Is it possible to filter (i.e. hide) web parts from the WebPartAdder based on 3rd party user permissions?
We have built in user permissions in our application that defines which web parts a user has permissions to add to a page (permissions obtained using web services). In previous versions of SharePoint, we created a custom web part picker that allowed our users to select and add web parts to a web part page based on those permissions. In SP 2010 we'd like to use the SharePoint ribbon to expose these web parts but we haven't found a way to filter web parts based on these permission sets.
I've found virutally no usable documenation on MSDN describing the WebPartAdder control.
You can specify permissions on webparts in the webpart gallery, but this doesn't remove them from the list of available webparts. The unauthorized user will get an access denied message when attempting to add them to a page.
Related
I'm trying to find the best way to create a Portal type site which is to be used on a development server. The idea is that a client can login at the portal site, which will then display a list of projects that are currently being worked on for them that they can click and be taken to that project without the need to login again.
Base criteria:
The portal site must be the only way to login and access the projects (other clients projects are on the server and i would like to control access to them through the portal)
The client must remain logged in so they can browse multiple projects they own without the need to re-authenticate.
Preferably with as little alteration to project code to accommodate portal as possible.
Is this possible with cakephp and if so what should i be reading up on to achieve this?
Our SharePoint environment uses Claims Based Authentication - using
FBA for external users and AD for internal users.
I have not been able to connect using default credentials or Windows
authentication to a test SharePoint site using the SharePoint Client
Side Object Model (CSOM). I am able to connect using an FBA user but
require connecting using default credentials (assuming this is the
app pool id tied to the SharePoint application) or at least an AD
account.
The message I get when executing ClientContext.ExecuteQuery is - Cannot Contact Site at the Specified URL. I
have researched this extensively and have tried numerous suggestions including the following:
Using an event handler tied to the clientContext.ExecutingWebRequest
which adds to the WebRequest headers. Solution found here
https://social.technet.microsoft.com/Forums/office/en-US/16cd0e26-8f3b-4ef2-bac4-c2c59849ab96/authentication-in-clientcontext-in-sharepoint-2010?forum=sharepointdevelopmentprevious.
Using System.Net.CredentialCache.DefaultCredentials
Using System.Net.NetworkCredential passing in AD account
Thanks for any ideas or suggestions.
Tom
I should have mentioned that we are using SharePoint 2010 and that I'm trying to retrieve and update user profile properties. As I was beginning to code a solution to do this (using my FBA connected ClientContext), I read that in SharePoint 2010, you can only update user properties using the UserGroup web service. I get an Access Denied when trying to connect via the web service. I believe the ClientContext sits on top of the web services so the scenario/issue is the same. Again, any thoughts or suggestions are greatly appreciated.
Well, after much research, it seems that there is a solution. Adding a header to the request programmatically is the first step. The only issue is that in addition to adding the header, you must add an additional Windows authentication zone to SharePoint. I do not want to add another zone to our production environment.
Since the program I'm putting together accesses SharePoint and non-SharePoint databases, I would like to run it on a non-SharePoint server so I will most likely use an FBA account that is specifically created for this purpose.
In case anyone is interested, here is another link explaining how to add the header to the web request. You will receive an error - Object Moved without adding an additional zone. Here is a link which describes adding a zone.
I have a Sharepoint 2010 application with mysites, therefore I use User profile sync service.
I changed the authentication method from windows to claims based ( choosing forms), and made necessary updates on web.config and run the commands on powershall, so I am using LDAP.
My application works with forms based authentication now, no issues, but I can not authanticate to mysites as my user name format has changed from domain/username to
One option is to somehow map new ldap formatted user and windows ad users (do not know how??), or I need to create a new connection on the user profile sync service to connect to ad with forms authantication and import users with new format too (failed to do so, any idea what needs to be configured on domain controllers to do that? ). Although, this will cause that users would get 2 different mysites if they login with windows or forms based auth.
Any idea is appreciated.
Thanks.
You need to use Move-SPUser command to make that work. For more info check the MSDN Documentation.
I need to implement a web application hosted on sharepoint. This is a client requirement. So I cannot create a standard asp.net web application. Another client requirement is that the authentication is not an active directory one but they want to use an existing database of users.
I am a bit concerned how this would work on sharepoint because users would need to log-in onto sharepoint. Would it make sense that users log into sharepoint as anonymous and then we use our custom controls for log-in. How does sharepoint handle anonymous users?
Any assistance would be greatly appreciated
When building apps over SharePoint, you use the SharePoint authentication mechanism, whatever it is.
Does the SharePoint farm is already in place ? Or do you have to also build the farm ?
In the former case, probably the authentication mechanism is already in place and you just have to build a "standard" sharepoint application.
In the later case, you will have to carefully plan your authentication. SharePoint can use a combination of AD authentication, Forms authentication (over a DB in your case if you want) or a Claims authentication pattern. My guess is that a Forms authentication with a custom Membership/role provider is the way to go.
In my external application i need to find all sites with write permission for logged in user.
I am using WSS.
Is there any web service available for this task?
Or can i send a Query and get the desired results?
You need to use the client object model (see this msdn article http://msdn.microsoft.com/en-us/library/ee535231.aspx) to work with SharePoint for outside the system.
use SharePoint webservices. They have a special asmx for permissions:
/_vti_bin/permissions.asmx
This Web service is used to obtain the permissions assigned to a list or site, add new permissions, and update or removing existing permissions.
Here's a blog post about using the permissions webservice:
example