.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
Kaviya Balasubramanian
Imran Ghani
Post New Web Links

security trimmer with BDC

Posted By:      Posted Date: August 26, 2010    Points: 0   Category :SharePoint
 
hi,

I have a bdc application based on web service.
I have implemented a security trimmer according to the msdn guide : http://msdn.microsoft.com/en-us/library/bb447548.aspx.
I have created a new BDC content source and successfully made a full crawl.

This is an example of a url in the crawl log : http://gilklws2003:35229/ssp/admin/content/enoviaobject.aspx?tnr=[architecture][a2][1]

In the security trimmer method  "BitArray CheckAccess(IList<string> documentCrawlUrls, IDictionary<string, object> sessionProperties)" i get some unknown urls, for example :

bdc2://814bb38f-1ded-4d41-b42b-d7dd39c7414a/6153/6193?id=__bk8400b5000500160027004700d500b5001300230033004300530063007300d500b5001400d500
bdc2://814bb38f-1ded-4d41-b42b-d7dd39c7414a/6153/6193?id=__bk0800b500340014004400020044002700160077009600e6007600d500b500230013002300230013006300530


View Complete Post


More Related Resource Links

Passing values from web page to custom security trimmer in SharePoint 2010

  
Hi, In SharePoint 2007 we had a custom security trimmer that implemented ISecurityTrimmer interface. We also had a custom webpart used for search. Now, using HttpContext we passed values from the webpart to security trimmer with additional info needed to trim the results. It worked since trimmer was executed in the same w3wp process as webpart. Now in SharePoint 2010, the architecture for ISecurityTrimmer2 has changed, as it's executed in search process (other w3wp) - not the webpart w3wp so it has no access to the HttpContext. Question is: how to pass custom data, in form of the string, to a security trimmer when search is done from custom code in webart?

current user identity in custom security trimmer

  
The crux of my problem is that I want to impersonate  a user’s NTLM credentials in the context of a SharePoint custom security trimmer to execute HttpWebRequests to check user access to URLs.  When accessing WindowsIdentity.GetCurent() in the security trimmer, the System.Security.Principal.WindowsIdentity object returns the identity of the application pool running the search query service, NOT the currently logged in user.   When accessing System.Threading.Thread.CurrentPrinciple.Identity in the security trimmer, the Microsoft.IdentityModel.Claims.ClaimsIdentity object of the current logged in user is returned.  However, there is a catch.  …   If I execute the following code in a .NET web application, the cast of the ClaimsIdentity to a WindowsIdentity succeeds because the identity has the authentication type of NTLM.    WindowsIdentity winId = (WindowsIdentity)System.Threading.Thread.CurrentPrincipal.Identity; WindowsImpersonationContext wic = winId.Impersonate(); request.Credentials = CredentialCache.DefaultCredentials; //access means a response comes back when a request is made to the url using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) { returnStatus = true; } wic.Undo(); However, when I execute the same code in the context of the SharePoint security trimmer (the search query service li

How do you register a custom Social Security Trimmer?

  

I am investigating implementing a custom social security trimmer using the ISocialSecurityTrimmer interface. Is there a Powershell cmdlet to register a social security trimmer? Equivalent to New-SPEnterpriseSearchSecurityTrimmer for Search security trimmers.

The only alternative way I have found is to use PluggableSocialSecurityTrimmerManager to register. http://msdn.microsoft.com/en-us/library/microsoft.office.server.socialdata.pluggablesocialsecuritytrimmermanager.registerpluggablesecuritytrimmer.aspx.

Any pointers would be great appreciated if you have successfully implemented a custom social security trimmer.


Thanks!


current user identity in custom security trimmer

  

The crux of my problem is that I want to impersonate  a user’s NTLM credentials in the context of a SharePoint custom security trimmer to execute HttpWebRequests to check user access to URLs. 

When accessing WindowsIdentity.GetCurent() in the security trimmer, the System.Security.Principal.WindowsIdentity object returns the identity of the application pool running the search query service, NOT the currently logged in user.  

When accessing System.Threading.Thread.CurrentPrinciple.Identity in the security trimmer, the Microsoft.IdentityModel.Claims.ClaimsIdentity object of the current logged in user is returned.  However, there is a catch.

 …

 

If I execute the following code in a .NET web application, the cast of the ClaimsIdentity to a WindowsIdentity succeeds because the identity has the authentication type of NTLM. 

 

WindowsIdentity winId = (WindowsIdentity)System.Threading.Thread.CurrentPrincipal.Identity;
WindowsImpersonationContext wic = winId.Impersonate();
request.Credentials = CredentialCache.DefaultCredentials;

//access means a response comes back when a request is made to the url

Need help setting up a Custom Security Trimmer, CheckAccess method not working.

  

I'm implementing the custom security trimmer for SharePoint server as outlined here: http://msdn.microsoft.com/en-us/library/ee819923.aspx

I have been able to successfully deploy the solution on to the server, but know I need to write the script that will check whether users have access to particular documents or not. The code in the walk-through is the following:

public BitArray CheckAccess(IList<String> documentCrawlUrls, IDictionary<String, Object> sessionProperties, IIdentity passedUserIdentity)
        {
            BitArray retArray = new BitArray(documentCrawlUrls.Count);
            //Use passedUserIdentity to get the identity of the user who issued the query.
            IClaimsIdentity claimsIdentity = (IClaimsIdentity)passedUserIdentity;
           //IClaimsIdentity is defined in Microsoft.IdentityModel.Claims;
            for (int x = 0; x < documentCrawlUrls.Count; x++)
            {
              /*
     

SharePoint Tutorial - Security

  
Security in SharePoint is comprised of users, groups and roles.



Users, Groups and Roles

Users
A user account comes from the authentication system. For example, if Active Directory is used to authenticate then the user accounts will come from it.

Groups
There are two types of groups SharePoint uses: domain groups and SharePoint groups.

Asp.net web site security database

  

Hello all, I'm new to asp.net and I'm currently practising some few stuffs. I'm creating a hotel reservation system using ASP.net Web site in visual studio 2008 and I currently don't have an App_Data in my solution explorer unlike visual web developer.

1. I have planned to make users of the website login before making their reservations.

2. I have also planned to develop the website such that I will be able to know all reservations made by each user.

First and formost, I will like to know how I can access/View the security database?

Secondly, how do I link my custom made reservation database and the security database in order to achieve my second plan above.?


Someone help me.


Thank you.


System.Security.SecurityException:

  

hello i have the following problem

i have upload my content to hosting server but i get the following error

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[SecurityException: Request for the permission of typ

System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPerm

  

Good Day all,

Having an issue with an outside user accessing my IIS7 box. I do not have this problem when running the website from my host machine. I found this post: Http://forums.asp.net/t/1371394.aspx. I assure you that this is not a solution because I am not storing any of my files on a network share. 

What do you think my approach should be. 


I already have read rights to IIS user to my BIN folder. 


Thanks for the help. 


XBAP Security

  

We have a small XBAP file upload app that we are having trouble deploying. We were getting security errors when we were pushing this application that we don't get when running in our development environments on our machines. We gave the XBAP app full permissions and still got errors. Then we created a personal certificate and were able to get this to work. But that means we have to load a client side certificate for each and every machine that wants to run this which is ridiculous. Does anyone have a solution for this?


Intranet Users Challenged When Using Windows Integrated Security

  

We've setup an intranet site using Windows Integrated Security. Its up and running and users can access it. However, they are being challenged with a login dialog for the server when they initially access the site.

Isn't is possible to configure the server so that the users aren't challenged AND are recognized as being already authenticated by Windows? We're trying to go with a seamless experience, whereby all they have to do is login to their machine like normal and then go from there.


Security Question Answer Retrieval

  

I know there is a method built in for retrieving the encrypted password, but how do I retrieve the encrypted security answer?

What I want to do is have a member profile update screen that the end user can update their password and security question and answer. However, when they get to this page, I want to already be showing the security question (the easy part) and its answer (the not so easy part).

I have updated web.config with passwordFormat=Encrypted and have added a machineKey with the generator (forgot the link, but located on eggheadcafe somewhere).

I haven't done ANYTHING yet, since I already have a user store with hashed information. I wanted to get some functionality done before publishing, wiping the store and recreating users (only a couple developers).

Thanks,
Kerry


WCF The Security Support Provider Interface (SSPI) negotiation failed

  

I am using a wcf service that I created, when both hosting machine and the client machine are on the same domain everything works just fine. When I publish the client app to the webserver in the DMZ I am getting the following error:

SOAP security negotiation with 'http://10.0.0.14:3790/Bullfrog/QBService/QBService' for   
target
'http://10.0.0.14:3790/Bullfrog/QBService/QBService' failed. See inner exception  
for more details.The Security Support Provider Interface (SSPI) negotiation failed.


Here is my service main where I set up the service


   

 Uri baseAddress = new Uri("Http://10.0.0.14:3790/Bullfrog/QBService");
      ServiceHost selfHost = new ServiceHost(typeof(QBService), baseAddress);

            try
            {
                selfHost.AddServiceEndpoint(
                    typeof(IQBService

Security negotiation failed because the remote party did not send back a reply in a timely manner. T

  

 


Dear All i have created one simple service

like this

namespace WcfService2
{
        public class Service1 : IService1
    {
        public string ShowEmpName(string strFirstName, string strLastName)
        {
            return strFirstName + strLastName;
        }
    }
}




after executing in .net command promt i got 2 files

service.cs & output.config


after that i create one class file like this


namespace WcfService2
{
    public class clientcs
    {

        static void Main(string[] args)
        {
            Service1Client client = new Service1Client();
            string strResult = client.ShowEmpName("Pradeep", "Deokar");

SharePoint Security: Trim SharePoint Search Results for Better Security

  

SharePoint search may return too much information, causing data security problems. Learn how to use the custom security trimmer to ensure users see only the documents they have permission to view.

Ashley Elenjickal, Pooja Harjani

MSDN Magazine July 2010


Security Briefs: View State Security

  

Effectively managing user state in web applications can be a tricky balancing act of performance, scalability, maintainability and security. The security consideration is especially evident when you're managing user state stored on the client. Here's what you need to know about view state security.

Bryan Sullivan

MSDN Magazine July 2010


Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend