SharePoint 2013 and SharePoint 2010登陆身份验证格式:
<IdentityClaim>:0<ClaimType><ClaimValueType><AuthMode>|<OriginalIssuer (optional)>|<ClaimValue>
Where:
- <IdentityClaim> indicates the type of claim and is the following:
- “i” for an identity claim
- “c” for any other claim
- <ClaimType> indicates the format for the claim value and is the following:
- “#” for a user logon name
- “.” for an anonymous user
- “5” for an email address
- “!” for an identity provider
- “+” for a Group security identifier (SID)
- “-“ for a role
- “%” for a farm ID
- “?” for a name identifier
- "\" for a private personal identifier (PPID)
- <ClaimValueType> indicates the type of formatting for the claim value and is the following:
- “.” for a string
- “+” for an RFC 822-formatted name
- <AuthMode> indicates the type of authentication used to obtain the identity claim and is the following:
- “w” for Windows claims (no original issuer)
- “s” for the local SharePoint security token service (STS) (no original issuer)
- “t” for a trusted issuer
- “m” for a membership issuer
- “r” for a role provider issuer
- “f” for forms-based authentication
- “c” for a claim provider
- <OriginalIssuer> indicates the original issuer of the claim.
- <ClaimValueType> indicates the value of the claim in the <ClaimType> format.
范例如下:
|
Type of claim
|
Encoded claim
|
Claim encoding breakdown
|
|
Windows User
|
i:0#.w|contoso\chris
|
- “i” for an identity claim
- “#” for the user logon name format for the claim value
- “.” for a string
- “w” for Windows claims
- “contoso\chris” for the identity claim value (the Windows account name)
|
|
Windows Authenticated Users group
|
c:0!.s|windows
|
- “c” for a claim other than identity
- “!” for an identity provider
- “.” for a string
- “s” for the local SharePoint STS
- “windows” for the Windows Authenticated Users group
|
|
SAML authentication (Trusted User)
|
i:05.t|adfs|chris@contoso.com
|
- “i” for an identity claim
- “5” for the email address format for the claim value
- “.” for a string
- “t” for a trusted issuer
- “adfs” identifies the original issuer of the identity claim
- “chris@contoso.com” for the identity claim value
|
|
Forms-based authentication
|
i:0#.f|mymembershipprovider|chris
|
- “i” for an identity claim
- “#”for the user logon name format for the claim value
- “.” for string
- “f” for forms-based authentication
- “mymembershipprovider” identifies the original issuer of the identity claim
- “chris” for the user logon name
|