Published: September 27, 2011

This white paper describes how Web applications in Microsoft SharePoint Server 2010 can use claims-based authentication to provide authenticated access to entities that are external to your organization and enable multiple authentication types within a single zone. It also provides many of the details related to setting up a trust configuration, an explanation of runtime considerations and management, configuration details, and programmatic implementations or the use of the extensibility points to turn federated access into a federated SharePoint Server 2010 business solution.

This white paper contains the following sections:

• Overview of Claims-based Identity in SharePoint Server 2010

• Overview Concepts and Terminology

• SharePoint Server 2010 with Active Directory Federation Services 2.0

• Creating Multiple Claims Authentication Web Applications in a Single SharePoint Server 2010 Farm

• Setting the Login Token Expiration Correctly for SharePoint Server 2010 Security Assertion Markup Language (SAML) Claims Users

• Creating a Custom Claims Provider

• Migration of Users in Classic Mode to Trusted Provider Claims

• How to Enable Tracing for SharePoint Server 2010 Claims

• Trusted Identity Providers and User Profile Synchronization

• Using Audiences with Claims-Based Sites

• Implications of Claims Mode Authentication on Service Applications

• Service Applications and the Claims-to-Windows Token Service (C2WTS)

• Using Active Authentication for Custom Development in SharePoint Server 2010 Claims Authentication Web Applications

Download the white paper