Chapter 6. SharePoint security

Let’s begin with a basic question: what is a security principal? In a common scenario in a Windows network environment, a security principal can be a user with an account in Active Directory. But the concept of a security principal goes far beyond that. A security principal can also be a user with an account in some other type of identity management system such as Microsoft ASP.NET forms-based authentication (FBA), Microsoft Account, or Facebook.

There are also common scenarios in which a security principal will not have a one-to-one mapping to a human being. For example, an Active Directory security group is a type of security principal, as is an FBA role. A computer becomes a first-class security principal when ...

Get Inside Microsoft SharePoint 2013 now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.