locked
Sharepoint 2010 Web Services and Claims-Based authentication RRS feed

  • Question

  • Has anyone successfully been able to consume the standard, out-of-the-box, SP2010 web services when the application is secured using Claims-Based authentication?

    I've been trying for ages using both asmx and WCF to no avail.  All my code worked beautifully before the authentication type was changed to Claims.

    If anyone has achieved this, and is willing to share their experiences I would be eternally grateful.

    Thanks in advance.

    Wednesday, January 12, 2011 11:06 AM

Answers

  • I have done this with Claims...

    Here is what I did,

    1) Set the Authencation provider to (in my case) Anonmouse Access (you need this as the form you are creating can't be seen by the iuser_computername account.)

    2) change the Machine.config file to point to the new authencation provider (I used the builtin database aspnetdb by running (here is a link showing how to create aspnetdb http://programming.top54u.com/post/How-to-Create-Aspnetdb.aspx) , if you dont want to use aspnetdb here is a link which will show how to use SQL directly http://www.studiocoast.com.au/knowledgebase/6/aspnet/using-sql-server-instead-of-aspnetdbmdf.aspx).  Here is a sample of what to change.

     <connectionStrings>
    <remove name="LocalSqlServer" />
    <add name="LocalSqlServer"
        connectionString= "Server=SQL_SERVER_ADDRESS,1433;Database= DATABASE_NAME;User=SQL_USERNAME;Password=SQL_PASSWORD;"
        providerName="System.Data.SqlClient" />
    </connectionStrings>

    As a side note you could do this in the web.config file as well, but then it can only be used by that web app, machine.config could then connections could be used with any web app.

    3) change your authencation provider to claims and FBA change membershipprovider to "AspNetSqlMembershipProvider" and role provider to "AspNetSqlRoleProvider".

    4) create the users in the database

    5) change the site collection admin to a account in your database.

    Here is a msdn post which has almost the exact same thing.

    http://blogs.msdn.com/b/alimaz/archive/2009/10/30/configuring-fba-in-sharepoint-server-2010-beta-2.aspx

    Good luck,

    Gary


    Gary Newman MCSE, MCT, CCNA MCDBA, MCAD, MCSA MCTS SharePoint 2007 Dev & Admin MCPD SharePoint 2010 Development
    Monday, January 17, 2011 10:44 PM

All replies

  • I have done this with Claims...

    Here is what I did,

    1) Set the Authencation provider to (in my case) Anonmouse Access (you need this as the form you are creating can't be seen by the iuser_computername account.)

    2) change the Machine.config file to point to the new authencation provider (I used the builtin database aspnetdb by running (here is a link showing how to create aspnetdb http://programming.top54u.com/post/How-to-Create-Aspnetdb.aspx) , if you dont want to use aspnetdb here is a link which will show how to use SQL directly http://www.studiocoast.com.au/knowledgebase/6/aspnet/using-sql-server-instead-of-aspnetdbmdf.aspx).  Here is a sample of what to change.

     <connectionStrings>
    <remove name="LocalSqlServer" />
    <add name="LocalSqlServer"
        connectionString= "Server=SQL_SERVER_ADDRESS,1433;Database= DATABASE_NAME;User=SQL_USERNAME;Password=SQL_PASSWORD;"
        providerName="System.Data.SqlClient" />
    </connectionStrings>

    As a side note you could do this in the web.config file as well, but then it can only be used by that web app, machine.config could then connections could be used with any web app.

    3) change your authencation provider to claims and FBA change membershipprovider to "AspNetSqlMembershipProvider" and role provider to "AspNetSqlRoleProvider".

    4) create the users in the database

    5) change the site collection admin to a account in your database.

    Here is a msdn post which has almost the exact same thing.

    http://blogs.msdn.com/b/alimaz/archive/2009/10/30/configuring-fba-in-sharepoint-server-2010-beta-2.aspx

    Good luck,

    Gary


    Gary Newman MCSE, MCT, CCNA MCDBA, MCAD, MCSA MCTS SharePoint 2007 Dev & Admin MCPD SharePoint 2010 Development
    Monday, January 17, 2011 10:44 PM
  • This works:

    public void TestListService()
     {
       this.Authenticate();
       listservice.Lists listsvc = new listservice.Lists();
       listsvc.UseDefaultCredentials = true;
       listsvc.CookieContainer = this.cookieJar;
       listsvc.Url = "http://fastwfe1:44452/_vti_bin/lists.asmx";
    
       XmlNode returnNode = listsvc.GetList("Shared Documents");
    
    
    }
    
    

     

    You can look at the following link. I used the code to authenticate to a fba/claims sharepoint site and use the CookieContainer on the web service's cookiecontainer property and all works.

    http://sudheerkovalam.wordpress.com/2010/11/04/writing-windows-phone-apps-for-sharepoint/


    Blog | SharePoint Field Notes Dev Tool | ClassMaster
    Tuesday, January 18, 2011 3:48 AM