We have a ASP.NET MVC3-Application which includes a lot of links to Documents in SharePoint 2010 - Libraries. If the User clicks on one of these links, he'll be invited to choose between ReadOnly-Mode or Edit-Mode of the Office-Document. If he chooses "Edit-Mode", he will have to enter the credentials for SharePoint.
Is it possible to do some kind of SingleSignOn out of the MVC-Application, using the Users MVC-App-Creentials to log into SharePoint2010? We'd like to have the user clicked on the link and to be able to edit the document and click save (saving back to SharePoint) without entering his credentials once again. Are there any experiences?
//edit: the MVC-Application & SharePoint are both in a different Active Directory than the User, so this problem is not solvable by implementing a User > SharePoint SSO. Further it is not possible to access SharePoint through the SharePoint Server Object Model in the MVC3-Application: SharePoint uses .NET 3.5 and MVC3 requires .NET 4.0
You can achieve what you are trying to do, however, you would need to enable claims based suthentication on SharePoint and write a custom provider.
One of the possible solutions in your case is Active Directory Federation Services.
http://blogs.technet.com/b/andrew/archive/2010/06/09/what-is-adfs-and-why-you-should-care.aspx
Related
I have developed an ASP.Net MVC application which is Azure Single-Sign-On supported.
In the existing application, I wanted to consume online SharePoint REST API's to work with the document library(Get folders/files,upload, add, replace and delete etc.)
Is there any way to do/achieve this task.
Thanks in advance!
yes, the supported way is to use SharePoint CSOM which is now in .net standard. Please see this article were you may find a movie that shows the whole process to add nuget, authenticate the app and get some data from SharePoint, and here is he msdn support.
Some CSOM examples how this works
We are willing to implement a web application with edit functionalities of WORD documents using WebDav.
We are starting to have a better picture of the implementation required however, we have read on your site (http://www.webdavsystem.com/server/documentation/ms_office_read_only) that it is possible to avoid MS office Word login dialog to open when URL-authentication is implemented.
We can hardly find solutions on how to achieve this or on how to use URL-authentication with MS Office.
Would you be able to point us in the right direction with this process or even let us know how to get some examples on that?
Here are some options to avoid login dialog:
Implement URL authentication. You will need to include some session
ID in the URL. Note that you will need to include it in path. For
example:
https://server/[SessionID1234567890]/path/file.docx
Do not include your session ID in the query string, as MS Office will
truncate it when saving a document.
Implement cookies/Forms authentication. In this case you will need the IT Hit
WebDAV Ajax Library to open documents for editing. You will also need to install the protocol application (Edit Document Opener, supplied with the WebDAV Ajax Library) on a client machine.
Implement MS-OFBA authentication. You can generate sample MS-OFBA
code using 'Add WebDAV Server Implementation' wizard for Visual
Studio supplied with IT Hit WebDAV Server for .NET SDK.
Note that MS-OFBA will display an HTML login dialog inside MS Office UI, which is rendered by Internet Explorer. If you open a document from any other web browser the login dialog will be always displayed during first open.
To avoid login dialog during subsequent access you will need to set permanent
authentication cookie (check the 'Keep me logged-in' checkbox).
Use Kerberos authentication. By default Kerberos authentication will display login dialog during first document access only. This option can be configured in Active Directory policies.
I am initiating an App for Office project and I am trying to find out something critical.
Can I use my ASP.NET MVC built-in OAuth authentication to pair it with a Live account so my app logs-in the user into MS Office for Desktop apps.
This is needed so I can access OneDrive and use the share file editing there.
The architecture so far is:
Files stored in a single OneDrive or SharePoint server (TBD)
Desktop Office apps (Word and Excel) where the users work.
App for Office, installed in their Word and Excel. Users can authenticate on the back-end ASP.NET MVC server, using any 3rd party email address and a password.
I have used OAuth in ASP.NET MVC projects but not in integration with Office in an App for Office.
So, my question is if this idea is possible and HOW, or I have to give everyone an Office 365 account so they can connect via the integrate Office for desktop.
As we in our small company like to benefit from the OneDrive functionality, and also want to have selected shared and group folders offline available, we found a more or less perfect workaround.
We use the Goodsync software to synchronize. For this you create a sync job within Goodsync for the folders you want to have offline- available. Such a sync definition / call it folder pair / has a reference to the local folder, and on the other side a reference to the OneDrive folder. The reference to the OneDrive folder you describe like this: „sds://d.docs.live.net//“.
The OneDrive CID you can see for any shared OneDrive folder in OneDrive web whithin its web address (example: https://OneDrive.live.com/?cid=xxxxxxxxxxxxxxxx) . Similarly it works for OneDrive group folders.
Our experience is very good with this workaround, only to be aware to have all rights for the shared One Drive folder, then Goodsync can even create or delete folders within shared OneDrives.
Good luck! Wolfgang from Salzburg
For everyone's benefit, I will explain what we have done.
We are using Azure Active Directory and manage all users there. We connected SharePoint site to it and it has a OneDrive behind. Now our App for Office connects to that using SharePointContext from here and it magically works.
I'm setting up an intranet ecommerce site with NOPCommerce 2.5 and I want the user to be automatically logged on to the site. Everybody on the network is authorized to be customer. Is there an active directory integration for NOPCommerce or does anybody have tips & tricks on how to move forward?
I know that nopCommerce uses their own implementation of the ASP.net Membership Provider. So yes, it is possible to edit that, and have it automatically generate a nopCommerce user via the Network Credentials.
I'm not aware of anything that already exists for this functionality.
Just a sidenote: I'm not sure whether I should post this to serverfault as well, because some MOSS admin may have some info for me as well?
Additional note 1: I've found this document (Asp.net MVC 2 & Sharepoint integration) if anybody with sufficient expirience is willing to comment on its content whether this can be used in my described scenario or not.
Additional note 2: I've discovered (later) that Silverlight is supported in Sharepoint 2010 so I'm considering it as well. So if anyone would comment on silverlight integration as well.
A bit of explanation first (without Asp.net MVC/Silverlight)
Is it possible to integrate the two? Is it possible to write an application that would share at least credential information with MOSS?
I have to write a MOSS application that has to do with these technologies:
MOSS 2010
Personal client certificates authentication (most probably on USB keys)
Active Directory Federation Services
Separate SQL DB that would serve application specific data (separate as not being part of MOSS DB)
How should it work?
Users should authenticate using personal certificates into MOSS 2010
There would be a certain part of MOSS that would be related to my custom application
This application should only authorize certain users via AD FS - I guess these users should have a certain security claim attached to them
This application should manage users (that have access to this app) with additional (app specific) security claims related to this application (as additional application level authorization rights for individual application parts)
This application should use custom SQL 2008 DB heavily with its own data
This application should have the possibility to integrate with external systems as well (Exchange for instance to inject calendar entries, ERP systems etc)
This application should be able to export its data (from its DB) to files. I don't know if it's possible, but it would be nice if the app could add these files to MOSS and attach authorization info to them so only users with sufficient rights would be able to view/open these files.
Why Asp.net MVC/Silverlight then?
I'm very well versed in Asp.net MVC (also with the latest version) and I haven't done anything on Sharepoint since version 2003 (which doesn't do me no good or prepare me for the latest version in any way shape or form). This project will most probably be a death march project so I would rather write my application as a UI rich Asp.net MVC application and somehow integrate it into MOSS. But not only via a link, because I would like to at least share credentials, so users wouldn't need to re-login when accessing my app. Using Asp.net MVC I would at least have the possibility to finish on time or be less death marching. Is this at all possible?
I haven't done any serious project using SIlverlight, but I will sooner or later have to. So I'm also considering a jump into it at this moment, because it still might make this application development easier than strict Sharepoint 2010.
Questions
Is it possible to integrate Asp.net MVC/Silverlight into MOSS as described above?
If integration is not possible, would it be possible to create a completely MOSS based application that would work as described?
Which parts of MOSS 2010 should I use to accomplish what I need?
The Patterns and Practices Sharepoint Guidance release on CodePlex has a model-view-presenter equivalent to MVC but targeted at SharePoint development.