.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Post New Web Links

SAML token and impersonation for SAP connection

Posted By:      Posted Date: October 25, 2010    Points: 0   Category :SharePoint

I am connecting SharePoint 2010 to SAP. I am using CBA from SAML. When user logs in for the first time in SharePoint, he/she would get the SAML token, after this should we use the same SAML token and propagate it to WCF and SAP or impersonate the logged in user with SAP user id?

View Complete Post

More Related Resource Links

Connection string with password or impersonation

Which is the best solution for a program which runs as networkservice (or defined user) and needs to be connected to a database as a specific user: DbConnection ConnectionString with username and password                                          or Impersonate Windows Identity just before running the query Keep in mind security is important in my case.  

SAML Token Deserialization Performance


I have an IDispatchMessageInspector which is deserializing a SAML Token contained in the SOAP message header.

To do the deserialization I am using the following code:





List<SecurityToken> tokens = new List<SecurityToken>();

tokens.Add(new X509SecurityToken(CertificateUtility.GetCertificate()));

SecurityTokenResolver outOfBandTokenResolver = SecurityTokenResolver.CreateDefaultSecurityTokenResolver(new ReadOnlyCollection<SecurityToken>(tokens), true);

SecurityToken token = WSSecurityTokenSerializer.DefaultInstance.ReadToken(xr, outOfBandTokenResolver);

The problem I am seeing is that the performance of the ReadToken call varies depending on the account that is running the windows service (in which the WCF service is hosted).

If the service is running as a windows domain account the elapsed time for the ReadToken call is virtually zero. When running as a local machine account the call takes about 1 second.


Can anyone shed any light on what is going on here and why the account running this bit of code makes a difference as to its performance?


saml token..



I am working with saml token for the first time. If I passed authentication and received the saml token from a 3rd party id provider, where is the saml token stored when I landed back to my page (default.aspx)?? 


Infopath connection to external content type and Impersonation



I'm thinking of a solution to separate sensitive data from Sharepoint to a secure SQL server. On Sharepoint each user only sees what he/she is supposed to see, the same goes for the SQL Server (I'm not sure yet whether I will have a separate "user" column, or regular permissions). In Sharepoint the user would only see some descriptive name (and the record would have a GUID) - when clicking on it, data from the SQL Server is loaded.

Basically I will be importing some data and there will be an approval workflow for each record (being assigned to a particular employee) including some kind of approval form per record.

I have two solutions so far:

  1. A Forms Library with an Infopath Form aggregating the data from the Library as well as the SQL Server via a GUID stored in both. This works well, but Infopath uses either a hardcoded technical user to get to the SQL server or the logged in windows user.
  2. Use an external Content Type to "import" (rather link) the data from the SQL server into an external list. In a Forms Library I could have the Infopath Forms with a connection to this external list.

I have a question for each:

  • (1) If I would want to have a dynamic connection string to the SQL Server (so to speak SELECT * FROM xxx WHERE USER = dynamic ) - how would I do that? All I ca

WCF Custom Impersonation With Username Token



I've got some services hosted on a web server available on the internet. It uses Username token over basicHttpBinding with SSL. The web server doesn't have an account on the domain. I have an AD server that stores all the account information for the domain.

I am using a custom UserNamePasswordValidator to authenticate the caller using the callers credentials. This all works.

I have AzMan on the AD server with roles for the services. We need to control access to the services using role based security. I am trying to use AuthorizationStoreRoleProvider to access roles for the callers account. This is where I'm having problems.

I think I need to create a windows identity when I authenticate the caller then impersonate that caller when I access the AzMan store on AD.

Can anyone give me any ideas on how to do this or point me at an example?

Any help most appreciated.


Validating a SAML token at WCF Data Service level


I  have a WPF client which request a SAML token from the STS. After receiving the SAML token the WPF client sends the SAML token as part of the request header to the WCF data service. At the WCF data service level the request is interpreted by the Authorisation manager. I wanted to know is there any way to parse and authenticate this SAML token at the service level that its a valid saml token.

SQL Connection String

We can learn or know how can we connect the database from our .net. This will help for freshers or .NET beginners!

abstract away the source of the connection string using a class with a static property.

ASP.NET provides a configuration system we can use to keep our applications flexible at runtime. In this article we will examine some tips and best practices for using the configuration system for the best results.

The element of a web.config file is a place to store connection strings, server names, file paths, and other miscellaneous settings needed by an application to perform work. The items inside appSettings are items that need to be configurable depending upon the environment, for instance, any database connection strings will change as you move your application from a testing and staging server into production.

Let's abstract away the source of the connection string using a class with a static property.

connection string question from a newbie


when publishing  in the webmatrix dialogue it asks for "destination connection string" for my "database.mdf"

I was not sure what it was so I pasted this from my web.config file :

Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\database.mdf;Integrated Security=True;User Instance=True

it all published ok, but wont run, so I guess it has somthing to do with this connection string or some kind of configuration issue.

My question is this, What should go in the field for "Destination connection string"

Wrong Account being used to access files - Help - No Impersonation


I run a simple .aspx website on a Windows Server 2008 machine.

There is NO impersonation, and System.Security.Principal.WindowsIdentity.GetCurrent().Name returns NT AUTHORITY\NETWORK SERVICE, which it the account which the application pool runs. In my web.config, I have <authentication mode="Forms">.


I tried to test the security of the application and server by removing file permissions to the .aspx files. I was greatly worried when the website continued to run without problem (it should not have been able to read the .aspx files).

By turning on file level auditing, I discovered that the .aspx files were being read by the machine$ account (if the machine is called Serv1, then the files would be read by the Serv1$ account, which seems to have access to all files on the local machine).


Is this a security breach or is this behaviour by design ?

Please can somebody assist, as I am worried.

localhost is not set up to establish a connection on port 51624 with this computer


I'm trying to run asp.net locally, but getting the error

localhost is not set up to establish a connection on port 51624 with this computer

How can I fix it?

connection to SQL Server files (*.mdf) require SQL server express 2005 to function properly.


I dont have the SQL EXPRESS installed instead I have SQL Standard Edition.

 I have two SQL Server instances installed.

 1- UserLT (this is sql 2000)
2- UserLT\SQL2005 (this is SQL 2005 named instance)

But when i try to add a database to my VS website project I get the following error:

Connection to SQL Server files (*.mdf) require SQL server express 2005 to function properly. please verify the installation of the component or download from the URL: go.microsoft.com/fwlink/?linkId=4925

I went in Tools>Opetions>DataBase tools>Data Connection>Sql Server Instance Name (blank for default)

and changed the "SQLEXPRESS" to "USERLT\SQL2005".

But I still get the same error message. Any ideas how i can resolve this issue?

Unable to make connection to database?


Hy guys. I try to connect my database for so long so i wrote two type of codes. Let's discuse first on.

I have database called PhoneDirectory.

It have only one table named Residents.

I have button wiht ID="Button1".

I want when i click this button to see all of my residents. 

I want to see the result in DetailsView and to be able to edin, delete and add new resident.

First try with SqlDataSource so i wrote this:

<asp:SqlDataSource ID="Resident Details" runat="server" ProviderName="System.Data.SqlClient" ConnectionStrings="<%$ ConnectionStrings:ThisIsTheConnection%>" 
              SelectCommand = "SELECT * FROM Resident "

Need Oracle Data Provider .CS File for Oracle 10g Database connection !



I need a 'Wrapper.cs' file which takes care of the Database connection ( Oracle 10g) where

i can just call the method with my SQL Query


Gridview1.DataSource = SampleWrapper.ExecuteDatatable("THE SQL QUERY");


Plz Post the link if there is any open source !    

Intermittant error: "A connection attempt failed because the connected party did not properly respon



I'm having a doozy of a problem, and can't find a solution.  I have a WFC Web Service installed to a pair of servers, and accessed through a load balancer.  I am accessing the service from an ASP.NET client app, also via WCF.  The Client is not load balanced.

I'm getting an intermittant error:

(Inner Most Exception) System.Net.Sockets.SocketException:  A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond x.x.x.x:80

(Middle Exception) System.Net.WebException: Unable to connect to the remote server

(Outer Exception) System.ServiceModel.EndpointNotFoundException:  Could not connect to http://<MYSite>/<MYApp>/<MYService>.svc. TCP error code 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond x.x.x.x:80.

I can reproduce this error with about 20% reliability if I execute the exact same page request on the client from 2 browsers at the same time.  When the problem occurs, the successful p

Modifying connection String in Web config using Install Wizard



Im trying to create a Web Deployment Project, the built in setup and deployment is very good in Visual Studio, i need to able to add an additional step in the setup to change the connection string in the Web config file. Ive seen a lot of articles on how to do this and in particular this http://weblogs.asp.net/scottgu/archive/2007/06/15/tip-trick-creating-packaged-asp-net-setup-programs-with-vs-2005.aspx#7162670 I am however stuck on the final part of this tutorial, im using the code Scott provided but have two errors,  heres part of my code where the errors are

using System;
using System.Configuration;
using System.Configuration.Install;
using System.ComponentModel;
using System.Diagnostics;
using System.IO;
using System.DirectoryServices;

 void ConfigureDatabase(string targetSite, string targetVDir, string connectionString)
            // Retrieve "Friendly Site Name" from IIS for TargetSite
            DirectoryEntry entry = new DirectoryEntry("IIS://LocalHost/" + targetSit

About WAP and MSSQL Connection


Is it possible to create a wap having a mssql connection?

Can you give me some sample code? thanks

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend