I was always selecting the first one not because I knew why I am selecting it, but because it's defaultly selected. So today I thought to learn about these two authentication modes and select the suitable one rather than just selecting the default option. I am writing down what I learned, so anyone who is doing the same thing like me can stop repeating it in the future.
SharePoint 2010 supports variety of authentication methods which will fall into various authentication method categories. Since I am no professional of these and these are some serious topics of their own, I will just write it this way.
|Method category||Authentication methods|
|Windows authentication||NTLM |
|Forms-based authentication||Lightweight Directory Access Protocol (LDAP) |
Microsoft SQL Server database or other database
Custom or third-party membership and role providers
|SAML token-based authentication||Active Directory Federation Services (AD FS) 2.0 |
Third-party identity provider
Lightweight Directory Access Protocol (LDAP)
In SharePoint 2010, authentication modes determine how client computers authenticate with it's resources. SharePoint 2010 supports these two authentication modes,
- Claims Based Authentication
- Classic Mode Authentication
The nice point is this. If you use Claims Based Authentication, you can use all the supported authentication methods listed in the above table. And if you use Classic Mode Authentication, you will only be able to use methods under Windows authentication category.
In Claims Based Authentication what will happen is, user obtains a security token that is digitally signed by a commonly trusted identity provider and contains a set of claims. Each claim represents a specific item of data about the user such as his or her name, group memberships, and role on the network. Claims-based authentication is user authentication that utilizes claims-based identity technologies and infrastructure. Applications that support claims-based authentication obtain the security token from the user and use the information within the claims to determine access to resources. No separate query to a directory service like ADDS is needed. Claims-based authentication in Windows is built on Windows Identity Foundation (WIF) which is a prerequisite to install SharePoint 2010.
In Classic Mode Authentication, user accounts are treated by SharePoint Server 2010 as Active Directory Domain Services (ADDS) accounts.
Hope you all got a good understanding about Claims Based Authentication & Classic Mode Authentication. Appreciate your feedback.