1

I have an Azure hosted .Net Web Application. I am trying to create the ClientContext to an On-Premise SharePoint 2013 site from my .Net Web Application using windows authentication. But it's failing. What is the best way to do it? Do I need to use TokenHelper class or ACS?

Adi S
  • 73
  • 9

1 Answers1

2

TokenHelper (with ACS) probably won't help here as it requires the target environment to be connected to the ticketing service (and also it only allows to identity delegation).
The first point/most important question is: how is your on-prem SharePoint exposed to Internet?
And also: what's the Windows protocole used (NTLM or Kerberos)?
Direct Windows authentication with the ClientContext class could only be done with NTLM (Kerberos requires the client -your Web application- to be part of the AD domain).
With all other scenarios I could think of, another approach will be needed.

Evariste
  • 9,751
  • 2
  • 20
  • 30
  • Thanks for your prompt response, my on-prem SharePoint is not exposed to internet. Its an intranet site and I'm running the .net web application from the same network domain. Also, it is using NTLM. and What other approaches you were talking about? Please elaborate. Thanks. – Adi S Jul 17 '17 at 17:29
  • If you your Web application in on the same network as your SharePoint farm, you can simply call using (ClientContext context = new ClientContext("http://yourserver/")) { context.Credentials = new NetworkCredential("user", "password", "domain"); . . .. You say this "is failing"? Please elaborate. – Evariste Jul 18 '17 at 05:14
  • I am using the same code as you suggested above and its failing. My .net application is hosted in azure and I am browsing it in the same network as my SharePoint farm and it is unable to create clientcontext. – Adi S Jul 18 '17 at 14:40
  • Please, elaborate on "its failing". Also I don't understand how you're "running the .net web application from the same network domain" (your words) while it's hosted in Azure (your words again) and your SP server is on-prem! That does not make sense to me. If it's in Azure, and SP is on-prem without being exposed, how do you hope your ASP.NET code can reach it?! – Evariste Jul 18 '17 at 18:53
  • I get it. my .net code can't reach on-prem. so if I create a windows application and install it on on-prem network, it should work. – Adi S Jul 19 '17 at 19:50
  • That's correct ! – Evariste Jul 20 '17 at 05:23
  • I've found an internet exposed on-prem site which is adfs authenticated. It has an adfs login page. How do we create client context with that? Above code doesn't seems to work for adfs. – Adi S Jul 24 '17 at 12:43
  • Very complicated question actually. Is your ADFS bound to Azure Directory, or standalone? I had a question like that here: https://sharepoint.stackexchange.com/q/204681/35604... there's no actual answer for it, unless moving everything to client-side, and even then... – Evariste Jul 24 '17 at 16:13
  • adfs is standalone .. not bound to azure. – Adi S Jul 24 '17 at 19:46