15.4. Authentication Provider Model
When developers and companies build most applications, they traditionally tightly integrate the different security models into the project or product. However, the majority of the time these authentication models all have common tasks. These include authenticating the user with the provided username and password, creating new users, resetting passwords, providing some sort of "forgot my password" functionality, and so on.
Similar to site navigation, Microsoft saw this as a challenge and introduced the authentication provider model to ASP.NET 2.0. This provider refactors the implementation of authentication from the application and instead provides a common interface that applications can program against, leaving the implementation to the providers. Because SharePoint is built on top of ASP.NET 2.0, it can fully leverage this model. This provides SharePoint with two different models of authentication: Windows or Forms-based authentication (FBA). However, these two options are misleading. Windows authentication really implies that users will get an NT Challenge Response dialog box like the one shown in Figure 15-1, which authenticates the username and password provided against Active Directory.
Figure 15-1. Figure 15-1
FBA simply changes the model to send users to a Web page where they can enter a username and password. This second option of ...
Get Professional SharePoint® 2007 Web Content Management Development: Building Publishing Sites with Office SharePoint Server 2007 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
