In the first post in this series (http://blogs.technet.com/b/speschka/archive/2011/05/05/federated-saml-authentication-with-sharepoint-2010-and-azure-access-control-service-part-1.aspx) I described how to configure SharePoint to establish a trust directly with the Azure Access Control (ACS) service and use it to federate authentication between ADFS, Yahoo, Google and Windows Live for you and then use that to get into SharePoint. In part 2 I’m going to…
Year: 2011
Federated SAML Authentication with SharePoint 2010 and Azure Access Control Service Part 1
I had been looking at Windows Azure Access Control Service (ACS) with an interesting eye recently, thinking about some of the different integration options. There’s always lots of chatter about claims authentication with SharePoint 2010, and how to integrate ADFS, Windows Live, Facebook, etc. ACS (also known as AppFabric ACS to you Azure purists /…
Bypassing the Multi Authentication Provider Selection Page in SharePoint 2010
SIDE NOTE: Yet another kudos to the fabulous folks that run this site. This latest version now retains even LESS formatting from Word and Visual Studio than before! I didn't think it was possible to make this site any worse than it was, and yet you've shattered, dare I say blown away, my expectations in…
Troubleshooting Tip for Debugging Crawl Issues in SharePoint 2010
I recently came across a very nice troubleshooting methodology when I was trying to debug some authentication issues that were occurring during a SharePoint 2010 crawl. I was getting some errors and also having difficulty getting the information I needed out of the crawl log to some other issues that were occurring. Strangely enough, enter…
How To Add Additional Claims in ADFS 2.0 that can be Consumed in SharePoint 2010
Just a quick tip here to save you a little time in case you decide you want to add additional claims for your users in ADFS 2.0 and have them successfully consumed in SharePoint 2010. The key thing to remember is that SharePoint only supports SAML 1.x, so it requires that the claim type be…
Retrieving Data from a Multi Auth Site Using the Client OM and Web Services in SharePoint 2010
Just the subject line of this post is a mouthful, if it’s any indication of what we’re going to be covering today. This post is going to address an issue that has long bothered myself and others. I just recently started asking around about it and then coincidentally got an email from someone that had…
How to Get the Real Original Issuer for an Identity Claim in SharePoint 2010
I’ve done this task a variety of ways over the past year but finally decided that I should just do things the “right” way. The task is simply enough – when your custom claims provider is being invoked, like during claims augmentation, and you want to know what kind of user they are – Windows…
How to Get All User Claims at Claims Augmentation Time in SharePoint 2010
A fairly constant hurdle when doing claims augmentation in SharePoint 2010 has been trying to figure out what claims a user has when your custom claims provider is invoked to do claims augmentation. For example, the claims you want to augment for a person may depend on the value of other claims the user has,…
How To Get All Claims Providers Associated with a Web Application in SharePoint 2010
I’ve been asked this question a couple times before, which is I want to be able to programmatically find out what claims providers are being used with my web application. This question is usually asked to mean what SPTrustedIdentityTokenIssuers are being used, but the method I’ll demonstrate will reveal those as well as custom claims…
Adding Support for Multiple SharePoint 2010 Farms and the CASI Kit in Your WCF
Someone raised an interesting question the other day about the ability of a WCF application, that's configured as described in Eric White's blog (http://blogs.msdn.com/b/ericwhite/archive/2010/06/18/establishing-trust-between-a-wcf-web-service-and-the-sharepoint-2010-security-token-service.aspx) and the CASI Kit Part 2 (http://blogs.technet.com/b/speschka/archive/2010/11/06/the-claims-azure-and-sharepoint-integration-toolkit-part-2.aspx). The configuration in these blogs describes modifying the web.config for the WCF so that it includes links to an issuer and issuerMetadata address, which…