Chapter 3. SharePoint App Security

Let’s begin with a basic question: what is a security principal? In a common scenario in a Windows network environment, a security principal can be a user with an account in Active Directory. But, the concept of a security principal goes far beyond that. A security principal can also be a user with an account in some other type of identity management system such as Microsoft ASP.NET forms-based authentication (FBA), Microsoft Account, or Facebook.

There are also common scenarios in which a security principal will not have a one-to-one mapping to a human being. For example, an Active Directory security group is a type of security principal, as is an FBA role. A computer becomes a first class security principal ...

Get Microsoft® SharePoint® 2013 App Development now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.