Search This Blog

Tuesday, September 2, 2014

Some Difference and Good Topics in SP

Differences between .NET vs. SharePoint?

Feature  
.NET
SharePoint
Creation:
Code need to be written even to achieve simple functionality
Lots of pre-defined web parts and elements available no need to write the code.
Time:
Takes time to create the code and test
Very less time required
Skilled Professionals:
Skilled professionals are required to create the functionality
Even novice professionals can do so easily
License Requirement:
Not required at the time of deployment of solution
Free versions available, but in case of extensive requirements License is required
What are the key differences between Site template and site definition?

Site Definitions
Site Templates
Site Definitions are the foundations on which all sites and user templates are built. Site Definition is collection ox XML and .aspx file. Site Definitions are predefined components needs to be included when a site was created in SharePoint server. Site Definition contains information of Web Part , Lists, Features and navigation bars to be included in the site
Site template approach for SharePoint Site Creation is easier, and just requires the use of the Web interface and occasionally Microsoft FrontPage. Content can be saved with site template
Files are on disk, better performance.
Files are in content database, less efficient.
Highly customizable and extensible (XML and .NET code is much more flexible than UI)
Not easily extensible (users are limited by what UI offers)
Can provision multiple webs
Can only provision one web


























What can be deployed as a Sandbox solution in SharePoint 2010?
Users can deploy the below four things as sandboxed solutions:
  • WebParts.
  • Event Receivers.
  • List Definitions.
  • Workflows.
What is ghosted page and Un-ghosted page ? 
  • ghosted page: is a page in SharePoint website which is not stored in the database instead it reference to a file which exists in the server’s file system. These reference files are common for all the website/site collection within that SharePoint server, i.e., if user modify a reference file then that change will reflect in all the websites/site collections within that SharePoint server automatically.
  • Un-ghosted page: changes done in an un-ghosted page will not reflect in other websites within that SharePoint server.
What is the directory structure created during SharePoint installation?
The directory created while installing SharePoint 2010 is
C:\Program Files\Common Files\Microsoft Shared\web server extension\14
  • ADMISAPI
  • BIN
  • CONFIG
  • HCCab
  • Help
  • ISAPI
  • LOGS
  • Policy
  • Resources
  • TEMPLATE – Sub Directories (1033, Admin, FEATURES, LAYOUTS, IMAGES, PAGES, Themes, SQL, XML, ControlTemplates, Document templates, IDENTITYMODEL, Site Template, GLOBAL).
  • UserCode
  • WebClients
  • WebServices
 What has Changed in SharePoint 2010 Object model? 
Microsoft has replaced the “12 hive” structure that we had in SharePoint 2007 with “14 Hive” structure in 2010. It has apparently added four new folders to its hive. The Folders are:
  • Policy 
  • UserCode 
  • WebClients 
  • WebServices 

Different Types of Authentication Architecture In SharePoint 2010

SharePoint 2010 web application in claims mode, different authentication options are available. These options determine the flow of the authentication process.

The steps in the authentication process. It explains, in order, the different routes that the authentication process flow can have, based on the authentication options that are available in SharePoint 2010.
Architecture of the Claims-Based Authentication:











Steps in the Claims-Based Authentication Process:
  • The client requests a SharePoint resource.
  • As part of the request pipeline, if the request is not authenticated, the authentication components route the request based on the authentication settings for that zone.
  • The request is then processed by the authentication components. When more than one authentication method is configured for the given zone, the authentication selection page enables the user to choose the authentication method. If only one authentication method is specified, the request is processed directly by the specified authentication method.
  • The user is authenticated by the identity provider.
  • If authentication succeeds, the SharePoint security token service (STS) generates a claims-based token for the user with the information provided by the identity provider. If additional claims providers are configured, the STS augments the user's token with the claims given by the claims provider. 
  • The claims-based token of the user is sent back to the authentication components.
  • The authentication components redirect the request back to the resource address, with the claims-based token issued for the user.
  • The rest of the request pipeline is executed and a response is sent back to the requestor (client). As part of the request pipeline, the authorization is completed.
The flow of the authentication process is defined by the options that you select during the configuration of the zone.
Architecture of the Windows authentication:
The user selects the option that uses Windows authentication, the user request is redirected to the Windows authentication page, which is silent (no other UI is displayed to the user to indicate that the user is being redirected, unless basic authentication is configured). On the Windows authentication page, when the user is authenticated, a claims-based token is requested and the user is sent back to the requested resource. Because the request contains a claims-based token that was issued by SharePoint STS, a claims identity is created and the request process continues.

















Steps in the Windows Authentication Process:
  • The user requests a SharePoint 2010 resource.
  • User authentication (NTLM challenge/Kerberos negotiation) occurs.
  • The claims-based token request is sent to the SharePoint 2010 STS.
  • SharePoint STS gets the user's security groups from the Windows token and adds them as user claims in the token.
  • The claims-based token is issued.
  • The request is processed by the rest of the components in the pipeline.
  • The response is sent back to the user.
Architecture of the Forms-based Authentication:
The SharePoint forms-based login page collects the credentials of the user, which are then sent to the SharePoint 2010 STS. The STS calls the membership provider that is associated with that web application, to validate the user's credentials. If this succeeds, the STS retrieves the roles that the user belongs to and adds these as claims in the claims-based token that is sent back to the login page. From the login page, after the claims-based token is issued, the user is sent back to the request resource and the process continues in the same way as in Windows authentication.

















Steps in the Forms-based  Authentication Process:
  • The user requests a SharePoint 2010 resource.
  • SharePoint redirects the user to the forms-based authentication login page.
  • The username and password are collected from the user and sent to the SharePoint 2010 STS.
  • STS validates the user's credentials with the membership provider and, if validation succeeds, STS requests all the roles that the user belongs to and adds those claims to the user's token.
  • The SharePoint STS gets additional claims for the user (if an additional claims provider is registered for that web application/zone).
  • The claims-based token is issued to the user.
  • The request is processed by the rest of the components in the pipeline.
  • The response is sent back to the user.
Architecture of the SAML Token-Based Authentication:
Out-of-the box, with the default implementation of Active Directory Federation Services (AD FS), when SAML token-based authentication is enabled in the zone settings, users are redirected to a "silent" authentication page, which then redirects the user to the login page, as specified in the SAML-based authentication provider. After the user is authenticated by the authentication provider, a SAML token is issued, and the user is redirected back to the SharePoint 2010 SAML token–based authentication page. The SAML token is then included in the request with the redirect. This process is known as "passive profiles".

















Steps in the  SAML Token-Based Authentication Process:
  • The user requests a SharePoint 2010 resource.
  • SharePoint redirects the user to the SAML authentication page.
  • Based on the configuration of the trusted login provider, the request is redirected to the enterprise STS login page or to the federated STS login page.
  • The user provides credentials and STS issues a SAML claims-based token.
  • The external STS issues the user claims-based token.
  • A claims-based token for the user is requested from the SharePoint STS, and the token from the external STS is used as the authentication proof.
  • SharePoint STS gets additional claims for the user (if an additional claims provider is registered for that web application or zone).
  • SharePoint STS issues the claims-based token.
  • The request is processed by the rest of the components in the pipeline.
  • The response is sent back to the user.

No comments:

Post a Comment