 Work done by Criti using Security
Our client’s Extranet uses Form-based Authentication for whom we have implemented single-sign-on functionality. We have assisted bureaus in adding SharePoint Groups to a Site Collection, assigning permissions to those groups, creating customer permission groups (e.g. contributor without delete rights), and restricting lists, libraries, sites, and item/document level. We have also provided an Extranet Site for each organization by extending the web application and implementing SSL.
For our clients, we have developed Web Parts to expose links into web-based applications or components of applications, such as specific reports, metric-compiled graphs, and to render database tables as spreadsheets or limited data–entry forms. By wrapping the application–framework security around each of the Web Parts, users see only the data fields for which they have a "need–to–know." The application framework and the SharePoint Web Parts are secured through the same backend Active Directory user groups to ensure consistent security integration–whether the user accesses the data through SharePoint or directly through the application. We also used Active Directory groups to seamlessly integrate the current in–house application with custom in–house .NET applications, and to control access to business objects, data, web services and applications. Membership in those groups can be controlled through Active Directory’s "Users and Computers" interface, SharePoint’s User Management interface or through custom–developed administration panels. |
