(2012-09-22) Claims Based Authorizations For Sharepoint Through ADFS (Part 9)
Posted by Jorge on 2012-09-22
–
For the previous part click on the following link: Claims Based Authorizations For Sharepoint Through ADFS (Part 8)
–
At this point everything is in place for at least the primary site collection administrator to be able to logon against the SP2010 claims based web application. This way I’m able to configure roles within the SP2010 claims based web application to use roles to assign permissions. This allows other (federated) users to access the SP2010 web application based upon their assigned role.
SP2010 knows of three permissions and for each permission I have configured a role. If you have the role, you also get the corresponding permission.
ROLE: ”ROLE_adcorp.app.ADFSAppClaimsOwner” –> PERM: ”Full Control”
ROLE: ”ROLE_adcorp.app.ADFSAppClaimsContributor” –> PERM: ”Contribute”
ROLE: ”ROLE_adcorp.app.ADFSAppClaimsViewer” –> PERM: ”Read”
So, now lets configure these roles and corresponding permissions within the SP2010 web application.
So, open up internet explorer and navigate to “https://app-claims.adcorp.lab:446/” and:
- Click on “Site Actions” –> “Site Permissions”
- Click on “Grant Permissions”
- In the lower right corner of the users/groups field click on the address book icon
- Enter ONE OF THE ABOVE ROLES in the FIND field and click on the search button
- Make sure to select the Role node and the click on the role that was found and then click OK
- Click OK
Repeat these steps for every role that needs to be configured and assign the correct permissions as also stated above.
Figure 1: Configuration Of The “ROLE_adcorp.app.ADFSAppClaimsOwner” Role With The SP2010 Web Application And Assigning The “Full Control” Permission To It
–
Figure 2: Configuration Of The “ROLE_adcorp.app.ADFSAppClaimsContributor” Role With The SP2010 Web Application And Assigning The “Contribute” Permission To It
–
Figure 3: Configuration Of The “ROLE_adcorp.app.ADFSAppClaimsViewer” Role With The SP2010 Web Application And Assigning The “Read” Permission To It
–
After this the roles and permissions look like:
Figure 4: The Configured Roles/Accounts And Corresponding Permissions For The SP2010 Web Application
–
For the next part click on the following link: Claims Based Authorizations For Sharepoint Through ADFS (Part 10)
–
Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————
Claims Based Authorizations For Sharepoint Through ADFS (Part 10) « Jorge's Quest For Knowledge! said
[…] Server Core (2) « (2012-09-22) Claims Based Authorizations For Sharepoint Through ADFS (Part 9) […]