SharePoint Authentication methods overview

Window Authentication

– authentication managed by Windows Server and IIS

Forms Based Authentication

– authentication managed by ASP.NET and an authentication provider

Claims Authentication

– authentication managed by a security token service (STS

 

SharePoint creates a profile for each user a the site collection level

– User information list used to track identities

–  Identity seen by developers as SPUser

 

User information list is automatically created at the top level site.

– Tracks security principals using an integer ID

 

SharePoint may rely on external source for authentication but it controls all authorisation to its resources and entities.