TF-EMC2 | Lyon - France | February 2011 SAML WORK WITH SHAREPOINT, OWA, … Jean Marie THIA.

Slides:



Advertisements
Similar presentations
Identity Network Ideals – Heterogeneity & Co-existence
Advertisements

Active Directory Federation Services How does it really work?
Office 365 Identity June 2013 Microsoft Office365 4/2/2017
steve plank “planky” microsoft Lest we forget windows azure appfab
 Jan Alexander Program Manager Microsoft Corporation BB43.
Eunice Mondésir Pierre Weill-Tessier 1 Federated Identity with Ping Federate Project Supervisor: M. Maknavicius-Laurent ASR Coordinator: G. Bernard ASR.
Implementing and Administering AD FS
Eric Raff. Usergroup up
WSO2 Identity Server Road Map
SAML 2.0 og ”Geneva” OIOSAML Workshop 31. marts 2009 Århus René Løhde, Microsoft
March 15, 2011 Active Directory Federation Services 2.0 Overview InCommon Service Provider Training.
SharePoint 2010 Business Productivity: What's new for Developers in Microsoft SharePoint 2010 Matthew McDermott, MVP Aptillon, Able Blue
Identity & Access Management Conversation Karlien Vanden Eynde Product Marketing Manager.
Jax ArcSig 3/22/2011 Keith Tingle. About Me Keith Tingle Lender Processing Services
Identity & Access Control in the Cloud Sachin Vinod Rathi Architect Advisor, Microsoft Corporation Niraj Bhatt Enterprise Architect, Windows Azure MVP.
Problem Statement AD DB App1 DB App2 AD App4 App6 AD App5 Intranet Extranet Cloud AD App3 DB SSO Separate Sign-in Separate Sign-in Separate Sign-in.
GRDevDay March 21, 2015 Cloud-based Identity for Applications.
A claims-based Identity Metasystem
Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
Troubleshooting Federation, AD FS 2.0, and More…
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
SharePoint Design Tools Office Applications.
Claims Based Authentication
First Look Clinic: What’s New for IT Professionals in Microsoft® SharePoint® Server 2013 Sayed Ali (MCTS, MCITP, MCT, MCSA, MCSE )
OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Solution SusQtech (Winchester, VA) SharePoint MVP since 2007 Working with SharePoint since 2001 Work on all types of deployments Dream about.
Troubleshooting Federation, AD FS 2.0, and More…
Enterprise Identity Steve Plank – Microsoft Ivor Bright – Charteris Dave Nesbitt – Oxford Computer Group.
ADFS in the U.T. System U.S. Federations Call - May 18, 2011 Paul Caskey System-wide Information Services.
Windows Azure Dave Glover Developer Evangelist Microsoft Australia Tel:
IT Unity Webinar Series September 2015 Using Azure Active Directory to Secure Your Apps.
Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.
SharePoint Security Fundamentals Introduction to Claims-based Security Configuring Claims-based Security Development Opportunities.
Identity & Access Control in the Cloud Name Title Organization.
Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Forms Based Auth Windows SAML Claim TypeValue NameidentifierContoso\gbadea PrimarysidS UserlogonnameContoso\gbadea.
SIM401. A. Datum Account Forest Trey Research Resource Forest Federation Trust Microsoft (Users) E-Company Store (Resource) Contoso(Users)Contoso(Users)Fabrikam(Resource)Fabrikam(Resource)
Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.
Brian Puhl Principal Technology Architect MSIT Identity & Access Management Microsoft Corporation SESSION CODE: SIA302.
Adxstudio Portals Training
Enabling Shibboleth attributes for Sharepoint Facts – Microsoft Sharepoint (WSS v3 & MOSS 2007) uses.Net role provider to assign authorization. – Shibboleth.
Linus Joyeux Valerie Alonso Managing consultantLead consultant blue-infinity (Switzerland) Active Directory Federation Services v2.
Alex Thissen | Achmea Designing and implementing a claims-based architecture Alex Thissen | Achmea Claim typeValue
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
Prabath Siriwardena, Director of Security, WSO2 Twitter
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
Networks ∙ Services ∙ People Jean Marie THIA GN4-1 Symposium, Vienna A case study GÉANT AuthN / AuthZ 9 march 2016 Solutions Architect -
ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.
Web SSO with Cloud Resources using AD Federation Services
Application Authentication using Azure AD
SharePoint Authentication and Authorization
Stop Those Prying Eyes Getting to Your Data
Azure Active Directory - Business 2 Consumer
Introduction to Windows Azure AppFabric
Analyn Policarpio Andrew Jazon Gupaal
Federation Systems, ADFS, & Shibboleth 2.0
Solving the Identity Crisis
Identity Federations - Overview
Cross-Org Collaboration using SharePoint 2010 & AD FS 2.0
ACS Functionality.
Windows Identity Foundation Overview
Office 365 Identity Management
Office 365 Identity Management
Matthew Levy Azure AD B2B vs B2C Matthew Levy
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
ACS and WIF.
07 | Introduction to Authentication
A lap around Azure AD B2C custom policies
Presentation transcript:

TF-EMC2 | Lyon - France | February 2011 SAML WORK WITH SHAREPOINT, OWA, … Jean Marie THIA

Agenda 1 - Demonstrations 2 - Explanations 3 - Story Questions

1 : Authentication Connect to a web application Connect to Sharepoint Connect to Outlook Web Access

1 : SharePoint authZ A MS Word use case – From the desktop – From SharePoint Set authorization in SharePoint

Explanations

SharePoint STS SharePoint STS 2 : SharePoint ADFS 2.0 WS Fed. SAML 2.0

2 : Outlook Web Access ADFS 2.0 Kerberos SAML 2.0 Mapping C2WTS

2 : ADFS manipulation Map shibboleth attribute Map OWA user

Story Claim based access control microsoft.identityModel

3 : WIF Core claims API (microsoft.identityModel) SAML Token WS Federation protocol SAML 2.0 protocol with Safewhere

3 : WIF compatibility IsInRole works ( web.config declaration )

3 : WIF programming IClaimsIdentity id =((IClaimsPrincipal)Thread.CurrentPrincipal).Identities[0]; // you can use a simple foreach loop to find a claim... string users = null; foreach (Claim c in id.Claims) { if (c.ClaimType == System.IdentityModel.Claims.ClaimTypes. ) { Users = c.Value; break; } // you can also use LINQ to find a claim string usersFirstName = (from c in id.Claims where c.ClaimType == System.IdentityModel.Claims.ClaimTypes.GivenName select c).First().Value;

3 : ADFS 2.0 Uses SAML 2.0 Protocol – Liberty alliance IdP Lite – Liberty alliance SP Lite – eGov SAML 2.0 Profile v1.5 Uses WS-* Protocol Interoperate with Oracle, CA, SUN, Shibboleth, PingIdentity, … Is a separate download !

3 : ADFS 2.0 architecture Configuration Database Account & Attribute Stores

3 : Terminologies AD FS 2.0SAML 2.0 Security TokenAssertion ClaimsAssertion Attributes Claims ProviderIdentity Provider Relying PartyService Provider Realm Home Discovery (RHD) Security Token Service (STS)

3 : Azure ACS ADFS for the cloud Extended interoperability (Oauth, openID, google, facebook, etc.)

Conclusion + – Many guides. – AuthZ with claims augmentation. – Claims compatibility with old code. - – Federation metadata

ADFS v2 - Guides Sharepoint 2010 Federated Collaboration with Shibboleth 2.0 and SharePoint 2010 Technologies Outlook Web Access 2010 Exposing OWA 2010 with AD FS 2.0 to other organizations In Common AD FS 2.0 Step-by-Step Guide: Federation with Shibboleth 2 and the InCommon Federation

Webcast Architecting claims-aware application From N to Z: Authentication and Authorization in Microsoft SharePoint Server Developing Microsoft SharePoint Server 2010 Solutions with Claims Authentication

Links at Microsoft Patterns & Practices A guide to claims-based to Identity and Access Control MSDN WIF : C2WTS : IdM : ADFS 2.0 on Technet

Questions ? twitter.com/jm_thia

Thanks for your attention

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.