Claims is a new authentication method that SharePoint 2010 can utilize.  This allows a single authentication store for multiple types of authentication (Windows NTLM, SQL FBA, LDAP, etc) which allows all of these types of authentication to access SharePoint under a single URL.

The sign-in process with claims authentication becomes rather verbose, but the overview is that a user attempts to log into SharePoint, where SP passes the user along to the authentication provider that the user is requesting authentication to.  After proper authentication, the user receives a user token that then gets passed back the the system attempting to login to.  SharePoint 2010 / Office 2010 also has increased functionality to access information from inside of SharePoint when opened from the Office client, where before Office had no way how to identify your identity other than using Windows NTLM.

The claims token is very similar to how Kerberos is currently used in SharePoint as it lives for only a certain amount of time and leads into wanting to pass the credentials around to other systems.  The new SAML support will assist in passing a users credentials from SharePoint to SQL, legal LOB’s, Oracle, SAP, etc in order to utilize the fun Business Intelligence features such as dashboards, KPI’s, etc.

SharePoint 2010 now has the support for running web applications in multiple authentication mode which can assist in removing the multiple URL issue found in multiple authentication providers in 2007 where you need separate URL’s and then have issues with things such as welcome emails, alerts, etc.

All of the new supported claims functionality built into SharePoint 2010 is made available by utilizing the Geneva framework that is a pre-requisite when SharePoint 2010 is installed.

Now for the piece of information that made this session a downer, when the public beta becomes available in November, the support for claims based authentication will not be ready for deployment, which means we are not going to be able to play with this new functionality until we get closer to RTM.

[“Brian”]