Impersonation, SSO & custom web parts Using Impersonation and Single Sign-On to access corporate data from within a custom SharePoint web part Mike FITZSIMON.

Slides:

Advertisements

Similar presentations

Auditing Microsoft Active Directory

Advertisements

Eric J. Oszakiewski MCTS: SharePoint Application Development SharePoint Configuration.

Configuring SharePoint 2013 and Office 365 Hybrid – Part 1

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

INTRODUCTION TO BUILDING REPORTS Reporting Services.

Kevin Donovan Program Manager, Office BI Microsoft Corporation

Installation and Deployment in Microsoft Dynamics CRM 4.0

SQL Server on a Cluster Experiences Mike FITZSIMON SYSTEMSARCHITECT F ITZSIMON IT C ONSULTING PTY LTD.

Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.

Security and Policy Enforcement Mark Gibson Dave Northey

Printing Support in the.NET Framework The PrintDocument object Mike FITZSIMON SYSTEMSARCHITECT F ITZSIMON IT C ONSULTING PTY LTD.

Securing Enterprise Applications Rich Cole. Agenda Sample Enterprise Architecture Sample Enterprise Architecture Example of how University Apps uses Defense.

Jonas Thomsen, Ph.d. student Computer Science University of Aarhus Best Practices and Techniques for Building Secure Microsoft.

Creating a SharePoint App with Microsoft Access Services

SharePoint 2010 Business Intelligence Module 3: Business Intelligence Center.

VMware vCenter Server Module 4.

Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.

©2011 Quest Software, Inc. All rights reserved. Steve Walch, Senior Product Manager Blog: November, 2011 Partner Training Webcast.

Microsoft Office System UK Developers Conference Radisson Edwardian, Heathrow 29 th & 30 th June 2005.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Microsoft BizTalk Server Basics. Introduction BizTalk belongs to the Microsoft Server family Connects disparate systems together Communication among systems.

1 Chapter Overview Reviewing the Results of Installation Starting, Stopping, Pausing, and Modifying Microsoft SQL Server 2000 Services Working with Osql,

Create with SharePoint 2010 Jen Dodd Sr. Solutions Consultant

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

Module 8 Configuring and Securing SharePoint Services and Service Applications.

Managing Active Directory Domain Services Objects

Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks.

JourneyTEAM - –

1© Copyright 2013 EMC Corporation. All rights reserved. Dimitri Ayrapetov November 9, 2013 Introduction to Building Reports Reporting Services.

Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Overview Scale out architecture Servers, services, and topology in Central Administration.

Security David Frommer Principal Architect Business Intelligence Microsoft Partner of the Year 2005 & 2007.

SURENDER SARA 10GAS Building Corporate KPI’s

DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.

Module 9 Authenticating and Authorizing Users. Module Overview Authenticating Connections to SQL Server Authorizing Logins to Access Databases Authorization.

Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy

Are you feeling secure ? Lee Donaldson Information Builders.

Welcome to the Delaware Valley SharePoint User Group Russ Basiura SharePoint Consultant RJB Technical Consulting

Project Server 2003: DC340: Security (Part 1 of 2): How to securely deploy Project Server in an enterprise environment Pradeep GanapathyRaj (PM), Karthik.

Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.

Microsoft ® Official Course Module 3 Managing Active Directory Domain Services Objects.

Module 14 Configuring Security for SQL Server Agent.

Searching Business Data with MOSS 2007 Enterprise Search Presenter: Corey Roth Enterprise Consultant Stonebridge Blog:

Module 4 : Installation Jong S. Bok

Dr. Mustafa Cem Kasapbaşı Security in ASP.NET. Determining Security Requirements Restricted File Types.

Module 10 Administering and Configuring SharePoint Search.

Module 7 : Configuration I Jong S. Bok

CS795.Net Impersonation… why & How? Presented by: Vijay Reddy Mara.

Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.

Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Impersonation in SharePoint Developers use impersonation when an application needs to.

Guide to MCSE , Enhanced1 Activity 1-1: Determining the Windows Server 2003 Edition Installed on a Server Objective is to determine the edition of.

GUDURU PRAVEEN REDDY.NET IMPERSONATION. Contents Introduction Impersonation Enabled Impersonation Disabled Impersonation Class Libraries Impersonation.

Copyright © 2006 Pilothouse Consulting Inc. All rights reserved. Security Overview Functional security – users, groups, and permissions for sites, lists,

SVR330 Introduction to The Microsoft Office Project 2003 Software Development Kit (SDK) Bob Walker IW Product Technical Specialist - EPM EPG Microsoft.

Presented by Vishy Grandhi.  Architecture (Week 1) ◦ Development Environments ◦ Model driven architecture ◦ Licensing and configuration  AOT (Week 2)

Mirek Sztajno SQL Server Security PM

Module 1: Introduction to Administering Accounts and Resources.

Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.

The Windows Forms DataGrid A Complex-Bound.NET GUI Control Mike FITZSIMON SYSTEMSARCHITECT F ITZSIMON IT C ONSULTING PTY LTD.

DotNetNuke Portal Management Stan Schultes Stan Schultes Enterprise architect / application developer Enterprise architect / application developer Conference.

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

Overview of Basic 3D Experience (Enovia V6) Concepts

Kerberos Miha Pihler MVP – Enterprise Security Microsoft Certified Master | Exchange 2010.

Agenda Introduction Security flow for a request Authentication

Module 1: Introduction to Administering Accounts and Resources

Designing Database Solutions for SQL Server

What Is Sharepoint? Mohsen Ashkboos

PSC Group, LLc Office 365/SharePoint Online Migration traps and tricks

SharePoint Server Assessment Results

Presentation transcript:

Impersonation, SSO & custom web parts Using Impersonation and Single Sign-On to access corporate data from within a custom SharePoint web part Mike FITZSIMON SYSTEMSARCHITECT F ITZSIMON IT C ONSULTING PTY LTD

Fitzsimon IT C ONSULTING PTY LTD Agenda A Custom Web Part overview Single Sign-On Impersonation Generating graphics on the server What can go wrong

Fitzsimon IT C ONSULTING PTY LTD

Custom Web Part Web part generates this graph (.gif) dynamically from corporate data in a database The currently-logged-in user does not have permission to access this data

Fitzsimon IT C ONSULTING PTY LTD Single Sign-On Service To many, a great disappointment Installed by default with SPS, but set to manual start-up Must run under an account which Is a local administrator Belongs to STS_WPG & SPS_WPG groups Has db_owner rights for the SharePoint Services configuration database Belongs to Server Administrators role for the SQL Server holding the SSO database

Fitzsimon IT C ONSULTING PTY LTD SSO Application Definition Unique name for the application plus definition of logon fields Username, password, domain, database name, secret Q&A, whatever SharePoint Portal Server Central Administration -> Component Configuration -> Manage settings for single sign-on -> Manage settings for enterprise application definitions

Fitzsimon IT C ONSULTING PTY LTD Impersonation Using SSO in a Web Part Imports Microsoft.SharePoint.Portal.SingleSignon RenderWebPart Protected Overrides Sub RenderWebPart(ByVal output As System.Web.UI.HtmlTextWriter) Use SingleSignOn service to change user identity to impersonate a user with sufficient rights to access the data. 'context for new identity Dim objContext As WindowsImpersonationContext Dim arrCredentials() As String Dim strUID As String Dim strDomain As String Dim strPassword As String

Fitzsimon IT C ONSULTING PTY LTD Impersonation try to get credentials from SSO service Credentials.GetCredentials(Convert.ToUInt32("0"), _ "ApplicationName", arrCredentials) strUID = arrCredentials(0) strDomain = arrCredentials(1) strPassword = arrCredentials(2) change the context Dim objIdentity As WindowsIdentity objIdentity = IdentityHelper.CreateIdentity(strUID, strDomain, strPassword) objContext = objIdentity.Impersonate …draw chart… undo impersonation, revert to logged-in user's credentials. objContext.Undo()

Fitzsimon IT C ONSULTING PTY LTD IdentityHelper.CreateIdentity See attached IdentityHelper.vb

Fitzsimon IT C ONSULTING PTY LTD Generating graphics on the server Office Web Components 2003 installed on Server Imports Microsoft.Office.Interop.Owc11 create a ChartSpaceClass object | add a chart to it Protected Overrides Sub CreateChildControls() chSpace = New ChartSpaceClass chart = chSpace.Charts.Add(0) Allow custom drawing within chart space chSpace.AllowRenderEvents = True specify the type of graph to be displayed chart.Type = ChartChartTypeEnum.chChartTypeAreaStacked

Fitzsimon IT C ONSULTING PTY LTD What can go wrong

Fitzsimon IT C ONSULTING PTY LTD Questions Mike Fitzsimon Mikes blog Fitzsimon IT Consulting