7

We are creating a mobile web application that will run under ASP.Net and will connect to an internal SharePoint Server. We need to remotely authenticate users from this web application to see whether they have access to SharePoint Server data. The web application won't be connected to active directory. Do we have to use Authenticate.asmx in SharePoint? And one more detail, SharePoint Server can be running with Windows authentication or Forms Based authentication.

If someone sheds some light on this I will be grateful.

Toni Frankola
  • 4,319
  • 28
  • 38
Élodie Petit
  • 1,267
  • 3
  • 22
  • 35

1 Answers1

7

Authentication.asmx is the correct way of logging into SharePoint directly as you said. However occasionally you'll need to create your own Authentication ticket if you're working outside of SharePoint and need to pass something in via Kerberos.

This here is a good reference on the authentication.asmx webservice as it concerns .NET

http://msdn.microsoft.com/en-us/library/websvcauthentication.aspx

Here is a reference for ASP.NET Windows Authentication if you'll need to pass a ticket in:

http://msdn.microsoft.com/en-us/library/ms998351.aspx

How to detect if you don't know what method to use? Authentication.asmx has a method Authentication.Mode() you should look at that returns what SharePoint sees so you can login accordingly. I imagine you could try to connect via .NET and if you get prompted with a 401, it's time to supply windows authentication.

(Footnote: This applies to SharePoint 2010, YMMV with other versions)

tekiegreg
  • 1,671
  • 4
  • 27
  • 39
  • tekiegreg thank you. So after authenticating the users, when I have to run code on behalf of the user should I use SPUserToken? – Élodie Petit May 14 '11 at 18:16
  • Quite Simply yes, SPUserToken represents both the authentication type and user authenticated. Or see here: http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spusertoken.aspx – tekiegreg May 14 '11 at 21:05
  • And what if the site is not configured for forms based auth? The docs says that Authentication.asmx is for FBA? – Élodie Petit May 14 '11 at 21:07
  • Authentication.Mode() Should return your authentication type no matter what your actual Authentication type is. After that, Authentication.asmx is useless if using Windows Authentication. But again if you get prompted for a 401 when going anywhere, you know you need to supply authentication via windows. – tekiegreg May 14 '11 at 21:09
  • So if authentication mode is Forms Based, then I will go ahead and authenticate with Authentication.asmx. If the mode is Windows authentication, then I should authenticate by impersonating the user? – Élodie Petit May 14 '11 at 21:15
  • Exactly. Then you can get into the fun of doing Kerberos delegations and all that other fun stuff. – tekiegreg May 14 '11 at 21:18