Since the beginning of 2011, I’ve had the good fortune of being involved with several projects involving the claims authentication capabilities introduced in SharePoint 2010. The scope of these efforts have ranged from small proof-of-concept demonstrations to large Internet and Intranet production deployments. Some involved custom built Security Token Services (STS) and others relied on […]
Travis Nielsen
Blogs from this Author
403 Forbidden Error with iPhone When Accessing SharePoint 2010 in Claims Mode
If you’re looking to support iPhone on a SharePoint 2010 site that is configured to use an external identity provider like Ping Federate, ADFS 2.0, or a custom STS, you will likely run into this issue. However, you may notice everything works just fine with iPad. Fortunately, the issue can be reproduced on the desktop […]
A little “gotcha” when Migrating “My Site” Content to SharePoint 2010 SAML Claims
We recently ran across an issue a customer was having with the migration of “My Site” content to SharePoint 2010. In their case, the target configuration was Claims Mode using an external STS for authentication. They upgraded their web application to claims-mode, converted the users to SAML claims principals, and then configured the User Profile […]
PerformancePoint Identity Delegation with SAML Claims Providers
From time to time, we have customers who want to offer Microsoft’s Business Intelligence visualization tools like PerformancePoint dashboards as a service to users connecting to SharePoint from the Internet. Typically this represents a pretty big challenge, especially if there’s any requirement that access to the data be granularly filtered at the data tier (Analysis […]
UPDATED: Adding an OpenID Claims Provider for AD FS 2.0 to Extend Access to SharePoint 2010
NOTE: This blog is based on a post originally written in January of 2010 when both SharePoint 2010 and AD FS 2.0 were in Release Candidate stage. The version you are reading here has been updated it to correct some important omissions related to the RTW bits. ======================================================== In my previous post, I demonstrated how […]
UPDATED: How To Add ADFS 2.0 as a Federated Identity Provider in SharePoint 2010
NOTE: This blog is based on a post originally written at the end of 2009 when both SharePoint 2010 and AD FS 2.0 were in Release Candidate stage. The version you are reading here has been updated it to correct some important omissions related to the RTW bits. ======================== One of the most intriguing of […]
Sliding Sessions with SharePoint 2010 and Claims
Back in June 2010, Vittorio Bertocci posted a method to implement sliding sessions with Windows Identity Foundation (WIF) on his blog. While the article addresses ASP.NET applications configured to use WIF, Vittorio mentions that SharePoint 2010 implements sliding sessions for Forms authentication more or less out-of-the-box. Sadly this is not the case for situations where […]
Sign into SharePoint 2010 with Facebook using a custom STS
In an earlier post, I demonstrated how you can use Windows Azure ACS v2 as a Trusted Identity Provider to SharePoint 2010. One of the interesting options that ACS v2 provides is sign-in using Facebook. Using social media as a means to provide single sign on with SharePoint has always been an interest of mine […]
PowerPoint Slides for SharePoint Saturday Twin Cities
I just uploaded my deck for the presentation I’ll be giving tomorrow, October 2 on Claims Authentication. Download here: SPS Twin Cities – Claims The deck is around 50 MB in size due to the demo videos embedded within. Since I’m presenting live, they’re without sound. I plan on re-recording them with sound later this […]
Integrating SharePoint 2010 with Windows Azure Access Control Services v2
I had been meaning to actually read Vittorio’s post from back in early August regarding the new version of Windows Azure AppFabric ACS and I was finally able to do it last weekend. I’m really glad I did. If you’re unfamiliar with Windows Azure ACS and what it does, you might want to check out the […]
SharePoint 2010 Identity Delegation Part 2: Business Connectivity Services
In my last post, I demonstrated how to enable Windows Identity Foundation (WIF) on a WCF web service and configure it to require a SAML 1.1 “ActAs” token from a SharePoint 2010 server. In this post, I’ll demonstrate how this web service and the data it provides can be integrated with SharePoint 2010 in a […]
SharePoint 2010 Identity Delegation Part 1: Claims Aware Web Services
Most of my previous posts involve configuring Claims Mode authentication in SharePoint 2010 and using federated Identity Providers (IP) to authenticate users. I also recently demonstrated how roles can be defined internally and assigned to user identities via ADFS 2.0 through token augmentation. These roles can in turn be used for access control to resources […]