Exercising the Sharepoint (MOSS) 2007 Single Sign-On Service SDK


In an effort to understand how you might exploit the SSO for your own custom development in Sharepoint (MOSS) I wrote a Web Part to enumerate SSO Applications and Credentials, as shown below.

The code for the web part is quite simple, as is the SSO SDK itself (at least as an SSO consumer).

using System;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Text;
using System.Web.UI;
using Microsoft.SharePoint;
using Microsoft.SharePoint.Portal.SingleSignon;

namespace Sharepoint.WebParts
{
 [Guid("45c8266e-6a1b-4223-97fa-5cc3e65c5629")]
 public class SSOInfoViewWebPart : System.Web.UI.WebControls.WebParts.WebPart
 {
  private static string ConvertSecureStringToString(System.Security.SecureString pValue)
  {
   IntPtr lValuePointer = IntPtr.Zero;
   string lValueAsString;
   try
   {
    lValuePointer = Marshal.SecureStringToBSTR(pValue);
    lValueAsString = Marshal.PtrToStringBSTR(lValuePointer);
   }
   catch (Exception ex)
   {
    lValueAsString = ex.Message;
   }
   finally
   {
    if (lValuePointer != IntPtr.Zero)
     Marshal.ZeroFreeBSTR(lValuePointer);
   }
   return lValueAsString;
  }

  protected override void CreateChildControls()
  {
   base.CreateChildControls();

   ISsoProvider ssoProvider = SsoProviderFactory.GetSsoProvider();
   var listOfEAD = ssoProvider.GetApplicationDefinitions();

   var sb = new StringBuilder();

   var ssoPI = ssoProvider.GetSsoProviderInfo();

   sb.Append("
<tr>
<td><b>SSO Provider:</td>
");
   sb.Append("
<td>Vendor:</td>
");
   sb.AppendFormat("
<td>{0}</td>
</tr>
", ssoPI.Vendor);
   sb.Append("
<tr>
<td>&nbsp;</td>
");
   sb.Append("
<td>Version:</td>
");
   sb.AppendFormat("
<td>{0}</td>
</tr>
", ssoPI.Version);
   sb.Append("
<tr>
<td>&nbsp;</td>
");
   sb.Append("
<td>Assembly:</td>
");
   sb.AppendFormat("
<td>{0}</td>
</tr>
", ssoPI.AssemblyName);

   var wi = WindowsIdentity.GetCurrent(true);
   if (wi != null)
   {
    var wic = WindowsIdentity.Impersonate(IntPtr.Zero);
    sb.Append("
<tr>
<td><b>Process Identity:</td>
");
    sb.AppendFormat("
<td>{0}</td>
<td>({1}, {2}{3}{4}{5}{6})</td>
</tr>
",
                    WindowsIdentity.GetCurrent().Name,
                    WindowsIdentity.GetCurrent().AuthenticationType,
                    WindowsIdentity.GetCurrent().ImpersonationLevel,
                    WindowsIdentity.GetCurrent().IsAnonymous ? ", Anonymous" : "",
                    WindowsIdentity.GetCurrent().IsAuthenticated ? ", Authenticated" : "",
                    WindowsIdentity.GetCurrent().IsGuest ? ", Guest" : "",
                    WindowsIdentity.GetCurrent().IsSystem ? ", System" : "");
    wic.Undo();
   }

   sb.AppendFormat("
<tr>
<td><b>{0} Identity:</td>
", wi != null ? "Thread" : "Process");
   sb.AppendFormat("
<td>{0}</td>
<td>({1}, {2}{3}{4}{5}{6})</td>
</tr>
",
                   WindowsIdentity.GetCurrent().Name,
                   WindowsIdentity.GetCurrent().AuthenticationType,
         WindowsIdentity.GetCurrent().ImpersonationLevel,
                   WindowsIdentity.GetCurrent().IsAnonymous ? ", Anonymous" : "",
                   WindowsIdentity.GetCurrent().IsAuthenticated ? ", Authenticated" : "",
                   WindowsIdentity.GetCurrent().IsGuest ? ", Guest" : "",
                   WindowsIdentity.GetCurrent().IsSystem ? ", System" : "");

   sb.Append("
<tr>
<td><b>ASP.NET Identity:</td>
");
   sb.AppendFormat("
<td>{0}</td>
<td>({1}{2})</td>
</tr>
",
         Context.User.Identity.Name,
         Context.User.Identity.AuthenticationType,
         Context.User.Identity.IsAuthenticated ? ", Authenticated" : "");

   sb.Append("
<tr>
<td><b>Sharepoint Identity:</td>
");
   sb.AppendFormat("
<td>{0}</td>
<td>(ID:{1}, {2}{3}{4}{5})</td>
</tr>
",
         SPContext.Current.Web.CurrentUser.Name,
         SPContext.Current.Web.CurrentUser.ID,
         SPContext.Current.Web.CurrentUser.LoginName,
         SPContext.Current.Web.CurrentUser.IsSiteAdmin ? ", SiteAdmin" : "",
         SPContext.Current.Web.CurrentUser.IsDomainGroup ? ", DomainGroup" : "",
         SPContext.Current.Web.CurrentUser.IsSiteAuditor ? ", SiteAuditor" : "");

   sb.Append("
<tr>
<td><b>SSO User:</b></td>
<td>");
   try
   { sb.AppendFormat("{0}", ssoProvider.GetCurrentUser()); }
   catch (Exception ex)
   { sb.AppendFormat("<i>n/a ({0})</i>", ex.Message); }
   sb.Append("</td>
</tr>
");

   sb.AppendFormat(
    "
<tr>
<td><b>SSO Enterprise Application Definitions</b></td>
</tr>
");
   foreach (var ead in listOfEAD)
   {
    string credManUrl = "#";
    if (ead.Type == Application.ApplicationType.Individual || ead.Type == Application.ApplicationType.IndividualWindows)
     credManUrl = ssoProvider.GetCredentialManagementURL(ead.ApplicationName).ToString();

    sb.Append("
<tr>");
    sb.AppendFormat("
<td><b><a>{0}</a></b></td>
",
                    ead.ApplicationName, credManUrl);
    sb.Append("
<td>Display&nbsp;Name:&nbsp;&nbsp;</td>
");
    sb.AppendFormat("
<td>{0}</td>
", ead.ApplicationFriendlyName);
    sb.Append("</tr>
");

    sb.Append("
<tr>
<td>&nbsp;</td>
");
    sb.AppendFormat("
<td>Type:</td>
<td>{0}</td>
", ead.Type);
    sb.Append("</tr>
");

    sb.Append("
<tr>
<td>&nbsp;</td>
");
    sb.Append("
<td>Fields:</td>
<td>&nbsp;</td>
");
    sb.Append("</tr>
");

    sb.Append("
<tr>
<td>&nbsp;</td>
");
    sb.Append("
<td>");
    sb.Append("
<div>");

    var listOfEadFields = ssoProvider.GetApplicationFields(ead.ApplicationName);
    var listOfCreds = ssoProvider.GetCredentials(ead.ApplicationName);

    //    sb.AppendFormat("\"UserName\" = {0}
", ConvertSecureStringToString(listOfCreds.UserName));
    //    sb.AppendFormat("\"Password\" = {0}
", ConvertSecureStringToString(listOfCreds.Password));

    for (int idx = 0; idx &lt; listOfEadFields.Length; idx++)
    {
     var eadField = listOfEadFields[idx];
     string ssoEvidence = ConvertSecureStringToString(listOfCreds.Evidence[idx]);
     sb.AppendFormat(&quot;{0} ({1}) = {2}
&quot;, eadField.Field, eadField.Mask ? &quot;Masked&quot; : &quot;Unmasked&quot;, ssoEvidence);
    }

    sb.Append(&quot;</div>
");
    sb.Append("</td>
</tr>
");
   }

   Controls.Add(new LiteralControl("
<table>"));
   Controls.Add(new LiteralControl(sb.ToString()));
   Controls.Add(new LiteralControl("</table>
"));
  }
 }
}

Published by

Phil Harding

SharePoint Consultant, Developer, Father, Husband and Climber.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s