Security in Groove Web Services

Applies to: SharePoint Workspace 2010 | Visual Studio 2008

This section describes security issues for SharePoint Workspace 2010

Security Issues in Groove Web Services

When you make Groove Web Services calls, you should always make sure that you use the correct request key, and that you receive the correct response key from Groove Web Services. Groove Web Services will use the request key to validate that your application is running under the same account.

Testing Response Keys

Your client application should test the response key each time it gets a response from Groove Web Services, so that it can ensure that it is communicating with Groove Web Services and not a rogue application. The following code shows you how to test a response key. For more information, see Reading Groove Web Services Registry Keys.

string responseKeyFromCall = spacesSvc.GrooveResponseHeaderValue.GrooveResponseKey;

string responseKeyFromRegistry = …;  // Get key from registry
if (responseKeyFromCall != responseKeyFromRegistry)
  throw new Exception ("Response Key does not match expected value.");

See Also


Programming Practices for Groove Web Services

Reading Groove Web Services Registry Keys