Foreword by Steve Peschka
As you prepare to dive into this guide and gain a deeper understanding of the integration between claims authentication and Microsoft® SharePoint® 2010, you may find the following admission both exhilarating and frightening at the same time: two years ago I knew virtually nothing about claims authentication. Today, I sit here writing a foreword to an extensive guide on the topic. Whether that’s because a few people think I know a thing or two about claims, or just that no one else could spare the time to do it, well, I'll leave that for you to decide.
Fortunately, this guide will give you a big advantage over what I had to work with, and by the time you’re finished reading it you’ll understand the symbiotic relationship between claims and SharePoint 2010; the good news is that it won’t take you two years to do so.
I’ll be the first to admit that claims authentication, in different flavors, has been around for a number of years. Like many technologies that turn into core platform components though, it often takes a big bet by a popular product or company to get a technology onto the map. I think SharePoint 2010 has helped create acceptance for claims authentication. Changes of this magnitude are often hard to appreciate at the time, but I think we’ll look back at this release some day and recognize that, for many of us, this was the time when we really began to appreciate what claims authentication offers.
From Windows claims, or authentication as we've always known it, to the distributed authentication model of SAML claims, there are more choices than ever before. Now we can use federated authentication much more easily with products such as Active Directory® Federation Services (ADFS) 2.0, or even connect our SharePoint farms to authentication providers in the cloud, such as the Microsoft Azure™ AppFabric Access Control Service. We aren't authenticating only Windows users anymore; we can have users authenticate against our Active Directory from virtually any application—SiteMinder, Yahoo, Google, Windows Live, Novell eDirectory. Now we can even write our own identity provider using Microsoft Visual Studio® and the Windows Identity Foundation framework. We can use those claims in SharePoint; we can add our own custom claims to them, we can inject our own code into the out-of-the-box people picker, and much more.
I believe this guide provides you with the foundation to help you take advantage of all of these opportunities and more. Many people from around the company either directly or indirectly helped to contribute to its success. Here’s hoping you can build on it and turn it into your own success.
Steve Peschka
Principal Architect
Microsoft SharePoint Online – Dedicated