Rob Garrett - Blogs
Welcome to Rob Garrett - Blogs Sign in | Join | Help
in Search
Google
Home Blogs Gadgets Advertisements

Software/Technology Discussion

Software and Technology Tid-bits

SharePoint 2007 Web Services and Forms Authentication

It is probably no secret to most SharePoint developers that Microsoft provides web services to access SharePoint services. Unlike the traditional, object model approach, these web services provide a level of flexibility - client code does not have to execute on the same server as the queried SharePoint site. Client code can query SharePoint services from anywhere remote as long as the /_vti_bin/ relative URL of the SharePoint site is accessible.

Accessing a SharePoint web service usually involves an authentication step because some of the queried objects (lists) are not accessible to anonymous users, regardless of the access permissions of the web service.

When using the default NTLM/Windows authentication scheme, assigning a new System.Net.NetworkCredential object to the Credentials property of the service proxy object is enough to get you on the road. Thus so (C#):

proxyObj.Credentials = new NetworkCredential(“username”, “password”, “domain”);

However, if your site used forms-based authentication you need to do a little more work: 

   1: // Authenticate
   2: Authentication auth = new Authentication();
   3: auth.CookieContainer = new CookieContainer();
   4: LoginResult result = auth.Login("username", "password");
   5: if (result.ErrorCode == LoginErrorCode.NoError)
   6: {
   7:     // No error, so get the cookies.
   8:     CookieCollection cookies = auth.CookieContainer.GetCookies(new Uri(auth.Url));
   9:     Cookie authCookie = cookies[result.CookieName];
  10:     Lists lists = new Lists();
  11:     lists.CookieContainer = new CookieContainer();
  12:     lists.CookieContainer.Add(authCookie);
  13:     lists.GetListCollection();
  14: }

In the example code above, Authentication is the proxy object to the /_vti_bin/Authentication.asmx service and Lists is the proxy object to

/_vti_bin/Lists.asmx service.

The authentication service passes the supplied credentials to SharePoint, which in turn uses the current membership provider tied to the forms-authentication scheme. Upon successful authentication, the code above extracts the returned cookie (containing the security ticket) and passes it to the lists web service as part of the subsequent call.

Share this post: Email it! | bookmark it! | digg it! | reddit!
Published Tuesday, September 18, 2007 5:12 PM by Rob Garrett

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

 

Links (9/18/2007) « Steve Pietrek’s SharePoint Stuff said:

PingBack from http://stevepietrekweblog.wordpress.com/2007/09/18/links-9182007/

September 18, 2007 9:03 PM
 

Chris Poteet said:

Thanks for this. My SP provider recently switched to forms-based authentication, and it bugs me to no end with the lack of office integration. Namely, the cookie keeps expiring and I have to keep logging in. There are other problems with checking in, etc. Is the only way to truly make this persistent is to have the cookie expire at a much later date? When it used active directory I didn't have these problems.
September 18, 2007 11:40 PM
 

Mahavir said:

i am getting error: Exception of type 'Microsoft.SharePoint.SoapServer.SoapServerException' was thrown. while trying AddUserToGroup() method of UserGroups service for a forms authentication based sharepoint site. I followed the procedure explained here. auth.Login() method is working fine with condition if (result.ErrorCode == LoginErrorCode.NoError) satisfied. but when it comes to AddUserToGroup() its giving me above error. I am trying all hardcoded parameter for test. all are very fine. but could not escape from this error. Can you please guide me for this. Thanks, Mahavir
October 30, 2007 5:15 AM
 

satish said:

Thanks Rob, very simple, quite useful though.
November 8, 2007 2:35 AM
 

Moim Hossain said:

This is what I was looking for. thanks a lot.
February 7, 2008 6:50 AM
 

Jun said:

it works, thanks a lot
March 6, 2008 9:45 PM
 

Vijay said:

GREATE CODE ...... Code Is Excellent one ...thx Lot
June 9, 2008 7:53 AM

Leave a Comment

(required) 
(optional)
(required) 
Submit

Blurb


Head Shot
Rob Garrett is a British Expat living in Maryland USA. Rob is a trained software engineer and experienced in Windows .NET development.

Rob enjoys listening to Rock music, posting to blogs, driving in the country with the sunroof open, beer (not in conjunction with country driving) and spending time with his family.

This Blog

Recent Posts

Syndication

Archives
Rob Garrett © 2007
Powered by Community Server, by Telligent Systems