Avatar of cholter2013
 asked on

Sharepoint Authentication

So I am constructing a sharepoint demo environment for my company's product, and we are trying to demonstrate the advantages of using kerberos and the disadvantages of using NTLM. The sites are supposed to be configured so that when the web application uses NTLM, it prompts you for credentials everytime you move to a different site. The web application is made up of three sites, each with their own subsites. So when you move from site A to site B, I need it to ask you for your credentials. Right now all three sites are located under the same web application. Would this only be possible if they were located in separate web apps? I read somewhere that the default security boundary is the site collection, so i created three different site collections for each of the sites and their subsites but it still doesnt prompt me for credentials when I move from one site collection to the other. Unfortunately it wont be sufficient to change the browser settings because the demo users will be exploring the sites from many different browers (some safari, some chrome, some IE). Is there a way to implement the above-described security configuration just through sharepoint? Any advice would be greatly greatly greatly appreciated, I'm racing against the clock!

Thanks so much,
Microsoft SharePoint

Avatar of undefined
Last Comment

8/22/2022 - Mon

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question

Would creating three different web applications be the only way? I read a past answer that suggested using basic authentication? The only problem with creating 3 different web applications is that they would all need their own urls (assuming I set them up as new IIS Sites, which is what I would need to do I think?). I'm just not sure how to set those urls up. I feel like it should be possible to set the site collections up so that every time you leave the site collection for another one you have to reauthenticate...I don't need to use NTLM or any specific authentication protocol as the users will not be able to see the security settings, I just need it to simulate the proper experience. Thank you so much for your answer though abhitrig, if there is no other way I will gladly accept your response as a solution!
Justin Smith

Out of curiosity....why are you doing this?  Are you trying to force NTLM to look bad?

Essentially, I'm trying to simulate the experience of browsing multiple servers with ntlm, even though all of my sites are only on one. I figured out how to accomplish this with separate web apps, thank you guys!
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes