Add your own recipe by editing this page

To edit this page, click on "Page Operations" on the left-hand navigation, then click "Edit."

Please add information about how you plan to go about federating Sharepoint.

Authentication 

Microsoft has a web page summarizing authentication methods currently supported for SharePoint.

ADFS

There is an extension for the 1.3.x Shibboleth Identity Provider (IdP)which allows the IdP to interact with ADFS (Microsoft's Active Directory Federation Service). ADFS can be used to control access to SharePoint (at least some aspects of it). So the Shib/ADFS bridge support should be one method of providing federated access to SharePoint. However, not many institutions appear to have explored ADFS much yet, let alone Shibboleth to ADFS interoperability. One institution that is known to have done this is the University of Missouri, and they have presented on their work. See the following blog post for a reference to a slide deck from one of their presentations:

The 2.0 SP also includes ADFS support. The IdP does not yet support it. The community needs to either contribute the necessary plugin or identify it as a priority for core team work.

SharePoint services support for forms authentication

Microsoft has a web page providing details on SharePoint's support for forms authentication. MSDN's Channel 9 Forums also has a video on configuring "Anonymous Access and Forms Authentication with WSS 3.0". There are several products which support federated access to SharePoint using the "forms authentication" method.

  • 9Star Research, Inc. has two products, ActiveShareFS 2003 (for SharePoint 2003) and ActiveShareFS 2007(for SharePoint 2007). The latter is currently in a beta release. Both are a Windows application (based on ASP.NET 2.0) that supports federated identity and access management from Shib IdPs to SharePoint. You install their software along with the following (for SharePoint 2007):
    • Microsoft Win2K3 Server
    • Microsoft IIS 6.0 Server
    • ASP.NET 2.0+
    • Microsoft SharePoint 2007 Server
    • Shibboleth SP Server v1.3+
  • The CICis beginning to explore providing federated access to a collaboration service based on Windows SharePoint Services (WSS) using the ActiveShareFS 2007 software. The possible unknown being using WSS versus a full-fledged SharePoint Server (MOSS). An interesting question if institutions begin to federate access to MOSS-based services is what that potentially means in terms of client-based licenses (CALs). WSS-based services don't incur that possible issue, so that is at least one reason why we'd like to stick with WSS for now.
  • The National Institutes of Health (NIH)has federated support for SharePoint implemented using their CA Siteminder product. The CA (eTrust) Siteminder product has a web agent for IIS and which can function as a SAML Service Provider, and is supporting authentication to SharePoint through forms authentication.
  • No labels