Active Directory Federation Services (ADFS) is a Microsoft service that enables organizations to take advantage of user single sign-on (SSO) technologies to authenticate a user to multiple, related Web applications over the life of a single online session. ADFS accomplishes this by securely sharing digital identity and entitlement rights, or “claims,” across security and enterprise boundaries.
ADFS includes the following features:
- Web SSO.
- WS interoperability.
- Passive and smart client support.
- Extensible architecture.
Get ADFS Step-by-Step Guide.
Best Regards,
Duane Aritonang
Chief Technology Officer
http://www.ArtDuane.com
1 comment:
I love this! I recommend you pay an attention to the appendix A at the bottom of this document discussing the aspects of using Federation Services with Sharepoint Portal Server 2003. I don't know why the OSS 2007 wasn't included in the document but that doesn't matter as Office Sharepoint Server 2007 is far more powerful in terms on security and administration. But as is the norm, the advances that appear in such technology concepts and implementations like this tends to impose the corresponding requirements on the remaining part of the instrumentation involved into the process. As for me, I see it like it demands us to think more about preparing security measures to control the site security and watch the assignment of the permission throughout the sites hosted on the SharePoint sites. That's reasonable but the standard administration control is mum about the security structure and revealing the security holes caused by misuse of permission management appears to be a complicated task. It could be that for a developer it's preferable to implement all from scratch although a friend of mine who's into programming sharepoint web-parts says he don't like spending the time to manipulate security access settings while testing his applications. Me, being the administrator who maintains some operations on our corporate sites, I want everything to be clear and easily reviewed. Recently I stumbled upon the nice Security Explorer tool from Scriptlogic that has a special control tools to perform permission management for item-level security, and observe the security for all sites within the farm. It seriously remediates the clutter of administering security on several sites that we host here in our company.
Post a Comment