Presentation is loading. Please wait.

Presentation is loading. Please wait.

SPC204 Security Problems in SharePoint 2010 Authentication and Authorization.

Published byConrad Marsh Modified over 9 years ago

Similar presentations

Presentation on theme: "SPC204 Security Problems in SharePoint 2010 Authentication and Authorization."— Presentation transcript:

1

2 SPC204

3

4 Security Problems in SharePoint 2010

5 Authentication and Authorization

6 Let’s start with a basic question

7 User Authentication in SharePoint 2013

8 App Authentication in SharePoint 2013

9 SharePoint App Architecture

10 App Start Page

11

12 App Web

13 App Web Hosting Domain https://tedpattison-4b5b001f544dc0.sharepoint.com/sites/TedsDevSite/MyFirstApp

14 Internal Authentication

15 App Hosting Models

16 Provider-Hosted App

17 Autohosted App

18 External Authentication

19 Authentication and Security Token Type

20 SharePoint 2013 Authentication Flow Important: this flow only for calls that target a CSOM or a REST endpoint

21

22 Permissions in SharePoint 2013

23 SharePoint Permission Policies

24 App Permissions

25 Adding Permission Requests

26 Permission Requests Product Permission Provider Target Object Capability

27 App-Only Permissions

28 Granting Consent in SharePoint 2013

29

30

31 Managing App Permissions on the Web

32 OAuth 2.0 Primer

33 OAuth Concepts and Terms

34 Windows Azure ACS

35 App Principals

36 Security Tokens used in OAuth

37 OAuth Protocol Flow in Office 365 1 1 2 2 3 3 4 4 5 5 6 6 7 7 8 8 9 9 10

38 TokenHelper Class

39 Steps to using OAuth in Office 365

40

41

42 Managing App Principals in Office 365

43 AppRegNew.aspx

44 AppInv.aspx

45 AppPrincipals.aspx

46 Getting a Client ID from the Seller Dashboard

47 App Manifest for an Autohosted App

48 Web.config for an Autohosted App

49 App Manifest for a Provider-hosted App

50 Web.config for a Provider-hosted App

51 Incoming Data

52 Context Token

53 Access Token

54 Acquiring Access Tokens

55 Making REST Calls with OAuth

56 Making CSOM Calls with OAuth

57

58

59 Requesting Permissions on the Fly

60 Authorization by a Privileged User

61 Using the Authorization Code

62

63

64 MySPC

65

Download ppt "SPC204 Security Problems in SharePoint 2010 Authentication and Authorization."

Similar presentations

Bob German Principal Architect Introduction to Cloud Hosted Apps Your apps here!

Bob German Principal Architect Introduction to Cloud Hosted Apps Your apps here!
@jerry_yasir. 2007 SharePoint IIS Code runs from GAC on same w3wp.exe as SharePoint web application 2010 SharePoint IIS Sand box Code runs on SPUCWorkerProcess.exe.

@jerry_yasir SharePoint IIS Code runs from GAC on same w3wp.exe as SharePoint web application 2010 SharePoint IIS Sand box Code runs on SPUCWorkerProcess.exe.
Extending Your Reach with SharePoint and Office. Ignite: Office SharePoint Azure.

Extending Your Reach with SharePoint and Office. Ignite: Office SharePoint Azure.
(Rob) Contoso photo Contoso ? Contoso photo Contoso.

(Rob) Contoso photo Contoso ? Contoso photo Contoso.
App for SharePoint (*.app) Widgets Dashboards Data roll ups.

App for SharePoint (*.app) Widgets Dashboards Data roll ups.
SharePoint-hostedAutohostedProvider-hosted All components are deployed to SharePoint Only the wrapper for the app is deployed to SharePoint Separate.

SharePoint-hostedAutohostedProvider-hosted All components are deployed to SharePoint Only the wrapper for the app is deployed to SharePoint Separate.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
0 Who Are You and What Do You Want? Working with Oauth in SharePoint 2013 Eric Shupps SharePoint MVP.

0 Who Are You and What Do You Want? Working with Oauth in SharePoint 2013 Eric Shupps SharePoint MVP.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
Microsoft ® Official Course Creating Robust and Efficient Apps for SharePoint Microsoft SharePoint 2013 SharePoint Practice.

Microsoft ® Official Course Creating Robust and Efficient Apps for SharePoint Microsoft SharePoint 2013 SharePoint Practice.
GRDevDay March 21, 2015 Cloud-based Identity for Applications.

GRDevDay March 21, 2015 Cloud-based Identity for Applications.
Silver SponsorsGold Sponsors Bronze Sponsors SharePoint App Model Redefine your SharePoint Customisation Erwin Tsai SharePoint Solution Architect Techfly.

Silver SponsorsGold Sponsors Bronze Sponsors SharePoint App Model Redefine your SharePoint Customisation Erwin Tsai SharePoint Solution Architect Techfly.
Microsoft ® Official Course Developing Remote-hosted Apps for SharePoint Microsoft SharePoint 2013 SharePoint Practice.

Microsoft ® Official Course Developing Remote-hosted Apps for SharePoint Microsoft SharePoint 2013 SharePoint Practice.
Vienna/Austria Authenticate as entitled user or app for the individual service Authenticate as entitled user for our web portal Decide what.

Vienna/Austria Authenticate as entitled user or app for the individual service Authenticate as entitled user for our web portal Decide what.
 Any device, anywhere, anytime  New discovery channels  New ways of working  Redefined expectations for apps.

 Any device, anywhere, anytime  New discovery channels  New ways of working  Redefined expectations for apps.
Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.
Fraser Technical Solutions, LLC

Fraser Technical Solutions, LLC
SharePoint-Hosted App Provision an isolated sub web on a parent web (separate domain) Reuse web elements (lists, files, out-of-box web parts) No.

SharePoint-Hosted App Provision an isolated sub web on a parent web (separate domain) Reuse web elements (lists, files, out-of-box web parts) No.
Intro to Apps Minnesota SharePoint User Group Raymond April 2014.

Intro to Apps Minnesota SharePoint User Group Raymond April 2014.
Familiar Toolsets Embracing Web standards to provide developers choice and flexibility.

Familiar Toolsets Embracing Web standards to provide developers choice and flexibility.

Similar presentations

Ads by Google