All geek questions in one place

Is it possible to call C # WebService with current Windows user credentials?

I have a small C # ASP.Net WebService. I like to call this WebService from the Windows Client and do some things in the SharePoint document library. (e.g. file download)

But if I upload the file, it will be executed with the credentials from the web service instead of the credentials of the user who called the WebService. Result = All files will be displayed as "created" = System account ...

Is it possible to call this WebService (from a browser or Script $ .Ajax) with the current Windows user credentials and work with these credentials in the WebService?

I know that I can display the user who called WebService, for example, this way:

return Username = User.Identity.Name;

But you can’t use it to work with these types of credentials?

I already tried a few things, but I could not get the current user.

Code Example 1: (SharePoint client object model)

 ClientContext context = new ClientContext("http://domain.local"); context.Credentials = System.Net.CredentialCache.DefaultCredentials;

Sample Code2: (SharePoint Server Object Model)

 SPUserToken userToken = null; SPSecurity.RunWithElevatedPrivileges(delegate() { using (SPSite site = new SPSite("SiteUrl")) { using (SPWeb web = site.OpenWeb()) { userToken = web.AllUsers["DOMAIN\\USERNAME"].UserToken; } }); using (SPSite site = new SPSite("SiteUrl", userToken)) { using (SPWeb web = site.OpenWeb()) { // Perform actions } }

Code Example 3: (I don't like this) I found one of the possible ways, but I have to enter the plain password in the code, which I don't like:

 NetworkCredential credentials = new NetworkCredential("username", "pwd", "domain"); ClientContext context = new ClientContext("http://site-url"); context.Credentials = credentials; ...

I think the most important things in the web.config file are also here:

 <authentication mode="Windows"/> <add name="Access-Control-Allow-Origin" value="http://domain.local"/> <add name="Access-Control-Allow-Credentials" value="true"/> <add name="Access-Control-Allow-Headers" value="Content-Type"/>

Any ideas on how I can execute code with user context from the current user?

Script Call:

 $.ajaxSetup({ type: "GET", url: "webServiceUrl", data: { string: "value" }, dataType: 'json', xhrFields: { withCredentials: true }, crossDomain: true, success: function(data){ }, error: function(XMLHttpRequest, textStatus, errorThrown){ } });
+4
source share
1 answer

I do not know your requirements and your environment, but could you download files directly from the Windows client using CSOM?

Here is a link on how to set up limited delegation: http://msdn.microsoft.com/en-us/library/ff650591.aspx#_Step_7:_Impersonate .

0
source

Source: https://habr.com/ru/post/1496889/

More articles:


All Articles