Authorization vs. Authentication

I was asked the following question today about MOSS: Can MOSS manage passwords? Can I store service account passwords someway in MOSS securely?

Here is an important point about MOSS security:

MOSS does not provide authentication, it only provides authorization. (very important distinction) It relys on either Active Directory or forms authentication to validate passwords. Once AD says yup this person is who they say they are, then Sharepoint takes over. Nowhere in the sharepoint databases will you find a user's password. What you will find in the sharepoint databases is the roles and permissions that a user has.

-Joseph

Comments

Anmol said…
This is really a good difference regarding SharePoint security..
Thanks a lot for sharing such great information....

Regards,
Amol Ghuge

Popular posts from this blog

How to Create and Run Tableau Bridge on Linux Containers

RAM Disks do not speed up Visual Studio

Outlook tip: Turn off Email Contact Pictures