You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Federating access to Microsoft's Sharepoint

Space to collect information related to providing federated access to Sharepoint services, both WSS and MOSS-based. Sharepoint, as a collaboration service, will be a Service Provider endpoint, so in particular we are interested in how to accept authentication and attribute assertions from a variety of identity providers and use those to authorize access to collaboration resources managed by a Sharepoint instance. Certainly an initial focus is on InCommon, Shibboleth (or other SAML-supporting software), and the web browser.

Some initial strategies

  • There is an extension for the 1.3.x Shibboleth Identity Provider (IdP) which allows the IdP to interact with ADFS (Microsoft's Active Directory Federation Service). ADFS can be used to control access to Sharepoint (at least some aspects of it). So the Shib/ADFS bridge support should be one method of providing federated access to Sharepoint. However, not many institutions appear to have explored ADFS much yet, let alone Shibboleth to ADFS interoperability. One institution that is known to have done this is the University of Missouri, and they have presented on their work. See the following blog post for a reference to a slide deck from one of their presentations:
  • No labels