SharePoint 2013 Authentication – Forms Based

Sharepoint 2013

SharePoint 2013 Authentication – Forms Based

The following is the interaction between

  1. Client Computer
  2. SharePoint Server
  3. ASP.NET Membership provider

The Form Based Claims Authentication Process

  1. User does anonymous request to secured SharePoint Webpage
  2. SharePoint responds with form based login page
  3. User types in the credentials and sends back using the client computer
  4. SharePoint server then validates the credentials with membership provider
  5. SharePoint server then queries the roles provider for user’s associated roles
  6. This becomes the role claims for user’s account
  7. SharePoint then creates a claims based security token using Security Token Service
  8. Then SharePoint stores this security token with Distributed Cache Service on the farm
  9. SharePoint server then generates and sends the federated auth cookie back to client computer
  10. The fed auth cookie has encrypted key or index to security token
  11. This fed auth cookie is used by the computer for subsequent requests

The following Video will explain the Forms based authentication in SharePoint 2013. This video is part of the Authentication overview for SharePoint 2013 article located at https://technet.microsoft.com/en-us/library/jj219571.aspx

For more information on SharePoint Claims check out more articles at http://social.technet.microsoft.com/wiki/contents/articles/14214.sharepoint-2013-claims-based-authentication.aspx