Ways to pass security credentials to web service call

  • Article

[1]

    1:  WS.Credentials = new System.Net.NetworkCredential(userName, password, domain);

If you want to pass explicit credentials and filter the record after that.

 

[2]

https://support.microsoft.com/kb/813834

    1:  myProxy.Credentials = System.Net.CredentialCache.DefaultCredentials

It will pick up the current logged in users’ credentials and return the data for him/her.

 

[3]

Using SharePoint object model, setting up our custom web service on SharePoint box and access it.

    1:              SPUser spUser = null;

    2:              string authError = "Could not authenticate user";

    3:              try

    4:              {

    5:                  spUser = web.AllUsers[impUser];

    6:                  if (spUser == null)

    7:                  {

    8:                      writer.Write(string.Format("spUser = web.AllUsers[impUser]; failed<br/>"));

    9:                      throw new UnauthorizedAccessException(authError);

   10:                  }

   11:              }

   12:   

   13:                  SPUserToken token = spUser.UserToken;

   14:              using (SPSite impSite = new SPSite(SPContext.Current.Site.ID, token))

   15:              {

   16:                  impSite.CatchAccessDeniedException = false;

   17:                  using (SPWeb impWeb = impSite.OpenWeb(SPContext.Current.Web.ID))

   18:                  {

   19:                      writer.Write(string.Format("Success with impersonated site context. {0}:<br/>", impWeb.CurrentUser.LoginName));

   20:                      SPList list = null;

   21:                      

   22:                      try

   23:                      {

   24:                          list = web.Lists[this.ListName];

   25:                      }

   26:                      catch (ArgumentException ex)

   27:                      {

   28:                          writer.Write(string.Format("Couldn't access list web.Lists[this.ListName]<br/>"));

   29:                          writer.Write(ex.ToString());

   30:                          writer.Write(string.Format("<br/>"));    

   31:                      }

   32:   

   33:                      try

   34:                      {

   35:                          list.CheckPermissions(SPBasePermissions.ViewListItems);

   36:                          context.Response.Write("<p>OK! :) Succesfully checked permissions.</p>");

   37:                      }

   38:                      catch(Exception ex)

   39:                      {

   40:                          context.Response.Write("Security check failed.<br/>");

   41:                          context.Response.Write(string.Format("Current user: {0}<br/>", list.ParentWeb.CurrentUser.LoginName));

   42:                          context.Response.Write(ex.ToString());

   43:                          context.Response.Write("<br/>");

   44:                      }

   45:                      return;

   46:                  }

   47:              }

[4]

    1:  SPSite oSite1 = new SPSite("https://eka:9001");

    2:  SPWebApplication oWebApp = oSite1.WebApplication;

    3:  SPApplicationPool oAppPool = oWebApp.ApplicationPool;

    4:              

    5:  string[] strUserIno = oAppPool.Username.Split('\\');

    6:  string strDomain = strUserIno[0].ToString();

    7:  string strUserName = strUserIno[1].ToString();

    8:  string strPassword = oAppPool.Password;