Which site template should be used for the mixed authentication?
https://sharepoint.stackexchange.com/questions/147520
-
04-10-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPregunta
Let's say that a client has requirement like this:
Client has to create a SharePoint 2013 on-prem application which will have few lists and which should be accessed by three different types of user like: A. Internal user of the company B. Vendors of the company C. Few anonymous users when they clicks a link it will open another page where they can register themselves as user.
What should be the approach for the design. Which site template should be used and what will be authentication mechanism in this case?
Solución
Be very careful with this design, as it's pretty tricky to do well.
Though first, any site template can be used, as the site template doesn't affect authentication.
Authentication. You could either:
enable both forms and windows auth on the same web app. When a user went to the site, they would get a dropdown selection that asked them if they wanted to log in using forms or windows auth. If they are an internal user, they would pick windows auth and they would get logged in. If they were a vendor, they would pick forms auth and it would redirect them to the login page.
Extend the web app and have forms auth on one and windows auth on the other.
Both of the above have issues. With the first, asking the user to select their authentication method will cause some amount of confusion. With the second, the internal users will be accessing the exact same content as the external users, but from different URLs. If an internal user ever sent a link to an external user, the external user wouldn't be able to access it.
Given the above flaws, three more options:
If there's only a few internal users accessing this site, give them external accounts to work with just this site and enable forms authentication. Internal and external users will access the same site using the same url, and will have a nice login experience. Yes, internal users will need to know an additional username / password, but that is workable if it's a small number of users.
Use Option 1, but add javascript to the page or some other mechanism to redirect the user to the appropriate login page.
Look into using Office 365 for this site.
Also, take a look at the FBA pack for SharePoint 2013, and see the link towards the top of the page to the doc that walks through the process of getting forms auth set up.
