims)  Classic Mode  Integrated Windows Authentication  NTLM  Kerberos  Basic Authentication  Only configurable through PowerShell Classic Mode has been deprecated! Configuration UI has been removed and is only available thru PowerShell.
Claims Based Identity  What is a Claim?  A statement that one subject makes about itself : name, identity, group, privilege, capability, etc.  Examples: name, email, logon name, security groups, employment status, security clearance, department, etc.  What is Claims Based Identity/Authentication  A standards based exchange and trust identities across networks  Trust is a key element – achieved through digital signatures  Claims are packaged in a standard format (SAML)… issued and digitally signed by a trusted source (security token service)… and exchanged over a standard protocol (SAML)
Claims Based Authentication  Claims are an Authentication Mechanism  Based on SAML or WS-Federation (Passive) tokens  Supports WS-Fed  Supports SAML 2.0 token format, SAML 1.1 protocol  SharePoint Online  Supports SAML 2.0 protocol, WS-Fed (Passive)  Result: Authenticated User & Security Token  Built-in SharePoint Security Token Service (STS)  Integrated Windows Authentication  Forms Based Authentication  Trusted Identity Provider  External STS (Ex. Active Directory Federation Services – ADFS)
Claims Based Authentication  Configured within Central Administration on each Web Application • In Central Admin > Click Manage Web Applications • Select the specific Web Application • Click Authentication Providers • Select the Zone • Select the authentication protocol
Claims as Permissions  Claims are also trusted attributes about users  Tokens are digitally signed by the issuer (IP-STS)  Claims can be assigned as permissions  With a permission level  Assign to sites, libraries, folders, items/documents  SharePoint applies permissions based on claims  User with matching claim when they sign in, SharePoint grants level of access to content  Behave like domain groups
SharePoint Permission Examples Users, Groups or Claims Finance (AD Group) has Full Control on Library A Contractors (SP Group) has Read access on site B John.Smith (AD user) has Contribute access on Document C ‘Clearance=Secret’ has Full Control access on Document X ‘EmploymentStatus=FTE’ has Contribute access on Site Z User, Group, or Claim (also called a ‘Principle’) Permission Level (collection of permissions) Information Object (item or container)
Getting the Right Claims into SharePoint for Authorization
Claims Based Authorization  Specific to the user  Performed done without knowing who the user is  Dynamic – ex. changes in a user’s security clearance  Based on external systems (HR systems, SQL, etc.)  Alternative to security groups – Groups do not scale  Policy Example: user must be part of GroupA and GroupB and GroupC to access a resources
What types of claims do we need?  Military, Intelligence, Government Defense  Security Clearance  Caveat  Need to Know  Commercial  Department or Team  Role  Current Date/Time, Current Device (BYOD)  Group Membership with multiple groups  Aerospace/Defense Contracting  Nationality + Current Location  Homeland Security  Agency (law enforcement, emergency response, public health…)  Scope or Level (local, state, federal)  Current Threat Level
Identity Provider (IP) Claims Based Authentication Process/Call Flow SharePoint 2013 Active Directory (AD DS) Active Directory Federation Services (ADFS) 1 2 3 4 5 6 7 1 Request a web page 2 Obtain login page from the ADFS server 3 Request a SAML security token 4 Validate user credentials with the identity provider 5 Send a SAML security token 6 Send a new web page request containing the SAML token 7 Create SharePoint security token & send the requested web page Fed Auth Cookie Custom Claim Provider Custom Claim Provider … Custom Claim Provider <Claim> <Claim> <Claim> ADFS Signing Cert Public Portion of ADFS Signing Cert
Developing Custom Claim Providers
Custom Claim Providers  SharePoint farm level feature  Can deploy more than one  Called after user is authenticated  After Trusted Identity Provider has already returned claims  Built on WIF (Windows Identity Framework)  Used to augment claims  Used to transform claims  Used to resolve/search claims in People Picker
Building a Custom Claim Provider 1. Add necessary References Microsoft.SharePoint Microsoft.IdentityModel Browse to find it in Program FilesReference AssembliesMicrosoftWindows Identity Foundationv3.5Microsoft.IdentityModel.dll 2. Add necessary Using statements using System; using System.Xml; using System.IO; using System.ServiceModel.Channels; using System.Collections.Generic; using System.Linq; using System.Text; using Microsoft.SharePoint; using Microsoft.SharePoint.Administration; using Microsoft.SharePoint.Administration.Claims; using Microsoft.SharePoint.WebControls; 3. Add a Class which inherits from SPClaimProvider namespace SampleClaimProvider { public class ClearanceClaimProvider : SPClaimProvider { public ClearanceClaimProvider (string displayName) : base(displayName) { } } }
Building a Custom Claim Provider 4. Implement the Abstract class Methods: FillClaimTypes FillClaimValueTypes FillClaimsForEntity FillEntityTypes FillHierarchy FillResolve(2 overrides) FillSchema FillSearch Properties: Name SupportsEntityInformation SupportsHierarchy SupportsResolve SupportsSearch public class ClearanceClaimProvider:SPClaimProvider { } Right click on SPClaimProvider and select…
Building a Custom Claim Provider 5. Implement Required Properties public override string Name {get { return ProviderInternalName; }} public override bool SupportsEntityInformation {get { return true; }} public override bool SupportsHierarchy {get { return true; }} public override bool SupportsResolve {get { return true; }} public override bool SupportsSearch {get { return true; }} Must return True for Claims Augmentation Returns the Claim Provider unique name Supports hierarchy display in people picker Supports resolving claim values Supports search operation
Building a Custom Claim Provider 6. Create Static Properties for Name internal static string ProviderDisplayName { get { return “Security Clearance"; } } internal static string ProviderInternalName { get { return “SecurityClearanceProvider"; } }
Building a Custom Claim Provider 7. Create Data Source and Helper Functions private string[] SecurityLevels = new string[] { "None", "Confidential", "Secret", "Top Secret" }; private static string ClearanceClaimType { get { return "http://schemas.sample.local/clearance"; } } private static string ClearanceClaimValueType { get { return Microsoft.IdentityModel.Claims.ClaimValueTypes.String;} } • Adding a claim with type URL http://schemas.sample.local/clearance and the claim’s value is a string
Building a Custom Claim Provider 8. Implement Methods to Augment Claims FillClaimTypes FillClaimValueTypes FillClaimsForEntity protected override void FillClaimTypes(List<string> claimTypes) { if (claimTypes == null) throw new ArgumentNullException("claimTypes"); claimTypes.Add(ClearanceClaimType); } protected override void FillClaimValueTypes(List<string> claimValueTypes) { if (claimValueTypes == null) throw new ArgumentNullException("claimValueTypes"); claimValueTypes.Add(ClearanceClaimValueType); }
9. Implement FillClaimsForEntity to augment claims protected override void FillClaimsForEntity(Uri context, SPClaim entity, List<SPClaim> claims) { if (entity == null) throw new ArgumentNullException("entity"); if (claims == null) throw new ArgumentNullException("claims"); if (String.IsNullOrEmpty(entity.Value)) throw new ArgumentException("Argument null or empty", "entity.Value"); //if existing Clearance claim is ‘top secret’ then add lower levels clearances if (. . .) { claims.Add(CreateClaim(ClearanceClaimType, SecurityLevels[0], ClearanceClaimValueType)); claims.Add(CreateClaim(ClearanceClaimType, SecurityLevels[1], ClearanceClaimValueType)); claims.Add(CreateClaim(ClearanceClaimType, SecurityLevels[2], ClearanceClaimValueType)); } . . . } Building a Custom Claim Provider
Customizing the People Picker FillEntityTypes Set of possible claims to display in the people picker FillHierarchy Hierarchy for displaying claims in the people picker FillResolve(2 overrides) Resolving claims specified in the people picker FillSchema Specifies the schema that is used by people picker to display claims/entity data FillSearch Fills in search results in people picker window Other Important Methods: Replacing the People Picker
Using Claims for Authorization  You will assign claims as permissions either  Through People Picker  Programmatically through code  In both cases you must implement  FillEntityTypes  FillHierarchy  FillResolve(2 overrides)  FillSchema  FillSearch …or the augmented claims will not be available to you!
Using Claims for Authorization  FillEntityTypes protected override void FillEntityTypes(List<string> entityTypes) { //Return the type of entity claim we are using entityTypes.Add(SPClaimEntityTypes.FormsRole); }
Using Claims for Authorization  FillHierarchy protected override void FillHierarchy(Uri context, string[] entityTypes, string hierarchyNodeID, int numberOfLevels, SPProviderHierarchyTree hierarchy) { if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole)) return; switch (hierarchyNodeID) { case null: // when it 1st loads, add all our nodes hierarchy.AddChild(new Microsoft.SharePoint.WebControls.SPProviderHierarchyNode (SecurityClearance.ProviderInternalName, “SecurityClearance”, “Security Clearance”, true)); break; default: break; } } hierarchy.AddChild(new Microsoft.SharePoint.WebControls.SPProviderHierarchyNode (SecurityClearance.ProviderInternalName, “Caveat”, “Caveat”, true));
Using Claims for Authorization  FillResolve (1st override) protected override void FillResolve(Uri context, string[] entityTypes, SPClaim resolveInput, List<PickerEntity> resolved) { if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole)) return; Microsoft.SharePoint.WebControls.PickerEntity pe = GetPickerEntity (resolveInput.ClaimType, resolveInput.Value); resolved.Add(pe); }
Using Claims for Authorization  FillResolve (2nd override) protected override void FillResolve(Uri context, string[] entityTypes, string resolveInput, List<PickerEntity> resolved) { if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole)) return; //create a matching entity and add it to the return list of picker entries Microsoft.SharePoint.WebControls.PickerEntity pe = GetPickerEntity (ClearanceClaimType, resolveInput); resolved.Add(pe); pe = GetPickerEntity(CaveatClaimType, resolveInput); resolved.Add(pe);
Using Claims for Authorization  GetPickerEntity private Microsoft.SharePoint.WebControls.PickerEntity GetPickerEntity (string ClaimType, string ClaimValue) { Microsoft.SharePoint.WebControls.PickerEntity pe = CreatePickerEntity(); // set the claim associated with this match & tooltip displayed pe.Claim = CreateClaim(ClaimType, ClaimValue, ClaimValueType); pe.Description = SecurityClearance.ProviderDisplayName + ":" + ClaimValue; // Set the text displayed in people picker pe.DisplayText = ClaimValue; // Store in hash table, plug in as a role type entity & flag as resolved pe.EntityData[Microsoft.SharePoint.WebControls.PeopleEditorEntityDataKeys. DisplayName] = ClaimValue; pe.EntityType = SPClaimEntityTypes.FormsRole; pe.IsResolved = true; pe.EntityGroupName = "Additional Claims"; return pe; }
Using Claims for Authorization  FillSchema protected override void FillSchema(SPProviderSchema schema) { schema.AddSchemaElement(new Microsoft.SharePoint.WebControls.SPSchemaElement( Microsoft.SharePoint.WebControls.PeopleEditorEntityDataKeys.DisplayName, "Display Name", Microsoft.SharePoint.WebControls.SPSchemaElementType.Both)); }
Using Claims for Authorization  FillSearch protected override void FillSearch(Uri context, string[] entityTypes, string searchPattern, string hierarchyNodeID,int maxCount, SPProviderHierarchyTree searchTree) { if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole)) return; // The node where we will place our matches Microsoft.SharePoint.WebControls.SPProviderHierarchyNode matchNode = null; Microsoft.SharePoint.WebControls.PickerEntity pe = GetPickerEntity (ClearanceClaimType, searchPattern); if (!searchTree.HasChild(“SecurityClearance”)) { // create the node so that we can show our match in there too matchNode = new Microsoft.SharePoint.WebControls.SPProviderHierarchyNode (SecurityClearance.ProviderInternalName, “Security Clearance”, “SecurityClearance”, true); searchTree.AddChild(matchNode); } else
Using Claims for Authorization  FillSearch protected override void FillSearch(Uri context, string[] entityTypes, string searchPattern, string hierarchyNodeID,int maxCount, SPProviderHierarchyTree searchTree) { if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole)) return; // The node where we will place our matches Microsoft.SharePoint.WebControls.SPProviderHierarchyNode matchNode = null; Microsoft.SharePoint.WebControls.PickerEntity pe = GetPickerEntity (ClearanceClaimType, searchPattern); if (!searchTree.HasChild(“SecurityClearance”)) { // create the node so that we can show our match in there too matchNode = new Microsoft.SharePoint.WebControls.SPProviderHierarchyNode (SecurityClearance.ProviderInternalName, “Security Clearance”, “SecurityClearance”, true); searchTree.AddChild(matchNode); } else { // get the node for this security level matchNode = searchTree.Children.Where(theNode => theNode.HierarchyNodeID == “SecurityClearance”).First(); } // add the picker entity to our tree node matchNode.AddEntity(pe); }
Claim Provider Examples
Claim Provider Examples  Example 1: Access sensitive information only during work hours protected override void FillClaimsForEntity(Uri context, SPClaim entity, List<SPClaim> claims) { . . . DateTime now = DateTime.Now; if((now.DayOfWeek == DayOfWeek.Saturday)||(now.DayOfWeek == DayOfWeek.Sunday)) { claims.Add(CreateClaim(WorkDayClaimType,”false”, WorkDayClaimValueType)); return; } //9 o'clock AM DateTime start = new DateTime(now.Year, now.Month, now.Day, 9, 0, 0)); //5 o'clock PM DateTime end = new DateTime(now.Year, now.Month, now.Day, 17, 0, 0)); if ((now < start) || (now > end)) { claims.Add(CreateClaim(WorkDayClaimType,”false”, WorkDayClaimValueType)); return; } claims.Add(CreateClaim(WorkDayClaimType, ”true”, WorkDayClaimValueType)); }
Claim Provider Examples  Example 2: Information Release Dates for Mergers and Acquisitions  Create a SharePoint list: release dates registered for each acquisition – name it ‘Acquisition Release Register’  List item specifies: acquisition project name, release date  Document library holding acquisition documents: add a ‘lookup’ metadata column pointing to ‘Acquisition Release Register’  With every document added user selects a release entry from the Acquisition Release Register  Use 3rd party tools or code to add a claim based permission to the item that matches the metadata column value (project name)  Custom claim provider uses SQL DB to retrieve all entries for Acquisition Release Register  Custom claim provider compares current date to entries in Acquisition Release Register  If now is later than release date then add project name to user’s claims  If user has claim in their identity matching acquisition project name, then they get access to the acquisition documents
Deployment & Final Considerations
Deploying Custom Claim Provider  Deployed as a Farm Level Feature Receiver – requires more code  Must inherit from SPClaimProviderFeatureReceiver (lots of examples)  Can deploy multiple claim providers  Called in order of deployment  Once deployed - Available in every web app, in very zone  Can cause performance issues  When user logs in, all Custom Claim Providers deployed get called  Set IsUsedByDefault property in Feature Receiver Def'n to False, then turn it on manually for required web apps
Some Final Considerations  Reach out to SQL database, LDAP, Repository for attributes which will get added as claims  Custom Claim Provider running in the context of the web application, and not the site the user is logging into  Logged in as the Central Admin Service Account  Do not have context (Most methods have no HTTP Context nor SPContext.Current)  Cannot directly access data on the Site you signed into  For Debugging use a Claims Testing Web Part in SharePoint: http://blogs.technet.com/b/speschka/archive/2010/02/13/figuring- out-what-claims-you-have-in-sharepoint-2010.aspx
Developing Custom Claim Providers to Enable Authorization Antonio Maio Senior SharePoint Architect & Senior Manager Microsoft SharePoint Server MVP Email: Antonio.maio@protiviti.com Blog: www.trustsharepoint.com Slide share: http://www.slideshare.net/AntonioMaio2 Twitter: @AntonioMaio2 Thank You!
Appendix: PowerShell to Register Trusted Provider & Map Claim Types # Make sure the claim types are properly defined in the ADFS server $map = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" - IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming $map2 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" -IncomingClaimTypeDisplayName "Role" -SameAsIncoming $map3 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.sp.local/EmployeeStatus" - IncomingClaimTypeDisplayName "EmployeeStatus" -SameAsIncoming # The realm will identify the web app in ADFS. It is generally created in the form "urn:foo:bar" $realm = "urn:sp-server-2010.sp.local:sharepoint2010" # Use the certificate that has been exported from the ADFS server $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("c:adfs20Certificate.cer") # The url below will tell SharePoint where to redirect to in order to authenticate with the STS # so this should have the ADFS url, plus the protocol (Windows integrated security - "/adfs/ls") $signinurl = "https://adfs20.sp.local/adfs/ls" # Adds the STS (AD FS 2.0) to SharePoint $ap = New-SPTrustedIdentityTokenIssuer -Name "ADFS20 Provider" -Description "SharePoint secured by ADFS20" -realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map,$map2,$map3 -SignInUrl $signinurl -IdentifierClaim $map.InputClaimType # The certificate imported from the ADFS should be added to the trusted store New-SPTrustedRootAuthority -Name "ADFS Token Signing Root Authority" -Certificate $cert
Appendix: Claims Viewer Web Part Add the claim viewer web part to your site pages when testing custom claim providers:

Recommandé

SharePoint Saturday Toronto July 2012 - Antonio Maio
SharePoint Saturday Toronto July 2012 - Antonio MaioSharePoint Saturday Toronto July 2012 - Antonio Maio
SharePoint Saturday Toronto July 2012 - Antonio MaioAntonioMaio2
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointAntonioMaio2
 
SharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based AuthenticationSharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based AuthenticationJonathan Schultz
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based AuthenticationMohammad Yousri
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuidePhuong Nguyen
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaicationSean Xiong
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthKashif Imran
 

Recommandé

SharePoint Saturday Toronto July 2012 - Antonio Maio
SharePoint Saturday Toronto July 2012 - Antonio MaioSharePoint Saturday Toronto July 2012 - Antonio Maio
SharePoint Saturday Toronto July 2012 - Antonio MaioAntonioMaio2
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointAntonioMaio2
 
SharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based AuthenticationSharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based AuthenticationJonathan Schultz
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based AuthenticationMohammad Yousri
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuidePhuong Nguyen
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaicationSean Xiong
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthKashif Imran
 
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...Xamarin
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
Authentication through Claims-Based Authentication
Authentication through Claims-Based AuthenticationAuthentication through Claims-Based Authentication
Authentication through Claims-Based Authenticationijtsrd
 
Leveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsLeveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsAvtex
 
T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point Thorbjørn Værp
 
Hybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioHybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioAntonioMaio2
 
Claims-Based Identity, Facebook, and the Cloud
Claims-Based Identity, Facebook, and the CloudClaims-Based Identity, Facebook, and the Cloud
Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
AD FS Workshop | Part 2 | Deep Dive
AD FS Workshop | Part 2 | Deep DiveAD FS Workshop | Part 2 | Deep Dive
AD FS Workshop | Part 2 | Deep DiveGranikos GmbH & Co. KG
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...Brian Culver
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010Spencer Harbar
 
Stateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTStateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTMobiliya
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)Jay Simcox
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
Cloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialCloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialVMware Tanzu
 
Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Danny Jessee
 
How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?rlsoft
 
Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1
Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1
Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1Vinu Gunasekaran
 
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy WalkthroughAzure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy WalkthroughVinu Gunasekaran
 
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupUnderstanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupEPC Group
 
Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...
Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...
Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...Mahmoud Hamed Mahmoud
 

Contenu connexe

Tendances

Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...Xamarin
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
Authentication through Claims-Based Authentication
Authentication through Claims-Based AuthenticationAuthentication through Claims-Based Authentication
Authentication through Claims-Based Authenticationijtsrd
 
Leveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsLeveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsAvtex
 
T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point Thorbjørn Værp
 
Hybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioHybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioAntonioMaio2
 
Claims-Based Identity, Facebook, and the Cloud
Claims-Based Identity, Facebook, and the CloudClaims-Based Identity, Facebook, and the Cloud
Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...Brian Culver
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010Spencer Harbar
 
Stateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTStateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTMobiliya
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)Jay Simcox
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
Cloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialCloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialVMware Tanzu
 
Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Danny Jessee
 
How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?rlsoft
 
Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1
Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1
Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1Vinu Gunasekaran
 
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy WalkthroughAzure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy WalkthroughVinu Gunasekaran
 

Tendances (20)

Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
Create a Uniform Login Experience with a Centralized Cloud Authentication Sys...
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
 
Authentication through Claims-Based Authentication
Authentication through Claims-Based AuthenticationAuthentication through Claims-Based Authentication
Authentication through Claims-Based Authentication
 
Leveraging SharePoint for Extranets
Leveraging SharePoint for ExtranetsLeveraging SharePoint for Extranets
Leveraging SharePoint for Extranets
 
T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point
 
Hybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioHybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio Maio
 
Claims-Based Identity, Facebook, and the Cloud
Claims-Based Identity, Facebook, and the CloudClaims-Based Identity, Facebook, and the Cloud
Claims-Based Identity, Facebook, and the Cloud
 
AD FS Workshop | Part 2 | Deep Dive
AD FS Workshop | Part 2 | Deep DiveAD FS Workshop | Part 2 | Deep Dive
AD FS Workshop | Part 2 | Deep Dive
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010
 
Stateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTStateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWT
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
Cloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony FinancialCloud Native Journey in Synchrony Financial
Cloud Native Journey in Synchrony Financial
 
Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010
 
How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?How to deploy SharePoint 2010 to external users?
How to deploy SharePoint 2010 to external users?
 
Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1
Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1
Azure AD B2C Webinar Series: Identity Protocols OIDC and OAuth2 part 1
 
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy WalkthroughAzure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
 

En vedette

Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupUnderstanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupEPC Group
 
Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...
Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...
Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...Mahmoud Hamed Mahmoud
 
Exam Cram for 70-488: Developing Microsoft SharePoint Server 2013 Core Solutions
Exam Cram for 70-488: Developing Microsoft SharePoint Server 2013 Core SolutionsExam Cram for 70-488: Developing Microsoft SharePoint Server 2013 Core Solutions
Exam Cram for 70-488: Developing Microsoft SharePoint Server 2013 Core SolutionsBecky Bertram
 
Real world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedReal world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedAntonioMaio2
 
Overcoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePointOvercoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePointAntonioMaio2
 
What’s new in SharePoint 2016!
What’s new in SharePoint 2016!What’s new in SharePoint 2016!
What’s new in SharePoint 2016!AntonioMaio2
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?AntonioMaio2
 
Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365AntonioMaio2
 
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?Scott Hoag
 
SharePoint 2013 REST API & Remote Authentication
SharePoint 2013 REST API & Remote AuthenticationSharePoint 2013 REST API & Remote Authentication
SharePoint 2013 REST API & Remote AuthenticationAdil Ansari
 
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365Scott Hoag
 
Understanding Identity Management with Office 365
Understanding Identity Management with Office 365Understanding Identity Management with Office 365
Understanding Identity Management with Office 365Perficient, Inc.
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
 
Exam 70-489 Developing Microsoft SharePoint Server 2013 Advanced Solutions Le...
Exam 70-489 Developing Microsoft SharePoint Server 2013 Advanced Solutions Le...Exam 70-489 Developing Microsoft SharePoint Server 2013 Advanced Solutions Le...
Exam 70-489 Developing Microsoft SharePoint Server 2013 Advanced Solutions Le...Mahmoud Hamed Mahmoud
 
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your EnterpriseSAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your EnterpriseDenis Gundarev
 
Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Nordic Infrastructure Conference
 

En vedette (17)

Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC GroupUnderstanding Office 365’s Identity Solutions: Deep Dive - EPC Group
Understanding Office 365’s Identity Solutions: Deep Dive - EPC Group
 
Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...
Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...
Exam 70-488 Developing Microsoft SharePoint Server 2013 Core Solutions Learni...
 
Exam Cram for 70-488: Developing Microsoft SharePoint Server 2013 Core Solutions
Exam Cram for 70-488: Developing Microsoft SharePoint Server 2013 Core SolutionsExam Cram for 70-488: Developing Microsoft SharePoint Server 2013 Core Solutions
Exam Cram for 70-488: Developing Microsoft SharePoint Server 2013 Core Solutions
 
Real world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedReal world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - published
 
Overcoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePointOvercoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePoint
 
What’s new in SharePoint 2016!
What’s new in SharePoint 2016!What’s new in SharePoint 2016!
What’s new in SharePoint 2016!
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?
 
Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365
 
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
 
SharePoint 2013 REST API & Remote Authentication
SharePoint 2013 REST API & Remote AuthenticationSharePoint 2013 REST API & Remote Authentication
SharePoint 2013 REST API & Remote Authentication
 
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
 
Understanding Identity Management with Office 365
Understanding Identity Management with Office 365Understanding Identity Management with Office 365
Understanding Identity Management with Office 365
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
 
Exam 70-489 Developing Microsoft SharePoint Server 2013 Advanced Solutions Le...
Exam 70-489 Developing Microsoft SharePoint Server 2013 Advanced Solutions Le...Exam 70-489 Developing Microsoft SharePoint Server 2013 Advanced Solutions Le...
Exam 70-489 Developing Microsoft SharePoint Server 2013 Advanced Solutions Le...
 
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your EnterpriseSAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your Enterprise
 
Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...
 
Resume
ResumeResume
Resume
 

Similaire à Develop Custom Claim Providers

Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011Joris Poelmans
 
Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1Vinu Gunasekaran
 
Azure Active Directory by Nikolay Mozgovoy
Azure Active Directory by Nikolay MozgovoyAzure Active Directory by Nikolay Mozgovoy
Azure Active Directory by Nikolay MozgovoySigma Software
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
SharePoint Saturday The Conference DC - Are you who you say you are share poi...
SharePoint Saturday The Conference DC - Are you who you say you are share poi...SharePoint Saturday The Conference DC - Are you who you say you are share poi...
SharePoint Saturday The Conference DC - Are you who you say you are share poi...Liam Cleary [MVP]
 
MongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day OneMongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day OneMongoDB
 
NIC 2014 Modern Authentication for the Cloud Era
NIC 2014 Modern Authentication for the Cloud EraNIC 2014 Modern Authentication for the Cloud Era
NIC 2014 Modern Authentication for the Cloud EraMorgan Simonsen
 
Deep Dive on Amazon Cognito - DevDay Austin 2017
Deep Dive on Amazon Cognito - DevDay Austin 2017Deep Dive on Amazon Cognito - DevDay Austin 2017
Deep Dive on Amazon Cognito - DevDay Austin 2017Amazon Web Services
 
Community call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platformCommunity call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platformMicrosoft 365 Developer
 
Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010Steve Sofian
 
ESPC15 - Extending Authentication and Authorization
ESPC15 - Extending Authentication and AuthorizationESPC15 - Extending Authentication and Authorization
ESPC15 - Extending Authentication and AuthorizationEdin Kapic
 
Citrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile EnterpriseCitrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile EnterpriseDigicomp Academy AG
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Kris Wagner
 
AAD B2C custom policies
AAD B2C custom policiesAAD B2C custom policies
AAD B2C custom policiesRory Braybrook
 
Authorization in asp
Authorization in aspAuthorization in asp
Authorization in aspOPENLANE
 

Similaire à Develop Custom Claim Providers (20)

Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011
 
Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1
 
Azure Active Directory by Nikolay Mozgovoy
Azure Active Directory by Nikolay MozgovoyAzure Active Directory by Nikolay Mozgovoy
Azure Active Directory by Nikolay Mozgovoy
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
SharePoint Saturday The Conference DC - Are you who you say you are share poi...
SharePoint Saturday The Conference DC - Are you who you say you are share poi...SharePoint Saturday The Conference DC - Are you who you say you are share poi...
SharePoint Saturday The Conference DC - Are you who you say you are share poi...
 
SPSBE 2013 Claims for devs
SPSBE 2013 Claims for devsSPSBE 2013 Claims for devs
SPSBE 2013 Claims for devs
 
MongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day OneMongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day One
 
NIC 2014 Modern Authentication for the Cloud Era
NIC 2014 Modern Authentication for the Cloud EraNIC 2014 Modern Authentication for the Cloud Era
NIC 2014 Modern Authentication for the Cloud Era
 
Deep Dive on Amazon Cognito - DevDay Austin 2017
Deep Dive on Amazon Cognito - DevDay Austin 2017Deep Dive on Amazon Cognito - DevDay Austin 2017
Deep Dive on Amazon Cognito - DevDay Austin 2017
 
Community call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platformCommunity call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platform
 
2310 b 16
2310 b 162310 b 16
2310 b 16
 
2310 b 16
2310 b 162310 b 16
2310 b 16
 
.NET MAUI + Azure AD B2C
.NET MAUI + Azure AD B2C.NET MAUI + Azure AD B2C
.NET MAUI + Azure AD B2C
 
Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010Claims Based Identity In Share Point 2010
Claims Based Identity In Share Point 2010
 
Amazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Cognito Deep Dive
Amazon Cognito Deep Dive
 
ESPC15 - Extending Authentication and Authorization
ESPC15 - Extending Authentication and AuthorizationESPC15 - Extending Authentication and Authorization
ESPC15 - Extending Authentication and Authorization
 
Citrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile EnterpriseCitrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile Enterprise
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365
 
AAD B2C custom policies
AAD B2C custom policiesAAD B2C custom policies
AAD B2C custom policies
 
Authorization in asp
Authorization in aspAuthorization in asp
Authorization in asp
 

Plus de AntonioMaio2

Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
 
Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365AntonioMaio2
 
A beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioA beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioAntonioMaio2
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamAntonioMaio2
 
Information security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioInformation security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioAntonioMaio2
 
Office 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maioOffice 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maioAntonioMaio2
 
Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...AntonioMaio2
 
A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013AntonioMaio2
 
Best practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 publishedBest practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 publishedAntonioMaio2
 
Keeping SharePoint Always On
Keeping SharePoint Always OnKeeping SharePoint Always On
Keeping SharePoint Always OnAntonioMaio2
 
Best practices for Security and Governance in SharePoint 2013
Best practices for Security and Governance in SharePoint 2013Best practices for Security and Governance in SharePoint 2013
Best practices for Security and Governance in SharePoint 2013AntonioMaio2
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...AntonioMaio2
 
Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013AntonioMaio2
 
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013AntonioMaio2
 
SharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudSharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudAntonioMaio2
 
Share point security 101 sps-ottawa 2012 - antonio maio
Share point security 101 sps-ottawa 2012 - antonio maioShare point security 101 sps-ottawa 2012 - antonio maio
Share point security 101 sps-ottawa 2012 - antonio maioAntonioMaio2
 
Webinar: Take Control of SharePoint Security
Webinar: Take Control of SharePoint SecurityWebinar: Take Control of SharePoint Security
Webinar: Take Control of SharePoint SecurityAntonioMaio2
 

Plus de AntonioMaio2 (17)

Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + Security
 
Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365
 
A beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioA beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maio
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat team
 
Information security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioInformation security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maio
 
Office 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maioOffice 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maio
 
Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...
 
A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013
 
Best practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 publishedBest practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 published
 
Keeping SharePoint Always On
Keeping SharePoint Always OnKeeping SharePoint Always On
Keeping SharePoint Always On
 
Best practices for Security and Governance in SharePoint 2013
Best practices for Security and Governance in SharePoint 2013Best practices for Security and Governance in SharePoint 2013
Best practices for Security and Governance in SharePoint 2013
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
 
Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013
 
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
 
SharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudSharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the Cloud
 
Share point security 101 sps-ottawa 2012 - antonio maio
Share point security 101 sps-ottawa 2012 - antonio maioShare point security 101 sps-ottawa 2012 - antonio maio
Share point security 101 sps-ottawa 2012 - antonio maio
 
Webinar: Take Control of SharePoint Security
Webinar: Take Control of SharePoint SecurityWebinar: Take Control of SharePoint Security
Webinar: Take Control of SharePoint Security
 

Dernier

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 

Dernier (20)

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 

Develop Custom Claim Providers

  • 1. Developing Custom Claim Providers to Enable Authorization in SharePoint Antonio Maio Senior SharePoint Architect & Senior Manager Microsoft SharePoint Server MVP Email: Antonio.maio@protiviti.com Blog: www.trustsharepoint.com Slide share: http://www.slideshare.net/AntonioMaio2 Twitter: @AntonioMaio2
  • 2. Agenda  Introduction: Claims in SharePoint 2013  Getting the Right Claims for Authorization  Developing a Custom Claim Provider  Example Claim Providers  Deployment and Final Considerations
  • 4. Authentication vs Authorization  Authentication Process of determining that a user is who they say they are  Authorization Process of determining resources a user has access to and the level of access they are granted
  • 5. Authentication Options  Claims Based Authentication (Default)  Forms Based Authentication (FBA – thru Claims)  Classic Mode  Integrated Windows Authentication  NTLM  Kerberos  Basic Authentication  Only configurable through PowerShell Classic Mode has been deprecated! Configuration UI has been removed and is only available thru PowerShell.
  • 6. Claims Based Identity  What is a Claim?  A statement that one subject makes about itself : name, identity, group, privilege, capability, etc.  Examples: name, email, logon name, security groups, employment status, security clearance, department, etc.  What is Claims Based Identity/Authentication  A standards based exchange and trust identities across networks  Trust is a key element – achieved through digital signatures  Claims are packaged in a standard format (SAML)… issued and digitally signed by a trusted source (security token service)… and exchanged over a standard protocol (SAML)
  • 7. Claims Based Authentication  Claims are an Authentication Mechanism  Based on SAML or WS-Federation (Passive) tokens  Supports WS-Fed  Supports SAML 2.0 token format, SAML 1.1 protocol  SharePoint Online  Supports SAML 2.0 protocol, WS-Fed (Passive)  Result: Authenticated User & Security Token  Built-in SharePoint Security Token Service (STS)  Integrated Windows Authentication  Forms Based Authentication  Trusted Identity Provider  External STS (Ex. Active Directory Federation Services – ADFS)
  • 8. Claims Based Authentication  Configured within Central Administration on each Web Application • In Central Admin > Click Manage Web Applications • Select the specific Web Application • Click Authentication Providers • Select the Zone • Select the authentication protocol
  • 9. Claims as Permissions  Claims are also trusted attributes about users  Tokens are digitally signed by the issuer (IP-STS)  Claims can be assigned as permissions  With a permission level  Assign to sites, libraries, folders, items/documents  SharePoint applies permissions based on claims  User with matching claim when they sign in, SharePoint grants level of access to content  Behave like domain groups
  • 10. SharePoint Permission Examples Users, Groups or Claims Finance (AD Group) has Full Control on Library A Contractors (SP Group) has Read access on site B John.Smith (AD user) has Contribute access on Document C ‘Clearance=Secret’ has Full Control access on Document X ‘EmploymentStatus=FTE’ has Contribute access on Site Z User, Group, or Claim (also called a ‘Principle’) Permission Level (collection of permissions) Information Object (item or container)
  • 11. Getting the Right Claims into SharePoint for Authorization
  • 12. Claims Based Authorization  Specific to the user  Performed done without knowing who the user is  Dynamic – ex. changes in a user’s security clearance  Based on external systems (HR systems, SQL, etc.)  Alternative to security groups – Groups do not scale  Policy Example: user must be part of GroupA and GroupB and GroupC to access a resources
  • 13. What types of claims do we need?  Military, Intelligence, Government Defense  Security Clearance  Caveat  Need to Know  Commercial  Department or Team  Role  Current Date/Time, Current Device (BYOD)  Group Membership with multiple groups  Aerospace/Defense Contracting  Nationality + Current Location  Homeland Security  Agency (law enforcement, emergency response, public health…)  Scope or Level (local, state, federal)  Current Threat Level
  • 14. Identity Provider (IP) Claims Based Authentication Process/Call Flow SharePoint 2013 Active Directory (AD DS) Active Directory Federation Services (ADFS) 1 2 3 4 5 6 7 1 Request a web page 2 Obtain login page from the ADFS server 3 Request a SAML security token 4 Validate user credentials with the identity provider 5 Send a SAML security token 6 Send a new web page request containing the SAML token 7 Create SharePoint security token & send the requested web page Fed Auth Cookie Custom Claim Provider Custom Claim Provider … Custom Claim Provider <Claim> <Claim> <Claim> ADFS Signing Cert Public Portion of ADFS Signing Cert
  • 16. Custom Claim Providers  SharePoint farm level feature  Can deploy more than one  Called after user is authenticated  After Trusted Identity Provider has already returned claims  Built on WIF (Windows Identity Framework)  Used to augment claims  Used to transform claims  Used to resolve/search claims in People Picker
  • 17. Building a Custom Claim Provider 1. Add necessary References Microsoft.SharePoint Microsoft.IdentityModel Browse to find it in Program FilesReference AssembliesMicrosoftWindows Identity Foundationv3.5Microsoft.IdentityModel.dll 2. Add necessary Using statements using System; using System.Xml; using System.IO; using System.ServiceModel.Channels; using System.Collections.Generic; using System.Linq; using System.Text; using Microsoft.SharePoint; using Microsoft.SharePoint.Administration; using Microsoft.SharePoint.Administration.Claims; using Microsoft.SharePoint.WebControls; 3. Add a Class which inherits from SPClaimProvider namespace SampleClaimProvider { public class ClearanceClaimProvider : SPClaimProvider { public ClearanceClaimProvider (string displayName) : base(displayName) { } } }
  • 18. Building a Custom Claim Provider 4. Implement the Abstract class Methods: FillClaimTypes FillClaimValueTypes FillClaimsForEntity FillEntityTypes FillHierarchy FillResolve(2 overrides) FillSchema FillSearch Properties: Name SupportsEntityInformation SupportsHierarchy SupportsResolve SupportsSearch public class ClearanceClaimProvider:SPClaimProvider { } Right click on SPClaimProvider and select…
  • 19. Building a Custom Claim Provider 5. Implement Required Properties public override string Name {get { return ProviderInternalName; }} public override bool SupportsEntityInformation {get { return true; }} public override bool SupportsHierarchy {get { return true; }} public override bool SupportsResolve {get { return true; }} public override bool SupportsSearch {get { return true; }} Must return True for Claims Augmentation Returns the Claim Provider unique name Supports hierarchy display in people picker Supports resolving claim values Supports search operation
  • 20. Building a Custom Claim Provider 6. Create Static Properties for Name internal static string ProviderDisplayName { get { return “Security Clearance"; } } internal static string ProviderInternalName { get { return “SecurityClearanceProvider"; } }
  • 21. Building a Custom Claim Provider 7. Create Data Source and Helper Functions private string[] SecurityLevels = new string[] { "None", "Confidential", "Secret", "Top Secret" }; private static string ClearanceClaimType { get { return "http://schemas.sample.local/clearance"; } } private static string ClearanceClaimValueType { get { return Microsoft.IdentityModel.Claims.ClaimValueTypes.String;} } • Adding a claim with type URL http://schemas.sample.local/clearance and the claim’s value is a string
  • 22. Building a Custom Claim Provider 8. Implement Methods to Augment Claims FillClaimTypes FillClaimValueTypes FillClaimsForEntity protected override void FillClaimTypes(List<string> claimTypes) { if (claimTypes == null) throw new ArgumentNullException("claimTypes"); claimTypes.Add(ClearanceClaimType); } protected override void FillClaimValueTypes(List<string> claimValueTypes) { if (claimValueTypes == null) throw new ArgumentNullException("claimValueTypes"); claimValueTypes.Add(ClearanceClaimValueType); }
  • 23. 9. Implement FillClaimsForEntity to augment claims protected override void FillClaimsForEntity(Uri context, SPClaim entity, List<SPClaim> claims) { if (entity == null) throw new ArgumentNullException("entity"); if (claims == null) throw new ArgumentNullException("claims"); if (String.IsNullOrEmpty(entity.Value)) throw new ArgumentException("Argument null or empty", "entity.Value"); //if existing Clearance claim is ‘top secret’ then add lower levels clearances if (. . .) { claims.Add(CreateClaim(ClearanceClaimType, SecurityLevels[0], ClearanceClaimValueType)); claims.Add(CreateClaim(ClearanceClaimType, SecurityLevels[1], ClearanceClaimValueType)); claims.Add(CreateClaim(ClearanceClaimType, SecurityLevels[2], ClearanceClaimValueType)); } . . . } Building a Custom Claim Provider
  • 24. Customizing the People Picker FillEntityTypes Set of possible claims to display in the people picker FillHierarchy Hierarchy for displaying claims in the people picker FillResolve(2 overrides) Resolving claims specified in the people picker FillSchema Specifies the schema that is used by people picker to display claims/entity data FillSearch Fills in search results in people picker window Other Important Methods: Replacing the People Picker
  • 25. Using Claims for Authorization  You will assign claims as permissions either  Through People Picker  Programmatically through code  In both cases you must implement  FillEntityTypes  FillHierarchy  FillResolve(2 overrides)  FillSchema  FillSearch …or the augmented claims will not be available to you!
  • 26. Using Claims for Authorization  FillEntityTypes protected override void FillEntityTypes(List<string> entityTypes) { //Return the type of entity claim we are using entityTypes.Add(SPClaimEntityTypes.FormsRole); }
  • 27. Using Claims for Authorization  FillHierarchy protected override void FillHierarchy(Uri context, string[] entityTypes, string hierarchyNodeID, int numberOfLevels, SPProviderHierarchyTree hierarchy) { if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole)) return; switch (hierarchyNodeID) { case null: // when it 1st loads, add all our nodes hierarchy.AddChild(new Microsoft.SharePoint.WebControls.SPProviderHierarchyNode (SecurityClearance.ProviderInternalName, “SecurityClearance”, “Security Clearance”, true)); break; default: break; } } hierarchy.AddChild(new Microsoft.SharePoint.WebControls.SPProviderHierarchyNode (SecurityClearance.ProviderInternalName, “Caveat”, “Caveat”, true));
  • 28. Using Claims for Authorization  FillResolve (1st override) protected override void FillResolve(Uri context, string[] entityTypes, SPClaim resolveInput, List<PickerEntity> resolved) { if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole)) return; Microsoft.SharePoint.WebControls.PickerEntity pe = GetPickerEntity (resolveInput.ClaimType, resolveInput.Value); resolved.Add(pe); }
  • 29. Using Claims for Authorization  FillResolve (2nd override) protected override void FillResolve(Uri context, string[] entityTypes, string resolveInput, List<PickerEntity> resolved) { if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole)) return; //create a matching entity and add it to the return list of picker entries Microsoft.SharePoint.WebControls.PickerEntity pe = GetPickerEntity (ClearanceClaimType, resolveInput); resolved.Add(pe); pe = GetPickerEntity(CaveatClaimType, resolveInput); resolved.Add(pe);
  • 30. Using Claims for Authorization  GetPickerEntity private Microsoft.SharePoint.WebControls.PickerEntity GetPickerEntity (string ClaimType, string ClaimValue) { Microsoft.SharePoint.WebControls.PickerEntity pe = CreatePickerEntity(); // set the claim associated with this match & tooltip displayed pe.Claim = CreateClaim(ClaimType, ClaimValue, ClaimValueType); pe.Description = SecurityClearance.ProviderDisplayName + ":" + ClaimValue; // Set the text displayed in people picker pe.DisplayText = ClaimValue; // Store in hash table, plug in as a role type entity & flag as resolved pe.EntityData[Microsoft.SharePoint.WebControls.PeopleEditorEntityDataKeys. DisplayName] = ClaimValue; pe.EntityType = SPClaimEntityTypes.FormsRole; pe.IsResolved = true; pe.EntityGroupName = "Additional Claims"; return pe; }
  • 31. Using Claims for Authorization  FillSchema protected override void FillSchema(SPProviderSchema schema) { schema.AddSchemaElement(new Microsoft.SharePoint.WebControls.SPSchemaElement( Microsoft.SharePoint.WebControls.PeopleEditorEntityDataKeys.DisplayName, "Display Name", Microsoft.SharePoint.WebControls.SPSchemaElementType.Both)); }
  • 32. Using Claims for Authorization  FillSearch protected override void FillSearch(Uri context, string[] entityTypes, string searchPattern, string hierarchyNodeID,int maxCount, SPProviderHierarchyTree searchTree) { if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole)) return; // The node where we will place our matches Microsoft.SharePoint.WebControls.SPProviderHierarchyNode matchNode = null; Microsoft.SharePoint.WebControls.PickerEntity pe = GetPickerEntity (ClearanceClaimType, searchPattern); if (!searchTree.HasChild(“SecurityClearance”)) { // create the node so that we can show our match in there too matchNode = new Microsoft.SharePoint.WebControls.SPProviderHierarchyNode (SecurityClearance.ProviderInternalName, “Security Clearance”, “SecurityClearance”, true); searchTree.AddChild(matchNode); } else
  • 33. Using Claims for Authorization  FillSearch protected override void FillSearch(Uri context, string[] entityTypes, string searchPattern, string hierarchyNodeID,int maxCount, SPProviderHierarchyTree searchTree) { if (!EntityTypesContain(entityTypes, SPClaimEntityTypes.FormsRole)) return; // The node where we will place our matches Microsoft.SharePoint.WebControls.SPProviderHierarchyNode matchNode = null; Microsoft.SharePoint.WebControls.PickerEntity pe = GetPickerEntity (ClearanceClaimType, searchPattern); if (!searchTree.HasChild(“SecurityClearance”)) { // create the node so that we can show our match in there too matchNode = new Microsoft.SharePoint.WebControls.SPProviderHierarchyNode (SecurityClearance.ProviderInternalName, “Security Clearance”, “SecurityClearance”, true); searchTree.AddChild(matchNode); } else { // get the node for this security level matchNode = searchTree.Children.Where(theNode => theNode.HierarchyNodeID == “SecurityClearance”).First(); } // add the picker entity to our tree node matchNode.AddEntity(pe); }
  • 35. Claim Provider Examples  Example 1: Access sensitive information only during work hours protected override void FillClaimsForEntity(Uri context, SPClaim entity, List<SPClaim> claims) { . . . DateTime now = DateTime.Now; if((now.DayOfWeek == DayOfWeek.Saturday)||(now.DayOfWeek == DayOfWeek.Sunday)) { claims.Add(CreateClaim(WorkDayClaimType,”false”, WorkDayClaimValueType)); return; } //9 o'clock AM DateTime start = new DateTime(now.Year, now.Month, now.Day, 9, 0, 0)); //5 o'clock PM DateTime end = new DateTime(now.Year, now.Month, now.Day, 17, 0, 0)); if ((now < start) || (now > end)) { claims.Add(CreateClaim(WorkDayClaimType,”false”, WorkDayClaimValueType)); return; } claims.Add(CreateClaim(WorkDayClaimType, ”true”, WorkDayClaimValueType)); }
  • 36. Claim Provider Examples  Example 2: Information Release Dates for Mergers and Acquisitions  Create a SharePoint list: release dates registered for each acquisition – name it ‘Acquisition Release Register’  List item specifies: acquisition project name, release date  Document library holding acquisition documents: add a ‘lookup’ metadata column pointing to ‘Acquisition Release Register’  With every document added user selects a release entry from the Acquisition Release Register  Use 3rd party tools or code to add a claim based permission to the item that matches the metadata column value (project name)  Custom claim provider uses SQL DB to retrieve all entries for Acquisition Release Register  Custom claim provider compares current date to entries in Acquisition Release Register  If now is later than release date then add project name to user’s claims  If user has claim in their identity matching acquisition project name, then they get access to the acquisition documents
  • 38. Deploying Custom Claim Provider  Deployed as a Farm Level Feature Receiver – requires more code  Must inherit from SPClaimProviderFeatureReceiver (lots of examples)  Can deploy multiple claim providers  Called in order of deployment  Once deployed - Available in every web app, in very zone  Can cause performance issues  When user logs in, all Custom Claim Providers deployed get called  Set IsUsedByDefault property in Feature Receiver Def'n to False, then turn it on manually for required web apps
  • 39. Some Final Considerations  Reach out to SQL database, LDAP, Repository for attributes which will get added as claims  Custom Claim Provider running in the context of the web application, and not the site the user is logging into  Logged in as the Central Admin Service Account  Do not have context (Most methods have no HTTP Context nor SPContext.Current)  Cannot directly access data on the Site you signed into  For Debugging use a Claims Testing Web Part in SharePoint: http://blogs.technet.com/b/speschka/archive/2010/02/13/figuring- out-what-claims-you-have-in-sharepoint-2010.aspx
  • 40. Developing Custom Claim Providers to Enable Authorization Antonio Maio Senior SharePoint Architect & Senior Manager Microsoft SharePoint Server MVP Email: Antonio.maio@protiviti.com Blog: www.trustsharepoint.com Slide share: http://www.slideshare.net/AntonioMaio2 Twitter: @AntonioMaio2 Thank You!
  • 41. Appendix: PowerShell to Register Trusted Provider & Map Claim Types # Make sure the claim types are properly defined in the ADFS server $map = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" - IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming $map2 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" -IncomingClaimTypeDisplayName "Role" -SameAsIncoming $map3 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.sp.local/EmployeeStatus" - IncomingClaimTypeDisplayName "EmployeeStatus" -SameAsIncoming # The realm will identify the web app in ADFS. It is generally created in the form "urn:foo:bar" $realm = "urn:sp-server-2010.sp.local:sharepoint2010" # Use the certificate that has been exported from the ADFS server $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("c:adfs20Certificate.cer") # The url below will tell SharePoint where to redirect to in order to authenticate with the STS # so this should have the ADFS url, plus the protocol (Windows integrated security - "/adfs/ls") $signinurl = "https://adfs20.sp.local/adfs/ls" # Adds the STS (AD FS 2.0) to SharePoint $ap = New-SPTrustedIdentityTokenIssuer -Name "ADFS20 Provider" -Description "SharePoint secured by ADFS20" -realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map,$map2,$map3 -SignInUrl $signinurl -IdentifierClaim $map.InputClaimType # The certificate imported from the ADFS should be added to the trusted store New-SPTrustedRootAuthority -Name "ADFS Token Signing Root Authority" -Certificate $cert
  • 42. Appendix: Claims Viewer Web Part Add the claim viewer web part to your site pages when testing custom claim providers: