.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Using Sharepoint 2003 - Data Security Question

Posted By:      Posted Date: September 22, 2010    Points: 0   Category :SharePoint
We need to limit visibility of data in a datasheet to users based on their ID, NOT on who created or loaded the data.  If this is possible, how do we accomplish this?

View Complete Post

More Related Resource Links

security question about dynamic data


apologies if this has been answered before.

it seems that the scaffolding that generates the list, edit, details apsx pages uses querystrings to pass the primary key for the relevant record. thus is i have a list.aspx showing me a grid of records, the edit hyperlink will be something like http://../tblTable/edit.aspx?ID=n where n is the key of the record to edit.

however, obviously this is not secure for a multi-user site as someone else with a valid login could potentially see records which they shouldnt simply by trying different "ID=n" values?

is there a way to change this behaviour in a Dynamic Data site or will i have to manually code to ensure a user only see records intended for them?

any help is gratefully appreciated



SharePoint Tutorial - Security

Security in SharePoint is comprised of users, groups and roles.

Users, Groups and Roles

A user account comes from the authentication system. For example, if Active Directory is used to authenticate then the user accounts will come from it.

There are two types of groups SharePoint uses: domain groups and SharePoint groups.

Accessing SharePoint 2010 Data with Server-Side APIs

Accessing SharePoint data in server-side solutions is one of the most common tasks that you will perform as a SharePoint developer. SharePoint 2010 provides powerful server-side APIs that enable you to retrieve, add, edit, and delete SharePoint data programmatically. SharePoint 2010 also includes the new LINQ to SharePoint technology that enables you to work with SharePoint data efficiently and easily.

Security Question Answer Retrieval


I know there is a method built in for retrieving the encrypted password, but how do I retrieve the encrypted security answer?

What I want to do is have a member profile update screen that the end user can update their password and security question and answer. However, when they get to this page, I want to already be showing the security question (the easy part) and its answer (the not so easy part).

I have updated web.config with passwordFormat=Encrypted and have added a machineKey with the generator (forgot the link, but located on eggheadcafe somewhere).

I haven't done ANYTHING yet, since I already have a user store with hashed information. I wanted to get some functionality done before publishing, wiping the store and recreating users (only a couple developers).


Office Add-Ins: 3 Solutions for Accessing SharePoint Data in Office 2010


SharePoint 2010 introduces a number of new ways to access business data and present it to the user. We'll show you several options that range from no-code solutions to fully integrated Office add-ins.

Donovan Follette , Paul Stubbs

MSDN Magazine July 2010

SharePoint Security: Trim SharePoint Search Results for Better Security


SharePoint search may return too much information, causing data security problems. Learn how to use the custom security trimmer to ensure users see only the documents they have permission to view.

Ashley Elenjickal, Pooja Harjani

MSDN Magazine July 2010

Cloud Security: Crypto Services and Data Security in Windows Azure


Many early adopters cloud platforms have questions about security. We review some of the cryptography services and providers in Windows Azure along with some security implications for applications in the cloud.

Jonathan Wiggs

MSDN Magazine January 2010

Office Space: Security Programming in SharePoint 2007


This month Ted Pattison presents an overview of programming security and permissions for Windows SharePoint Services 3.0.

Ted Pattison

MSDN Magazine February 2008

Data Security: Stop SQL Injection Attacks Before They Stop You


To execute a SQL injection attack, a hacker writes a Web page that captures text in a textbox to be used to execute a query against a database. The hacker enters a malformed SQL statement into the textbox that causes the back-end database to perform operations the owners did not intend it to perform, like making unauthorized updates. This article explains how you can protect against the all too common SQL injection attack in your own database. The steps covered include data validation, proper exception handing, and much more.

Paul Litwin

MSDN Magazine September 2004

Windows Server 2003: Discover Improved System Info, New Kernel, Debugging, Security, and UI APIs


There's a lot to say about Windows Server 2003. First of all, it's the first operating system with built-in .NET Framework support, and it's the first 64-bit OS from Microsoft. But wait, there's more! There are lots of new features and APIs in this version as well. For instance, Windows Server 2003 features Hot Add Memory and a number of other arcane new tidbits. There are new APIs for handling threads, directories, and files, and new features like the low fragmentation heap for managing memory and system information. There's vectored exception handling and new UI APIs as well.OS internals expert Matt Pietrek takes a look at the additions he finds most interesting and useful so you'll have a good place to start when you dive into Windows Server 2003.

Matt Pietrek

MSDN Magazine June 2003

Security Briefs: Exploring S4U Kerberos Extensions in Windows Server 2003


Building Web sites that provide services external to the corporate firewall is tricky. Usually it's not desirable to grant corporate domain accounts to external clients, and from a purely practical standpoint Kerberos does not work well over the Internet due to the typical configuration of client-side firewalls.

Keith Brown

MSDN Magazine April 2003

Security in IIS 6.0: Innovations in Internet Information Services Let You Tightly Guard Secure Data


Security improvements have been a top priority in the evolution of IIS. IIS 6.0, which will be part of Windows .NET Server, has improved security features and a new approach to server configuration. New security-related tools for IIS, including IIS LockDown, make securing your server against attack easier than ever. The author explains how and why you can shut down services with IIS LockDown. He discusses limiting port access with TCP/IP filtering, controlling how files are served with extension mapping, what's new for Secure Sockets Layer, the use of URLScan, and more.

Wayne Berry

MSDN Magazine September 2002

Security: Protect Private Data with the Cryptography Namespaces of the .NET Framework


The .NET Framework includes a set of cryptographic services that extend the services provided by Windows through the Crypto API. In this article, the author explores the System.Security.Cryptography namespace and the programming model used to apply cryptographic transformations. He discusses reasons why cryptography is easier in .NET than it was before, including the easy programmatic acccess developers have to the cryptography APIs and the difference between symmetric and asymmetric algorithms. Along the way, a brief discussion of the most widely used algorithms, including RSA, DSA, Rijndael, SHA, and other hash algorithms, is provided.

Dan Fox

MSDN Magazine June 2002

SharePoint Portal Server 2001: Search and Access Disparate Data Repositories in Your Enterprise


The knowledge worker is greatly empowered if she is able to access information across the enterprise from a central access point. With the SharePoint Portal Server 2001 Search Service you can catalogue information stored in Exchange public folders, on the Web, in the file system, and even in Lotus Notes databases. This article discusses the use of ActiveX Data Objects and the Web-based Distributed Authoring and Versioning protocol for creating search solutions based on SharePoint Portal Server 2001.

Kayode Dada

MSDN Magazine April 2002

Programmatically retrieve data from the associated row in SharePoint and use the data to do math


I am trying to pull all of the associated data from a SharePoint list row to an InfoPath form repeating table.  I would like to select 1 unique value from the row and have the other fields auto-populate with the associated data from that row. 


SharePoint Columns and also names of InfoPath fields 1, 2, 3, 4, 5, 6, 7.

I have a dropdown that is connected to column 1 and I would like to select 1 and have it populate the rest of the fields from that row.  I am currently doing this with information and C# code from:  http://www.bizsupportonline.net/infopath2007/sharepoint-list-retrieve-value-same-row-repeating-table-infopath

Regarding Business data catalog in SharePoint


Hi All,

          I am using business data catalog to display the records present in the Active Directory based on the user selection of samAccountName. Since the number of records present in Active Directory are more than 3000 the user has to iterate through each page to get to a particular record. I want to add a kind of filter to my Definition file that user can search for a particular samAccountName from the list of samAccountName displayed in the business data list web part. I am using office server SDK by microsoft to generate the application definition file.

Any help regarding this will be appreciated.



Sharepoint list group by column data ,display in webcontrol like panel or label


I  have a sharepoint list[Managers] with groupby sector column. like below




Each Sector group by column data i want to display in label or panel control.

How to do that ? how to write the logic?



Regards, Mansoor
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend