.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
ASPEvil
david stephan
Santhakumar Munuswamy
Fauzul Azmi
Post New Web Links

Classic vs Claims-Based mode for web apps and the issue of PowerPivot

Posted By:      Posted Date: October 19, 2010    Points: 0   Category :SharePoint
 

TechNet documentation http://technet.microsoft.com/en-us/library/cc262350.aspx#section2 Plan authentication methods (SharePoint 2010) that was just (Aug 5th) "entirely updated and revised" states (I have bolded the part I question):

"For new implementations of SharePoint Server 2010, use claims-based authentication. With this option, all supported authentication types are available for Web applications. There is no practical reason to select classic-mode authentication for new deployments, even if your environment includes only Windows accounts. Windows authentication is implemented the same way regardless of the mode that is selected. There are no additional steps to implement Windows authentication when you use the claims-based authentication mode."

But PowerPivot requires classic mode -- http://technet.microsoft.com/en-us/library/ee210621.aspx says "PowerPivot for SharePoint is supported for SharePoint web applications that are configured to use Windows authentication." And then of course there's Dave Wickert's post http://p


View Complete Post


More Related Resource Links

Claims-Based Apps: Claims-Based Authorization with WIF

  

Over the past few years, federated security models and claims-based access control have become increasingly popular. Platform tools in this area have also come a long way. Windows Identity Foundation (WIF) is a rich identity model framework designed for building claims-based applications and services and for supporting active and passive federated security scenarios.

Michele Leroux Bustamante

MSDN Magazine November 2009


Migrate from Classic to Claims based authentication

  
So this is really an outside the normal question and I am hoping someone has some thoughts. I am going to be upgrading a MOSS 2007 farm to MSS2010. I have to move hardware so I will be using the content database attach method for upgrade. The site is current extended to a second IIS Application to support both window and Forms based authentication. Since this is an intranet, unique security is used at the site level (and occasionally at the doc lib level). I want to take advantage of Claims Based Authentication (and use one URL, plus other benefits). I am well aware that that claims based token is not the same as the windows token even though the NTLM user is really the same. Thus that is what presents the issue. I need to "migrate" all of my current NTLM-Classic users to claims based. My first thought is to read the users added to each site (actually role assignments), find all users that have the domain name at the beginning of the member name and add a new users (appending the i:0#.w| to the beginning of the loginname) to the site. This works beautifully and is succesful. The problem arises in the that the role assignments contains SharePoint groups (which we don't use much) and AD groups. the SharePoint groups are ok (yes, I have to migrate the users in them too, but no problem). The AD groups are added via SID when it is claims based. This presents the probl

not able to login to Claims based auth. sweb apps in sharepoint 2010

  

Hi till yesterday I was able to login to claim based web apps in my sharepoint 2010 server. but today they are giving below mentioned error! even though classic mode auth web apps are running fine.

Nor it allow to activate /deactivate any fature to a site collection under claims based web app with same error in event log:

Please help.

error message in event viewer:

 

Log Name:      Application
Source:        Microsoft-SharePoint Products-SharePoint Foundation
Date:          10/8/2010 1:30:59 PM
Event ID:      8311
Task Category: Topology
Level:         Error
Keywords:     
User:          SHAREPOINT2010\administrator
Computer:      sharepoint2k8.sharepoint2010.com
Description:
An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US\nIssuer Name: CN=SharePoint Root Authority, OU=SharePoint, O=Microsoft, C=US\nThumbprint: 85F230FF68A8107A14667844D6741A6C2199C60E\n\nErrors:\n\n UntrustedRoot: A certificate chain processed

Claims Based Authentication and Custom Apps in _layouts Directory

  

Hello everyone,

When we originally setup our SharePoint 2010 installation, we used Windows Classic Authentication. We have since built a couple of custom applications using VS2010 and deployed them to the _layouts directory. These apps query information from our ERP system and display them on a web page. We keep this inside of SharePoint to be consistent with the look and feel of the rest of the intranet.

We had a consultant come in to help with some other items with our SharePoint install and we converted to Claims Based Authentication. Now, when trying to use these custom applications, they ask for a username and password when you submit the information to query. When you provide the info, it does not authenticate and fails after three attempts. Does anyone know what additional steps are necessary for these apps to use the Claims Based Security Tokens? I've scoured the internet for two days looking for answers and haven't come up with anything useful.


Geneva Framework: A Better Approach For Building Claims-Based WCF Services

  

Here we introduce Microsoft Code Name "Geneva," the new framework for building claims-based applications and services, and federated security scenarios.

Michele Leroux Bustamante

MSDN Magazine December 2008


Security Briefs: Exploring Claims-Based Identity

  

Keith Brown introduces you to the new identity model in the Microsoft .NET Framework 3.0.

Keith Brown

MSDN Magazine September 2007


Authorize It: Use Role-Based Security in Your Middle Tier .NET Apps with Authorization Manager

  

Authorization Manager in Windows Server 2003 represents a significant improvement in the administration of role-based security, making it more scalable, flexible, and easier to implement. Using Authorization Manager, you can define roles and the tasks those roles can perform. You can nest roles to inherit characteristics from other roles, and you can define application groups. In addition, Authorization Manager lets you use scripts to modify permissions dynamically, and it allows you to wrap your security logic in a security policy that can be stored in Active Directory. Authorization Manager also includes an easy-to-use API for running access checks. The author discusses all of these topics and demonstrates them with a working sample.

Keith Brown

MSDN Magazine November 2003


Video: Introduction to Claims-based Security in SharePoint 2010

  
Learn how claims-based identity provides a common way for applications to acquire identity information from users inside their organization, in other organizations, and on the Internet. (Length: 23:46)

"Mixed mode assembly is built against version 'v2.0.50727'.... " issue and use custom config file

  
Hi, My Winform applilcation has used Microsoft.SqlServer.Management.Common namespace(assembly :Microsoft.Sqlserver.smo.dll/Microsoft.Sqlserver.ConnectionInfo.dll) and developed in .NET 4.0. Problem:Application is throw an exception when it tries to use above assembly reference methods. Full error text is shown below, "Mixed mode assembly is built against version 'v2.0.50727' of the runtime and cannot be loaded in the 4.0 runtime without additional configuration information. " Error is resolved when we include "app.config" file with below code, <?xml version="1.0"?> <configuration> <startup useLegacyV2RuntimeActivationPolicy="true"> <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/> </startup> </configuration> But, I need to keep configuration file as "renamed.config" and not to include app.config file as of the project requirement.I have set configuration file as "renamed.config" file using below code, //AppDomain.CurrentDomain.SetData("APP_CONFIG_FILE", "d:\\reanmed.config" ); I have also included <Startup> element in this "renamed.config" configuration file and removed the app.config file.But it raise me below error, it always expect app.config file with <Startup> element to resolve this iss

Claims Tips: Learning About Claims-Based Authentication in SharePoint 2010

  
Use these five tips for guidance in solving problems related to using and configuring claims.

Sample: SharePoint Claims-Based Authentication

  
Explore the code as you learn how to create a custom security token service (STS) and set up a trust relationship between a SharePoint 2010 farm and the custom STS.

Infopath 2010 Browser Based Form Vs Infopath 2010 Filler Based Form Issue

  
I have created a detailed infopath form that is connecting to multiple sharepoint lists, some of which contain thousands of rows and dozens of columns.  To tailor for the data load i have enabled the form to only pull in data as needed and on some of the lists i have created 5 or 6 data connections to the same list, each only looking at a certain set of data, and as you make your way through the form selecting your options, the data is pulled in. If i preview this form from within Infopath or if i launch it using Infopath filler this works great, the data is pulled through in under a second.  However if i then publish the form to the browser and launch it through the browser, it now takes roughly 30 seconds to pull in the data. My question is therefore this,  Is there something i can do to speed up the way the data is pulled in when launched through the browser?  are there transport protocols i can alter or something like that? maybe config in central admin or infopath config? any help would be gratefully appreciated as if i can not get the form to pull the data in fast through the browser then the whole project is a waste of time as my management team will never go for the solution if it is slow and will get slower as more data is added. thanks

automatic logon using claims based FBA??

  
I have been using a IHttpModule that performs automatic logon on a forms based authentication using a custom membership provider. This has worked well using any .net asp.net application including SharePoint 2007. The IHttpModule listens for the AuthorizeRequest event of the application and if the user isn't logged in it uses the FormsAuthentication.SetAuthCookie(principal.Identity.Name, persistentCookie); to perform the "login". When I tried this on SharePoint 2010 using a claims based FBA, adding my custom membership provider as documented, I ran into some problems. First, the identity name that needed to be set in the SetAuthCookie was not the normal username, it seemed to be on a syntax like 0#.f|membershipProviderName|UserName If I used this instead (replacing membershipProviderName and UserName) with the actual ones, the login seemed to work (it felt like a hack tough and perhaps there is some better way to do this?) After a bit of testing the site the most seemed to work (a plain SharePoint 2010 site), but when I clicked on a list link (like calendar, events or announcements) I was given a servererror as below.   Has anyone any idéas? /Dan   Server Error in '/' Application. <nativehr>0x8107058a</nativehr><nativestack></nativestack>Operation is not valid due to the current state of the object. Description: An unhandle

Can not init SPSite for claims based authenticated site

  
Hi, trying to write a simple console application i was not able to init a claims based authenticated site with API nor with the Managed Client OM. Opening a site with only windows authentication is working. Running on a Windows Server 2008 R2 and SP 2010 server and logged in as the buildin Administrator account. Administrator is Site Collection Admin. static void Main(string[] args) {     ClientContext context = new ClientContext("http://mypc:300");     Web web = context.Web;     context.Load(web);     context.ExecuteQuery();     ... } throws "The remote server returned an error: (403) Forbidden.". Setting credentials for the context is also not working. or same problem with     static void Main(string[] args) {     using (SPSite spSite = new SPSite("http://mypc:300"))     {         ... throwing FileNotFound-Error. Any idea? Greetings Peter  

Infopath 2010 Browser Based Form Vs Infopath 2010 Filler Based Form Issue

  
I have created a detailed infopath form that is connecting to multiple sharepoint lists, some of which contain thousands of rows and dozens of columns.  To tailor for the data load i have enabled the form to only pull in data as needed and on some of the lists i have created 5 or 6 data connections to the same list, each only looking at a certain set of data, and as you make your way through the form selecting your options, the data is pulled in. If i preview this form from within Infopath or if i launch it using Infopath filler this works great, the data is pulled through in under a second.  However if i then publish the form to the browser and launch it through the browser, it now takes roughly 30 seconds to pull in the data. My question is therefore this,  Is there something i can do to speed up the way the data is pulled in when launched through the browser?  are there transport protocols i can alter or something like that? maybe config in central admin or infopath config? any help would be gratefully appreciated as if i can not get the form to pull the data in fast through the browser then the whole project is a waste of time as my management team will never go for the solution if it is slow and will get slower as more data is added. thanks

AutoLogin for authenticated user via LiveID in Sharepoint 2010 (Claims Based Authentication)

  
Hi,     Im working in integrating LiveID authentication in my Sharepoint site. Live id gives back a token of the user with which i created a dummy profile using MembershipProvider.CreateUser. Now i have to auto login the user with the profile i created, i mean i have to force login to my sharepoint site using the created dummy user details without asking the user to give username n password.Any suggestion will be a great help for me to proceed.   Thanks Saravanan Michael

Should I use claims based authentication?

  
I'm about to setup a web application to host a public facing website. Internal staff will authenticate to the site via Active Directory and we may have a need to allow external users to access "authenticated" parts of the site. To authenticate them we plan to use Windows Live ID. With that in mind,: is it better to set the web application up to use claims based authentication from the start rather than having to change it later? is there anything available as of yet to setup SharePoint 2010 to authenticate against Windows Live ID using claims based authentication?
Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend