Chapter 6. SharePoint security

Let’s begin with a basic question: what is a security principal? In a common scenario in a Windows network environment, a security principal can be a user with an account in Active Directory. But the concept of a security principal goes far beyond that. A security principal can also be a user with an account in some other type of identity management system such as Microsoft ASP.NET forms-based authentication (FBA), Microsoft Account, or Facebook.

There are also common scenarios in which a security principal will not have a one-to-one mapping to a human being. For example, an Active Directory security group is a type of security principal, as is an FBA role. A computer becomes a first-class security principal when ...

Get Inside Microsoft SharePoint 2013 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.