what's the authorization model of moss2007?
Hi all,
i've implemented a membership provider, and it works.
while, i am confused about the Role provider. Does it have something to do with sharepoint groups or permission levels?
can i take over sharepoint's default authorization mechanism, and implement it by my custom code?
i have a table which have two columns, one for username, the other for the sharepoint groups he or she belongs to.
how to get moss to take these information into account when it decide users' permissions .
note: data in this table(users and their groups) is maintained by other programs.
is there some detailed description about sharepoint's authorization model?
thanksAndrew
BI, Data Mining, Analytical CRM
November 19th, 2010 11:09am
Hi,
Authorization refers to the process by which Windows SharePoint Services provides security for Web sites, lists, folders, or items
by determining which users can perform specific actions on a given object. The authorization process assumes that the user has already been authenticated, which refers to the process by which Windows SharePoint Services identifies the current user. Windows
SharePoint Services does not implement its own system for authentication or identity management, but instead relies solely on external systems, whether Microsoft Windows or non-Windows authentication.
There have three types of authentication: Windows, Asp.net forms and Delegated. You can use Form authentication to authenticate
users stored in AD, a SQL database or in LDAP directory. And you can develop custom membership and role provider for your form authentication.
For more information, please refer to:
http://msdn.microsoft.com/en-us/library/ms457529(v=office.12).aspx
http://msdn.microsoft.com/en-us/library/bb975135(office.12).aspx
Hope it helps.
Xue-Mei Chang
Free Windows Admin Tool Kit Click here and download it now
November 23rd, 2010 1:58am
Thanks Xue-Mei,
ur reply is informative and the links are useful indeed.
while IMHO, they are mainly about authentication.
are there some more details on authorization?
In my previous scenario, ofcuz, i can manually add users to sharepoint groups, so the users inherit the groups' permission.
however, there are too many users and the user-group relationships are stored in an external datasource.
do i need to write a program to monitor the user-group relationship and then modify correspondingly in MOSS2007?
thanks
Andrew
BI, Data Mining, Analytical CRM
November 24th, 2010 2:11am
Thanks Xue-Mei,
ur reply is informative and the links are useful indeed.
while IMHO, they are mainly about authentication.
are there some more details on authorization?
In my previous scenario, ofcuz, i can manually add users to sharepoint groups, so the users inherit the groups' permission.
however, there are too many users and the user-group relationships are stored in an external datasource.
do i need to write a program to monitor the user-group relationship and then modify correspondingly in MOSS2007?
thanks
Andrew
BI, Data Mining, Analytical CRM
Free Windows Admin Tool Kit Click here and download it now
November 24th, 2010 2:11am
There's a power point
here and more info that might help on top of Xue-Mei's information.
More Info -
http://blogs.msdn.com/b/arpans/archive/2008/05/09/sharepoint-end-user-security.aspx
Hard Limits -
http://weblogs.asp.net/erobillard/archive/2008/09/11/sharepoint-security-hard-limits-and-recommended-practices.aspx Kris Wagner, MVP, MCITP, MCTS Twitter @sharepointkris Blog: http://www.sharepointkris.com/blog
November 24th, 2010 2:47am
There's a power point
here and more info that might help on top of Xue-Mei's information.
More Info -
http://blogs.msdn.com/b/arpans/archive/2008/05/09/sharepoint-end-user-security.aspx
Hard Limits -
http://weblogs.asp.net/erobillard/archive/2008/09/11/sharepoint-security-hard-limits-and-recommended-practices.aspx Kris Wagner, MVP, MCITP, MCTS Twitter @sharepointkris Blog: http://www.sharepointkris.com/blog
Free Windows Admin Tool Kit Click here and download it now
November 24th, 2010 2:47am
There's a power point
here and more info that might help on top of Xue-Mei's information.
More Info -
http://blogs.msdn.com/b/arpans/archive/2008/05/09/sharepoint-end-user-security.aspx
Hard Limits -
http://weblogs.asp.net/erobillard/archive/2008/09/11/sharepoint-security-hard-limits-and-recommended-practices.aspx Kris Wagner, MVP, MCITP, MCTS Twitter @sharepointkris Blog: http://www.sharepointkris.com/blog
November 24th, 2010 10:44am