Someone asked me the other day whether we could use claims auth in SharePoint 2010 with ADFS v2 as the identity provider STS (STS-IP), but NOT use SSL on the SharePoint site. In working through it, I found that there are some inherent limitations in making this happen, but not on the SharePoint side. In…
Tag: Claims
Replacing the out of box Name Resolution in SharePoint 2010 – Part 2
A while ago I posted an entry on how to configure your custom claims provider to replace the out of the box claims provider (http://blogs.technet.com/speschka/archive/2010/04/28/how-to-override-the-default-name-resolution-and-claims-provider-in-sharepoint-2010.aspx). I wanted / need to follow up on that posting, because we found some additional details that you will want to have in hand should you go down this route. …
How to Override the Default Name Resolution and Claims Provider in SharePoint 2010
An issue that has frustrated a lot of folks since SharePoint 2007 and the WebSSO provider, and that continues today in SharePoint 2010 when using claims authentication with something like ADFS v2, is name resolution. Meaning that in most cases you can type in any random value you want into the search box, and the…
How to Create Multiple Claims Auth Web Apps in a Single SharePoint 2010 Farm
The question has been coming up more frequently lately about how does one configure multiple web apps that use claims authentication in SharePoint 2010. The primary point of confusion usually comes around the SPTrustedIdentityTokenIssuer. As I noted in a previous post (http://blogs.technet.com/speschka/archive/2010/02/17/planning-considerations-for-claims-based-authentication-in-sharepoint-2010.aspx), you can only associate a token-signing certificate from an STS with one SPTrustedIdentityTokenIssuer. …
Update on Errors for Root Certificate Not Trusted with SharePoint 2010 Claims Authentication
Hey all, I've been away awhile…got in a little vacation finally and also switched groups at Microsoft so I've been buried getting my feet wet in a new job. Things are starting to even out a little so I will hopefully be back writing here a little more often again. I wanted to point out…
Writing a Custom Claims Provider for SharePoint 2010 – Part 4: Supporting Resolve Name
In the first three parts of this series we've implemented just about all of the support needed to do an end-to-end claims provider. In this last post I'll describe how to name resolution support in the type-in control. To add this support we'll need to implement the following property and methods: SupportsResolve and FillResolve. Now…
Writing a Custom Claims Provider for SharePoint 2010 – Part 3: Searching Claims
In the first two parts in this series we've seen how to create a custom provider, do claims augmentation and register the provider, as well as how to add a hierarchy to the people picker. In this post we'll talk about how to implement searching for our claims in the people picker with our custom…
Writing a Custom Claims Provider for SharePoint 2010 – Part 2: Adding Support for Hierarchy Nodes
In Part 1 of this series we showed how to create a custom claims provider, and how to do claims augmentation. In part 2 were going to show a simple way to add a hierarchy to the people picker control. In and of itself this isn't necessarily interesting, but when we get to part 3…
Writing a Custom Claims Provider for SharePoint 2010 – Part 1: Claims Augmentation and Registering Your Provider
This is the first in a series of blogs in which I'll talk about writing a custom claims provider. First, it's probably worth understanding a little background on what a claims provider is and why we might want to use one. A claims provider in SharePoint 2010 is primarily used for two reasons – 1)…
Planning Considerations for Claims Based Authentication in SharePoint 2010
As part of some claims based authentication work I've been doing recently, I've come across two very important constraints. They are manageable constraints, but they are things that you need to know about in advance of setting up and configuring your claims infrastructure in SharePoint 2010. The big items to be aware of: Certificate Uniqueness…