SharePoint 2007 and SiteMinder

Posted by pborovik on Stack Overflow See other posts from Stack Overflow or by pborovik
Published on 2012-12-06T11:01:29Z Indexed on 2012/12/06 11:03 UTC
Read the original article Hit count: 440

Filed under:
|

Here is a question regarding some details how SiteMinder secures access to the SharePoint 2007.

I've read a bunch of materials regarding this and have some picture for SharePoint 2010 FBA claims-based + SiteMinder security (can be wrong here, of course):

  • SiteMinder is registered as a trusted identity provider for the SharePoint;
  • It means (to my mind) that SharePoint has no need to go into all those user directories like AD, RDBMS or whatever to create a record for user being granted access to SharePoint - instead it consumes a claims-based id supplied by SiteMinder
    • SiteMinder checks all requests to SharePoint resources and starts login sequence via SiteMinder if does not find required headers in the request (SMSESSION, etc.)
    • SiteMinder creates a GenericIdentity with the user login name if headers are OK, so SharePoint recognizes the user as authenticated

But in the case of SharePoint 2007 with FBA + SiteMinder, I cannot find an answer for questions like:

  • Does SharePoint need to go to all those user directories like AD to know something about users (as SiteMinder is not in charge of providing user info like claims-based ids)? So, SharePoint admin should configure SharePoint FBA to talk to these sources?
  • Let's say I'm talking to a Web Service of SharePoint protected by SiteMinder. Shall I make a Authentication.asmx->Login call to create a authentication ticket or this schema is somehow changed by the SiteMinder? If such call is needed, do I also need a SiteMinder authentication sequence?
  • What prevents me from rewriting request headers (say, manually in Fiddler) before posting request to the SharePoint protected by SiteMinder to override its defence?

Pity, but I do not have access to deployed SiteMinder + SharePoint, so need to investigate some question blindly. Thanks.

© Stack Overflow or respective owner

Related posts about sharepoint

Related posts about siteminder