Share Point 2010 user authentication and user information without Active Directory , authontication from ext. system?

Hi,

We are going to build .Net application that is running under share point 2010 umbrella, and we are requested to read user information from Oracle ERP (HR) instead of Active Directory.

1-What are the best options that are available to authenticate users from Oracle ERP instead of Active Directory?
2-Can we use mixed authentication between users from AD and Oracle ERP?
3-How the user identity we be available for share point and also ASP.Net identity?
4-How Share Point will handle authorization things?
5- How Share Point will retrieve user profile such first name, last name, mobile , department …etc?

Thanks

suhaib79Asked:
Who is Participating?
 
GeorgeGerguesCommented:
Interesting question here.

but if you are running Oracel ERP , I would assume you have some sort of LDAP interface like OID or OAM but that is an option.

Answers beblow and those are my own.

1-What are the best options that are available to authenticate users from Oracle ERP instead of Active Directory?
FORMS BASED AUTHENTICATION WOULD BE EASY TO INTERFACE , A BIT HARD TO CODE I, ALSO TRY CLAIMS BASED AUTHENTICATION , BUT AGAIN YOU WILL HAVE TO WRITE CUSTOM IDENTITY PROVIDER ( CHECK WITH ORACLE THEY MAY HAVE ONE ALREADY).


2-Can we use mixed authentication between users from AD and Oracle ERP?
YES : IN CLAIMS BASED YOU CAN , ALSO THE EASY WAY WOULD BE TO HAVE YOUR SHAREPOINT INSTANCE AD AUTH. (BEST PRACTICE) AND EXTEND TO HAVE THE SECOND OR THIRD EXTENSION WITH ORACLE , READ MORE AT TECHNET ON EXTENDING SHAREPOINT SITES.

3-How the user identity we be available for share point and also ASP.Net identity?
THAT WILL BE DEPENDING ON WHERE THE APPLICATION RESIDE , IF YOU ARE RUNNING INSIDE SHAREPOINT , THERE IS A SHAREPOINT CONTEXT WHERE YOU CAN GET AND PUT ALL INFORMATION , ANF IF YOU EXTEND YOUR APPLICATION , YOU ARE STILL WITHIN THE SHARPOINT REALM  BUT DIFFERENT AUTHENTICATION.

4-How Share Point will handle authorization things?
AUTHORIZATION IS MANAGED BY THE GROUP MEMBERSHIPS. BUT THE DEFAULT IS ALL ARE VIEWERS , SO THEY HAVE AT LEAST ACCESS TO AUTHENTICATE.

5- How Share Point will retrieve user profile such first name, last name, mobile , department …etc?
THERE IS A PROFILE SYNC SERVICE ,THAT WILL COLLECT PRECONFIGURED PROPERTIES FROM PROFILE SOURCES AND SYNC PERIODCALLY.
THE DEFAULT IS AD , AND THAT IS VERY STANDARD , YOU CAN ON THE OTHER HAND CONNECT TO ANY LDAP SERVER AND DO THE SAME , AND IN THE ORACLE CASE , YOU CAN USE THE BCS BUSINESS CONNECTIVITY SERVICES  FROM WITHIN SHAREPOINT .



BEST OF LUCK.
0
 
Ted BouskillSenior Software DeveloperCommented:
Why can't you authenticated using ActiveDirectory then pull the Oracle ERP data values using Business Connection Services?  You don't have to use Oracle ERP to authenticate and can read/write profile information to the Oracle ERP as another profile connection source.
0
 
GeorgeGerguesCommented:
I am sorry about using the ALL CAPS :)

didn't think about other options to indicate the answers :)

Best of luck
0
 
suhaib79Author Commented:
Not eveluated yet
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.