"BobAlston" wrote in message news:email@example.com
>If you use Office 2013 and Office 365 license for one person, $6 per month,
>is there any authentication that web users need to use to access the web
>site you build with Access 2013/sharepoint? Can the $6 per month allow
>unlimited number of users to use the web site?
All users that hit the site MUST have a valid logon.
In fact I'm pretty hard pressed to think of any web based system in which
some type of user logon is not required? In other words are you expecting to
allow the wild Internet to update these tables attached to access forms?
Keep in mind that you can invite up to 50 users for free to the site, and
they don't have to be an office 365 (or Live, hotmail) user id.
However they will have to associate e-mail with a live ID for this to work.
(or already have a Hotmail or live id or a "onMicrosoft").
There is not an ability for anonymous users on 365.
In fact I just asked a question yesterday on this, and I'm going to cut and
RE paste my response, since I cover several scenarios here:
I am hard pressed to think of some kind of database on the web that
everybody who comes to the site has able to make modifications to? Or even
So yes, at the end of the day for any user to utilize an Access application
online they will have to logon to the site and as such have a valid sign on
ID and valid permissions you given to them.
(I STRESS THE part YOU HAVE given to them).
You are of course able with office 365 able to invite for free up to 50
users without cost. In fact it is relatively recent that these users don't
have to logon with a live ID either.
What this means is the user can login into your site with their existing
e-mail ID. That logon can be yahoo, Gmail, or joe.Ap...@apple.com.
However they will have to go through the process of associating their logon
with a live ID for this to work.
I am not sure if you've ever used this new thing called the Internet? So
using this site here, or office 365 (or Google docs) or in fact just ABOUT
ANY site where there is some type of database content and system I would be
hard pressed to imagine any of those sites not requiring some type of logon?
Unless you're hosting your own server, I don't believe any type of anonymous
logon system can be used.
So at the end of the day you can invite users to your site. As a general
note such users will require a live id (Hotmail, 365 logon, onmicrosoft,
live). And if they don't have a live id, then as noted those users can
associate their existing logon with a live ID. This would then allow them to
log onto your site using their existing e-mail ID.
So they can use their corporate or non Microsoft email as a logon here (you
have to invite them).
It does not clear to me if you're asking to users have to log into the site?
(answer = yes, but that quite much expected).
In the case of AccessHosting? You will have to purchase + logon id's.
So there's no question that sitting down and working out the design of
security and logon and issuing of user logons is an extremely important part
of any web based development system.
In other words in your planning stages if you for example plan have 200
employees and want to use their EXISTING logons, then you can use what is
called "federation". Federation's simply means that all of your internal
corporate issue logons (active directory) will work on the web site, and if
a new employees hired, or removed, or the change their password, it'll
applied to the company logon, and they'll also instantly apply to the web
I mean obviously if you have hundreds of employees, you don't want to have
to manage this task of users since just the changing of passwords and
managing of users could of itself become a fulltime job.
In fact in your planning stages and sitting down in terms of how uses
security and logon IDs are to be issued and managed for the running of your
web site is often not only the first step, but one of the MOST IMPORTANT
steps that you will make. So this process can take considerable amounts of
time on your part to ascertain what type of security and user authentication
systems you're going to adopt for your web based technologies.
So for example if the website is not for your employees of your company, but
as for external customers, then obviously choosing "federation" as your
security model is not going to work.
And if you need some type of user self-sign up without interaction on your
part? Then obviously even office 365 and the authentication and security
methods provided would not be appropriate.
Last but not least:
Keep in mind that the typical Access database is setup in which you build a
form that and that form is attached to a bunch of rows of data in a table.
When you web enable such an application, the form will CONTINUE to EDIT the
rows of data in the table. In other words the great ability of access to
build forms that lets you edit all the data in the system will continue to
The problem is, that might not be your goal anymore! Access and in fact most
Web based systems do not "OUT OF THE BLUE" or magically start restricting
data to each individual user. You launch a form attached to a table, then
they are editing all data.
So if you need restricted data to each individual user? Then you have to
DESIGN this into your application. In fact if you've ever utilized user
level security in an access application and you ALSO attempted to restrict
data to each individual user, then you'll have an idea of the challenge you
are up against. In other words user level security is a challenge, but the
second part of developing an access application in which each logon user
only sees their data is a far greater of a challenge.
Remember the web based tools do not magically implement this type of data
restriction for each user. YOU the designer of the software that must
implement such restrictions. If your existing application was never designed
with such restrictions in mind, then it might not be appropriate for web
based at all.
However delving in to the methods of security, methods of user
authentication, and what type of Security Technologies you adopt for your
website is far beyond that of a simple post in a newsgroup.
However, to summarize:
When using office 365, there's no anonymous users allowed.
When using office 365, there is no "self" signup ability for office 365 in
which users can come to the site and self serve and build + create their own
When using office 365, however you can invite users to the site and those
uses as such don't have to logon with an office 365 logon id (but keep in
mind the above mentioned association with alive ID is required).
If you are hosting your own SharePoint server that is running access web
services, then you can adopt a system in which you issue user logons, and
you can issue as many as you want for free. And no special type of
association with any other system is required. This security and user
authentication choice is called forms based authentication (FBA). This
system ALSO ALLOWS SELF SERVE or user creating of logon id if you wish. (you
have to set this up, but it is possible and thus users could in theory "sign
up" to the web site without you having to issue logon's). So again depending
on what type of system and user setup, the CORRECT kind of security system
MUST be analyzed and adopted here. This is not different then determine if
you need Access or SQL server, or if you are delivering pizza and if you
need a gas or diesel truck.
So, the "kind" of users and security you need here is going to determine
what system you will choose for your web site. I mean, if you just taking an
existing Access form and converting it to the web, then likely you want all
your internal users + their existing "logon" to work for this site (you
would not want the wild internet to be able to use that database).
So, the kind of users, the kind of security, the kind of logons - all these
questions have to be asked and analysed before you build any kind of web
I am a big fan of FBA (Forms based authentication), and this means that you
don't have to use internal or what is called active directory users from
your company. This also means the issuing of external user logons does not
give these users permission to use your company network. And in fact these
FBA users are a SEPARATE group of users and logons. And as noted FBA does
open up the possibility of "self serve" or user created logons without you
have to create or invite such users. FBA is not a option for office 365, but
it is if you have your own SharePoint server.
However, as noted, we don't want to get into these areas of security and
authentication methods in this forum since the subject is far too complex
and far beyond that of being able to be answered in this post. So I can no
more explain the details and nuances of relational database theory in this
post, then that of attempting to explain the nuances and choices you have in
regards to security and authentication of users.
However, at the end of the day, unless you're hosting your own SharePoint
server, I don't believe you have a choice for self-signup options. The
closest you have with office 365 is the ability to invite users to your
As noted, depending on the hosting choice you make, this choice will effect
the type of users and logons you can use.
Albert D. Kallal (Access MVP)
Edmonton, Alberta Canada