none
How to access SharePoint from asp net web-site. RRS feed

  • Question


  • I have the site (based on SharePoint 2013), for example https://test.com and I have my sites which are working in another domain https://my.test.com.

    My task is to get data from a list which is located on site.com and display that data on my.test.com/Person.aspx.

    Earlier I ran into a problem with cross domain requests (but members of the MS community helped me to solve that problem).

    But now I have another problem.
    For making cross domain requests I created a new asp.net application with settings for CORS and with ashx handler for processing and forwarding api requests to the target site (this app like a proxy).

    Initially for authentificate the user on SharePoint (https://test.com) I set the Windows authentication for my application and pass user credentials by using System.Net.DefaultNetworkCredentials (it is short version of the code):
    using System;
    using System.Web;
    using System.Net;
    using Microsoft.Sharepoint.Client;
    using System.Data.SqlClient;
    using System.Configuration;
    using System.Security.Principal;
    
    namespace ProxyRequests
    {
        public class UniversalHandler : IHttpHandler
        {
          public void ProcessRequest(HttpContext context)
          {
            RequestForwarder forwarder = new RequestForwarder(context);
            if(!String.IsNullOrEmpty(forwarder.Url))
            {
              forwarder.WebRequest.Credentials = System.Net.CredentialCache.DefaultNetworkCredentials;
              forwarder.ProcessRequest();
            }
          }
    
          public bool IsReusable
          {
            get
            {
              return false;
            }
          }
    
        }
    }
    

    When I tested the application on my computer (localhost), it worked without errors. But when I deployed it on IIS, I was getting a 401 error (unauthorized).
    I googled about that problem and found that this is the double hop issue (example https://blogs.msdn.microsoft.com/knowledgecast/2007/01/31/the-double-hop-problem/).

    I decided to solve that problem by using a technical user. That user has permissions for https://test.com (and for the list I want to read). When the real user will request the list from https://my.test.com my application will run with credentials of the thechnical user. I will use the preflight request for check if a real user has access to https://test.com.
    So I restarted the web application pool under the technical user (application is still using Windows authentification). But I am still getting the 401 error. How can I pass the technical user credentials from my asp net app to the sharepoint site https://test.com? System.Net.CredentialCache.DefaultNetworkCredentials is not working. 

    Maybe I am missing some settings in the web.config of my proxy app?

    Please, help me.
    Thursday, November 14, 2019 3:39 PM

All replies

  • Hi dooquive,

    System.Net.CredentialCache.DefaultNetworkCredentials will use the network credential of current user or application, so when testing in localhost, it will be working.

    When deploying to IIS, I suggest to specify use credential like this:

     ClientContext context = new ClientContext(siteUrl);
     context.Credentials = new NetworkCredential("username", "password", "domain");

    And here is the code snippet to valid SharePoint credentail using CSOM for your reference:

    private bool ValidateCredentials(string siteUrl, string username, string password)
    {
        ClientContext context = new ClientContext(siteUrl);
        Web web = context.Web;
    
        context.Credentials = new NetworkCredential(username, password, "domain");
    
        try
        {
            context.Load(web);
            context.ExecuteQuery();
            return true;
        }
        catch(Exception e)
        {
            logger.Error(e, e.Message);
            return false;
        }
    }

    Reference:

    Validate SharePoint credentials using Client Object Model

    Authenticate network credential to access SharePoint site on client object model

    Thanks

    Best Regards


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    SharePoint Server 2019 has been released, you can click here to download it.
    Click here to learn new features. Visit the dedicated forum to share, explore and talk to experts about SharePoint Server 2019.

    Friday, November 15, 2019 3:14 AM