private string[] GetCredentialsFromSSS() { string[] Credentials = new String[2]; //Get the provider info string ssoProvider = this.LobSystemInstance.GetProperties()["SsoProviderImplementation"] as string; if (ssoProvider == null) { throw new LobBusinessErrorException("The SSO provider information is missing to retrieve the credentials"); } Type providerType = Type.GetType(ssoProvider); ISecureStoreProvider provider = (ISecureStoreProvider)Activator.CreateInstance(providerType); //Get the credentials string appTargetName = this.LobSystemInstance.GetProperties()["SecondarySsoApplicationId"] as string; SecureStoreCredentialCollection credentials = provider.GetCredentials(appTargetName); foreach (ISecureStoreCredential cred in credentials) { if (cred.CredentialType == SecureStoreCredentialType.UserName) { Credentials[0] = GetString(cred.Credential); } else if (cred.CredentialType == SecureStoreCredentialType.Password) { Credentials[1] = GetString(cred.Credential); } } return(Credentials); }
/// <summary> /// If not using windows authentication, might want to try running under elevated permissions and giving the farm account write access to the SSS. /// </summary> /// <param name="providerTypeName"></param> /// <param name="applicationId"></param> /// <param name="userName"></param> /// <param name="password"></param> public static void WriteCredentialsToSecureStore(string providerTypeName, string applicationId, string userName, string password) { SPServiceContext context = SPServiceContext.GetContext(SPServiceApplicationProxyGroup.Default, SPSiteSubscriptionIdentifier.Default); SecureStoreServiceProxy ssp = new SecureStoreServiceProxy(); ISecureStore iss = ssp.GetSecureStore(context); IList <TargetApplicationField> applicationFields = iss.GetUserApplicationFields(applicationId); IList <ISecureStoreCredential> creds = new List <ISecureStoreCredential>(applicationFields.Count); foreach (TargetApplicationField taf in applicationFields) { switch (taf.CredentialType) { case SecureStoreCredentialType.UserName: case SecureStoreCredentialType.WindowsUserName: creds.Add(new SecureStoreCredential(MakeSecureString(userName), taf.CredentialType)); break; case SecureStoreCredentialType.Password: case SecureStoreCredentialType.WindowsPassword: creds.Add(new SecureStoreCredential(MakeSecureString(password), taf.CredentialType)); break; } } using (SecureStoreCredentialCollection credentials = new SecureStoreCredentialCollection(creds)) { iss.SetCredentials(applicationId, credentials); } }
public static SecureStoreCredentialCollection GetCredentials(string targetApplicationId) { SecureStoreCredentialCollection credentials = null; var iSecureStore = GetSecureStore(); credentials = iSecureStore.GetCredentials(targetApplicationId); return(credentials); }
public static List <string> VerifyStoredCredentials(SecureStoreCredentialCollection credentials) { var vcreds = new List <string>(); foreach (SecureStoreCredential ssc in credentials) { vcreds.Add(ReadSecureString(ssc.Credential)); } return(vcreds); }
/// <summary> /// Get credentials from Secure Store Service /// </summary> /// <param name="targetAppId">Target Application ID for the Secure Store</param> /// <param name="site"></param> /// <returns>Object of NetworkCredential class. This class provides credentials for password-based authentication schemes such as basic, digest, NTLM, and Kerberos authentication.</returns> public static SecureStoreCredentials GetCredentials(string targetAppId, SPSite site) { // Get the default Secure Store Service provider. ISecureStoreProvider provider = SecureStoreProviderFactory.Create(); if (provider == null) { throw new Exception("Unable to get an ISecureStoreProvider."); } ISecureStoreServiceContext providerContext = provider as ISecureStoreServiceContext; if (providerContext != null) { providerContext.Context = SPServiceContext.GetContext(site); } var credentials = new SecureStoreCredentials(); using (SecureStoreCredentialCollection credentialCollection = provider.GetCredentials(targetAppId)) { foreach (ISecureStoreCredential credential in credentialCollection) { switch (credential.CredentialType) { case SecureStoreCredentialType.UserName: credentials.UserName = GetStringFromSecureString(credential.Credential); break; case SecureStoreCredentialType.Password: credentials.Password = credential.Credential; break; case SecureStoreCredentialType.WindowsUserName: credentials.WindowsUserName = GetStringFromSecureString(credential.Credential); break; case SecureStoreCredentialType.WindowsPassword: credentials.WindowsPassword = credential.Credential; break; case SecureStoreCredentialType.Certificate: credentials.Certificate = GetStringFromSecureString(credential.Credential); break; case SecureStoreCredentialType.CertificatePassword: credentials.CertificatePassword = credential.Credential; break; } } } return(credentials); }
public static Credentials GetExtentrixWindowsCredentials(Page page, LogLocationEnum LogLocation, SPUser user) { WindowsCredentials extentrixCredentials = null; SecureStoreCredentialCollection ssCreds = null; SPServiceContext context = SPServiceContext.GetContext(SPServiceApplicationProxyGroup.Default, SPSiteSubscriptionIdentifier.Default); SecureStoreServiceProxy ssp = new SecureStoreServiceProxy(); ISecureStore iss = ssp.GetSecureStore(context); try { ssCreds = iss.GetCredentials(Constants.TargetAppID); if (ssCreds != null && ssCreds.Count() > 0) { extentrixCredentials = new WindowsCredentials(); IList <TargetApplicationField> applicationFields = GetTargetApplicationFields(Constants.TargetAppID); foreach (TargetApplicationField taf in applicationFields) { switch (taf.Name) { case "Windows User Name": extentrixCredentials.UserName = ReadSecureString(ssCreds[applicationFields.IndexOf(taf)].Credential); break; case "Windows Password": extentrixCredentials.Password = ReadSecureString(ssCreds[applicationFields.IndexOf(taf)].Credential); break; case "Domain": extentrixCredentials.Domain = ReadSecureString(ssCreds[applicationFields.IndexOf(taf)].Credential); break; } } } } catch (SecureStoreServiceCredentialsNotFoundException ex) { Logger.Default.Error(LogLocation, ex.Message, ex); } catch (Exception ex) { Logger.Default.Info(LogLocation, "SecureStore: Exception getting Windows Credentials"); Logger.Default.Error(LogLocation, ex.Message, ex); } return(extentrixCredentials); }
public static void SetExtentrixWindowsCredentials(LogLocationEnum LogLocation, SPUser user, WindowsCredentials extentrixCredentials) { try { IList <TargetApplicationField> applicationFields = GetTargetApplicationFields(Constants.TargetAppID); IList <ISecureStoreCredential> creds = new List <ISecureStoreCredential>(applicationFields.Count); using (SecureStoreCredentialCollection credentials = new SecureStoreCredentialCollection(creds)) { foreach (TargetApplicationField taf in applicationFields) { switch (taf.Name) { case "Windows User Name": creds.Add(new SecureStoreCredential(MakeSecureString(extentrixCredentials.UserName), SecureStoreCredentialType.WindowsUserName)); break; case "Windows Password": creds.Add(new SecureStoreCredential(MakeSecureString(extentrixCredentials.Password), SecureStoreCredentialType.WindowsPassword)); break; case "Domain": creds.Add(new SecureStoreCredential(MakeSecureString(extentrixCredentials.Domain) , SecureStoreCredentialType.Generic)); break; } } SPSecurity.RunWithElevatedPrivileges(delegate() { using (SPSite site = new SPSite(SPContext.Current.Site.ID)) { using (SPWeb web = site.OpenWeb()) { SPServiceContext context = SPServiceContext.GetContext(SPServiceApplicationProxyGroup.Default, SPSiteSubscriptionIdentifier.Default); SecureStoreServiceProxy ssp = new SecureStoreServiceProxy(); ISecureStore iss = ssp.GetSecureStore(context); iss.SetUserCredentials(Constants.TargetAppID, GetSSClaim(user), credentials); } } }); } } catch (Exception ex) { Logger.Default.Info(LogLocation, "SecureStore: Exception setting windows credentials"); Logger.Default.Error(LogLocation, ex.Message, ex); } }
public static void SetCredentials(string userName, string userPassword, string targetApplicationId) { IList <ISecureStoreCredential> creds = new List <ISecureStoreCredential>(); creds.Add(new SecureStoreCredential(MakeSecureString(userName), SecureStoreCredentialType.UserName)); creds.Add(new SecureStoreCredential(MakeSecureString(userPassword), SecureStoreCredentialType.Password)); using (var credentials = new SecureStoreCredentialCollection(creds)) { var iSecureStore = GetSecureStore(); iSecureStore.SetUserCredentials(targetApplicationId, GetSecureStoreClaim(SPContext.Current.Web.CurrentUser.UserId.NameId), credentials); //if the target application is using group type credentials then call this.//iss.SetGroupCredentials(targetApplicationID, credentials); } }
internal static NetworkCredential GetSecureStoreCredentials(SPSite site, string secureStoreAppId) { string _userName = null; string _password = null; NetworkCredential credentials = null; try { SPSecurity.RunWithElevatedPrivileges(() => { SecureStoreProvider ssp = new SecureStoreProvider(); SPServiceContext context = SPServiceContext.GetContext(site); ssp.Context = context; SecureStoreCredentialCollection cc = ssp.GetCredentials(secureStoreAppId); foreach (SecureStoreCredential c in cc) { if (c.CredentialType == SecureStoreCredentialType.UserName) { _userName = c.Credential.ToClrString(); } if (c.CredentialType == SecureStoreCredentialType.Password) { _password = c.Credential.ToClrString(); } } credentials = new NetworkCredential(_userName, _password); }); } catch (Exception ex) { throw new Exception("Unable to get credentials for application " + secureStoreAppId); } return(credentials); }
private static void PopulateCredentialsMap(SecureStoreProvider secureStoreProvider, SecureStoreCredentialCollection credentials, string applicationId, Dictionary <string, string> credentialMap) { var fields = secureStoreProvider.GetTargetApplicationFields(applicationId); for (var i = 0; i < fields.Count; i++) { var field = fields[i]; var credential = credentials[i]; var decryptedCredential = ExtractString(credential.Credential); credentialMap.Add(field.Name, decryptedCredential); } }