Presentation is loading. Please wait.

Presentation is loading. Please wait.

Impersonation, SSO & custom web parts Using Impersonation and Single Sign-On to access corporate data from within a custom SharePoint web part Mike FITZSIMON.

Published bySebastian Cameron Modified over 11 years ago

Similar presentations

Presentation on theme: "Impersonation, SSO & custom web parts Using Impersonation and Single Sign-On to access corporate data from within a custom SharePoint web part Mike FITZSIMON."— Presentation transcript:

1 Impersonation, SSO & custom web parts Using Impersonation and Single Sign-On to access corporate data from within a custom SharePoint web part Mike FITZSIMON SYSTEMSARCHITECT F ITZSIMON IT C ONSULTING PTY LTD

2 Fitzsimon IT C ONSULTING PTY LTD www.fitzsimon.com.au Agenda A Custom Web Part overview Single Sign-On Impersonation Generating graphics on the server What can go wrong

3 Fitzsimon IT C ONSULTING PTY LTD www.fitzsimon.com.au

4 Custom Web Part Web part generates this graph (.gif) dynamically from corporate data in a database The currently-logged-in user does not have permission to access this data

5 Fitzsimon IT C ONSULTING PTY LTD www.fitzsimon.com.au Single Sign-On Service To many, a great disappointment Installed by default with SPS, but set to manual start-up Must run under an account which Is a local administrator Belongs to STS_WPG & SPS_WPG groups Has db_owner rights for the SharePoint Services configuration database Belongs to Server Administrators role for the SQL Server holding the SSO database

6 Fitzsimon IT C ONSULTING PTY LTD www.fitzsimon.com.au SSO Application Definition Unique name for the application plus definition of logon fields Username, password, domain, database name, secret Q&A, whatever SharePoint Portal Server Central Administration -> Component Configuration -> Manage settings for single sign-on -> Manage settings for enterprise application definitions

7 Fitzsimon IT C ONSULTING PTY LTD www.fitzsimon.com.au Impersonation Using SSO in a Web Part Imports Microsoft.SharePoint.Portal.SingleSignon RenderWebPart Protected Overrides Sub RenderWebPart(ByVal output As System.Web.UI.HtmlTextWriter) Use SingleSignOn service to change user identity to impersonate a user with sufficient rights to access the data. 'context for new identity Dim objContext As WindowsImpersonationContext Dim arrCredentials() As String Dim strUID As String Dim strDomain As String Dim strPassword As String

8 Fitzsimon IT C ONSULTING PTY LTD www.fitzsimon.com.au Impersonation try to get credentials from SSO service Credentials.GetCredentials(Convert.ToUInt32("0"), _ "ApplicationName", arrCredentials) strUID = arrCredentials(0) strDomain = arrCredentials(1) strPassword = arrCredentials(2) change the context Dim objIdentity As WindowsIdentity objIdentity = IdentityHelper.CreateIdentity(strUID, strDomain, strPassword) objContext = objIdentity.Impersonate …draw chart… undo impersonation, revert to logged-in user's credentials. objContext.Undo()

9 Fitzsimon IT C ONSULTING PTY LTD www.fitzsimon.com.au IdentityHelper.CreateIdentity See attached IdentityHelper.vb

10 Fitzsimon IT C ONSULTING PTY LTD www.fitzsimon.com.au Generating graphics on the server Office Web Components 2003 installed on Server Imports Microsoft.Office.Interop.Owc11 create a ChartSpaceClass object | add a chart to it Protected Overrides Sub CreateChildControls() chSpace = New ChartSpaceClass chart = chSpace.Charts.Add(0) Allow custom drawing within chart space chSpace.AllowRenderEvents = True specify the type of graph to be displayed chart.Type = ChartChartTypeEnum.chChartTypeAreaStacked

11 Fitzsimon IT C ONSULTING PTY LTD www.fitzsimon.com.au What can go wrong

12 Fitzsimon IT C ONSULTING PTY LTD www.fitzsimon.com.au Questions Mike Fitzsimon Mike@Fitzsimon.com.au Mikes blog http://mike.brisgeek.com Fitzsimon IT Consulting www.fitzsimon.com.au

Download ppt "Impersonation, SSO & custom web parts Using Impersonation and Single Sign-On to access corporate data from within a custom SharePoint web part Mike FITZSIMON."

Similar presentations

Auditing Microsoft Active Directory

Auditing Microsoft Active Directory
Eric J. Oszakiewski MCTS: SharePoint Application Development SharePoint Configuration.

Eric J. Oszakiewski MCTS: SharePoint Application Development SharePoint Configuration.
Configuring SharePoint 2013 and Office 365 Hybrid – Part 1

Configuring SharePoint 2013 and Office 365 Hybrid – Part 1
Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.
INTRODUCTION TO BUILDING REPORTS Reporting Services.

INTRODUCTION TO BUILDING REPORTS Reporting Services.
Kevin Donovan Program Manager, Office BI Microsoft Corporation

Kevin Donovan Program Manager, Office BI Microsoft Corporation
Installation and Deployment in Microsoft Dynamics CRM 4.0

Installation and Deployment in Microsoft Dynamics CRM 4.0
SQL Server on a Cluster Experiences Mike FITZSIMON SYSTEMSARCHITECT F ITZSIMON IT C ONSULTING PTY LTD.

SQL Server on a Cluster Experiences Mike FITZSIMON SYSTEMSARCHITECT F ITZSIMON IT C ONSULTING PTY LTD.
Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.

Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Printing Support in the.NET Framework The PrintDocument object Mike FITZSIMON SYSTEMSARCHITECT F ITZSIMON IT C ONSULTING PTY LTD.

Printing Support in the.NET Framework The PrintDocument object Mike FITZSIMON SYSTEMSARCHITECT F ITZSIMON IT C ONSULTING PTY LTD.
Securing Enterprise Applications Rich Cole. Agenda Sample Enterprise Architecture Sample Enterprise Architecture Example of how University Apps uses Defense.

Securing Enterprise Applications Rich Cole. Agenda Sample Enterprise Architecture Sample Enterprise Architecture Example of how University Apps uses Defense.
Jonas Thomsen, Ph.d. student Computer Science University of Aarhus Best Practices and Techniques for Building Secure Microsoft.

Jonas Thomsen, Ph.d. student Computer Science University of Aarhus Best Practices and Techniques for Building Secure Microsoft.
Creating a SharePoint App with Microsoft Access Services

Creating a SharePoint App with Microsoft Access Services
SharePoint 2010 Business Intelligence Module 3: Business Intelligence Center.

SharePoint 2010 Business Intelligence Module 3: Business Intelligence Center.
VMware vCenter Server Module 4.

VMware vCenter Server Module 4.
Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.

Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.
©2011 Quest Software, Inc. All rights reserved. Steve Walch, Senior Product Manager Blog: November, 2011 Partner Training Webcast.

©2011 Quest Software, Inc. All rights reserved. Steve Walch, Senior Product Manager Blog: November, 2011 Partner Training Webcast.
Microsoft Office System UK Developers Conference Radisson Edwardian, Heathrow 29 th & 30 th June 2005.

Microsoft Office System UK Developers Conference Radisson Edwardian, Heathrow 29 th & 30 th June 2005.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Similar presentations

Ads by Google