Thursday, July 31, 2014

Accessing the SSL Certificate with thumbprint rather than SignInCertificate Name

Use the below code to access the ssl certificate from its certificate store in Custom STS

public static X509Certificate2 GetCertificateByThumbprint(string thumbprint)
            var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
            X509Certificate2Collection certificates = null;

                certificates = store.Certificates;

                var certs = certificates.Find(X509FindType.FindByThumbprint, thumbprint, false).OfType<X509Certificate2>().ToList();

                if (certs.Count == 0)
                    throw new ApplicationException(string.Format(Constants.ExceptionMessages.msgNocertificate, thumbprint));
                else if (certs.Count > 1)
                    throw new ApplicationException(string.Format(Constants.ExceptionMessages.msgMultipleCertificates, thumbprint));

                return new X509Certificate2(certs[0]);
                if (certificates != null)
                    for (var i = 0; i < certificates.Count; i++)
                        var cert = certificates[i];


Note:- never copy and paste the thumbprint directly. Type the value in the web.config. While typing remove the white spaces.

Gigya Authentication process

Gigya is a third part service provider which can let you manage the authentication providers like google, facebook, yahoo, etc..

To have it in your sharepoint follow below approach to authenticate the user using gigya.

Configuration need to be done in below steps
  1. Create apps in provider sites.(Refer Gigya site)
  2.  Crete an app in Gigya site and use the app key, secret key of the provider site to configure Gigya App. (Refer Gigya site)
  3. Configure Social Network Application Keys in Gigya app. (Refer Gigya site)
  4. Create STS to authenticate to SharePoint site by getting the user information from Gigya app.
  5. Export the SSL certificate with/without private key
  6. Registering the SSL certificate using PowerShell commands.

Wednesday, July 9, 2014

At times you may get a requirement to create a page which can accessible by anonymous users also. for example to provision the user to change their password or to log-in to the site. In that case you may have to go for creating a page where user can perform this kind of actions. To create such page you cannot use the default LayoutsPageBase base class for your page because it would trigger SharePoint to prompt anonymous users to log on.
Instead, you need to use another base class for your anonymous application page calledUnsecuredLayoutsPageBase. You can find its MSDN reference at:

Your page class would look like this:
public partial class ApplicationPage1 : UnsecuredLayoutsPageBase
    protected void Page_Load(object sender, EventArgs e)

Remote Interfaces permissions - item not deleting

SharePoint Access Denied DialogSharepoint provides two ways a user can delete an item from any list:
  1. From “Delete Item” menu option available in ribbon
  2. From “Delete Item” menu option available in the item’s context menu
Now you may think that both these options are just alias of one another, i.e. do the same thing the same way which is to delete the item, and must be implemented the same way.
But that is not the case. Both are implemented differently, i.e. both these options use different route of accessing the delete functionality on server. The context menu option uses remoting where as the ribbon option doesnot. So due to this, though you may have given “Delete Items” permission on the list, you need to provide one more permission, “Use Remote Interfaces”, to allow successful deletion from delete item option available from an item’s context menu. Not providing this second permission would lead to a condition where in the user would be able to delete items from “Delete Items” link available in Ribbon, but trying to delete an item from that item’s context menu would lead to an “Access Denied” error message.
Thus, when ever you find yourself into the situation where in the delete from ribbon is working but the same from context menu is giving error, go to the permission level that apply to the list or that item, provide “Use Remote Interfaces” permissions, MISSION ACCOMPLISHED.