geekSpeak Recording: Custom Authentication Providers for SharePoint Server 2007 with Ron Rohlfs
- Posted: Sep 20, 2007 at 11:33 AM
- 9,048 Views
Right click “Save as…”
Ron spends a lot of time architecting Sharepoint solutions for customers. In this geekSpeak, Ron shares some insight into one approach to solving the enterprise problem of managing the sharing of information on your intranet, but also with customers and vendors outsider your organization. Here’s the problem space, in Ron’s words:
It is not uncommon for a business to deliver web based content to multiple groups of end users. For example, a business may wish to deliver content to both internal employees on its intranet, and external users such as clients or vendors on an extranet or a publicly accessible Internet site. In these cases, it is often desirable to use multiple means for authentication. Many businesses authenticate its internal employees against Active Directory. However, it may not be desirable to add extranet users to Active Directory. Extranet users, such as clients or vendors, tend to turn over more rapidly than employees, requiring continuous updating. Furthermore, exposing Active Directory over a publicly accessible site may be associated with an unacceptable level of security risk.
Specifically Ron shows how to have some users authenticated against Active Directory while some users are authenticated against a custom provider. Thanks to the tight integration between Sharepoint 2007 and ASP.NET this is now much more straightforward than in the past. We were fascinated to realize that you can tie Sharepoint right into the good ol’ provider model of Membership and Personalization in ASP.NET. Who’d have thought you’d be using the ASP.NET configuration tool to manage users for Sharepoint site?
Ron has some invaluable guidance for dealing with the Site Collection Administrator when switching membership providers. Ron also warns of a gotcha around membership provide, role provider and site administrator. Sprinkled into the conversation are some good tips on managing SQL Express connections string, web.config files, and more.
So if you can get through the technology experts fumbling around briefly in PowerPoint during the recording, you’ll be rewarded with some useful information.
Don't forget to visit our geekSpeak blog for information on upcoming live geekSpeaks where you can get your questions answered real-time.