In this post we will discuss about some of the security changes in SharePoint 2013 compared to SharePoint 2010.
Also you can check out my previous posts on:
– Content databases are growing too large in SharePoint 2013
– Content Search Web Part in SharePoint 2013
– LayoutsPageBase and UnsecuredLayoutsPageBase in SharePoint 2010
SharePoint 2013 has lots of changes towards the authentication model. Now Claims based authentication is the default for all SharePoint 2013 web applications. Claims based authentication uses tokens to identify users with claims which are nothing but some attributes like user name, email etc.
In SharePoint 2013, through claims you will be able to allow multiple authentication types on a single web application. If you are interested to use classic authentication, then you can use PowerShell to change the default claims based to classic mode.
Another change in SharePoint 2013 is the introduction of OAuth. OAuth is used to authenticate and authorize apps and services, without the user having to provide credentials to the app. It does this by establishing a trust between the app server and SharePoint so the app can access its request. A user signs in to SharePoint 2013 and is authenticated through Claims. They then use an Office Store or an app catalogue app; the app is granted permission by the user to access SharePoint resources on the user’s behalf. When a user launches an app, SharePoint 2013 posts a context token to the app. The app then calls back to SharePoint 2013 to access the SharePoint resources on behalf of the user by using an access token.
If you want to use Active Directory Federation Services, then you can set up multiple applications and systems that trust the authentication cookies you enable, so the user just signs into ADFS and has access to all these systems without having to sign in again.