token authentication and SharePoint

Discussion in 'other software & services' started by qwertyjjj, Apr 2, 2007.

Thread Status:
Not open for further replies.
  1. qwertyjjj

    qwertyjjj Registered Member

    Joined:
    Apr 2, 2007
    Posts:
    10
    We are thinking of setting up a SharePoint solution.
    The problem is with authentication on the internet side so that we can allow people to access the SharePoint system from outside of the network.
    I realise that SharePoint come with Kerberos built in but I'm not sure this will be enough. As far as I understand it, Kerberos relies on the user knowing a long term key. If someone was to find out the long term key then the security is basically rendered useless?

    Discussions have been thrown around about using a 2 stage authentication process such as a token or maybe emailing a key to users.

    Any ideas on the pros and cons of this with specific reference to SharePoint or internet portals ?
     
  2. ravin

    ravin Registered Member

    Joined:
    May 2, 2003
    Posts:
    241
    Location:
    South Carolina
  3. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Its been a while since I did sharepoint development, but you can the different authentication methods that IIS supports (as sharepoint services run on top of IIS), eg Basic, Integrated Windows etc. As well as using Kerberos you can use NTLM, but be aware that NTLM and Kerberos wont work through proxy servers.

    Your best bet is to use Client Certificates. This allows you to use SSL and can be used on extranets (through firewalls/proxies), though I have no experience of setting SSL and certificates up for Sharepoint though.

    Theres a whole chapter in the Sharepoint Resource kit book and I think a google or search around http://www.microsoft.com/resources/documentation/wss/2/all/adminguide/en-us/stse10.mspx?mfr=true will help.
     
  4. qwertyjjj

    qwertyjjj Registered Member

    Joined:
    Apr 2, 2007
    Posts:
    10
    Thanks - I'll have a look through.
    I don't believe SharePoint supports a 2 stage authentication process does it such as utilising tokens - this would have to be self developed ?

    Kerberos only authenticates that the user says who they say they are but if they have the username and password to access a SharePoint server externally then I'm ot sure I really understand how this helps...
     
Thread Status:
Not open for further replies.