Link to home
Start Free TrialLog in
Avatar of cholter2013

asked on

Sharepoint Authentication

So I am constructing a sharepoint demo environment for my company's product, and we are trying to demonstrate the advantages of using kerberos and the disadvantages of using NTLM. The sites are supposed to be configured so that when the web application uses NTLM, it prompts you for credentials everytime you move to a different site. The web application is made up of three sites, each with their own subsites. So when you move from site A to site B, I need it to ask you for your credentials. Right now all three sites are located under the same web application. Would this only be possible if they were located in separate web apps? I read somewhere that the default security boundary is the site collection, so i created three different site collections for each of the sites and their subsites but it still doesnt prompt me for credentials when I move from one site collection to the other. Unfortunately it wont be sufficient to change the browser settings because the demo users will be exploring the sites from many different browers (some safari, some chrome, some IE). Is there a way to implement the above-described security configuration just through sharepoint? Any advice would be greatly greatly greatly appreciated, I'm racing against the clock!

Thanks so much,
Avatar of abhitrig
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of cholter2013


Would creating three different web applications be the only way? I read a past answer that suggested using basic authentication? The only problem with creating 3 different web applications is that they would all need their own urls (assuming I set them up as new IIS Sites, which is what I would need to do I think?). I'm just not sure how to set those urls up. I feel like it should be possible to set the site collections up so that every time you leave the site collection for another one you have to reauthenticate...I don't need to use NTLM or any specific authentication protocol as the users will not be able to see the security settings, I just need it to simulate the proper experience. Thank you so much for your answer though abhitrig, if there is no other way I will gladly accept your response as a solution!
Out of curiosity....why are you doing this?  Are you trying to force NTLM to look bad?
Essentially, I'm trying to simulate the experience of browsing multiple servers with ntlm, even though all of my sites are only on one. I figured out how to accomplish this with separate web apps, thank you guys!