Exercise 6-1: Using Single Sign-On

Setting References

Before you can get started writing code, you must set a reference that will allow you to use SSO and access SQL databases. Because you will be using the Credentials class and a DataSet , you must set a reference to the Microsoft.SharePoint.Portal. SingleSignon.dll assembly and the System.Data.dll assembly.

1. In Visual Studio, select Project Add Reference from the menu.

2. In the Add Reference dialog, click Microsoft.SharePoint.Portal.SingleSignon.dll and System.Data.dll .

3. Click Select and then OK to add the reference.

4. Add the following lines to MSSSOAudit.cs to reference the SSO assembly in your code along with the references necessary for database access.

    using Microsoft.SharePoint.Portal.SingleSignon; using System.Data; using System.Data.SqlClient; 

Defining the Properties

The design of your web part is going to use a DataGrid control to display the SSO_Audit table from the SSO database. In this web part, you will set up properties for the user name and password, but you will not allow them to be Browsable in the portal. Listing 6-4 shows the complete web part as it should appear after the properties are defined.

Listing 6-4: Defining the Properties

 using System; using System.ComponentModel; using System.Web.UI; using System.Web.UI.WebControls; using System.Xml.Serialization; using Microsoft.SharePoint; using Microsoft.SharePoint.Utilities; using Microsoft.SharePoint.WebPartPages; using Microsoft.SharePoint.Portal.SingleSignon; using System.Data; using System.Data.SqlClient; namespace MSSSOAudit {     [DefaultProperty(""),         ToolboxData("<{0}:Log runat=server></{0}:Log>"),         XmlRoot(Namespace="MSSSOAudit")]     public class Log : Microsoft.SharePoint.WebPartPages.WebPart     {C          //PROPERTIES          private string m_userName="";          private string m_password="";          [Browsable(false),Category("Miscellaneous"),          DefaultValue(""),          WebPartStorage(Storage.Shared),          FriendlyName("UserName"),          Description("The account name to access the SSO database")]          public string userName          {              get              {                  return m_userName;              }              set              {                  m_userName = value;              }          }          [Browsable(false),Category("Miscellaneous"),          DefaultValue(""),          WebPartStorage(Storage.Shared),          FriendlyName("Password"),Description("The password to access the SSO database")]          public string password          {              get              {                   return m_password;              }              set              {                   m_password = value;              }          }     } } 

 

Defining the Child Controls

Your web part will show the audit table in a grid; therefore, you must override the CreateChildControls method to add the new DataGrid control. In this method, you programmatically create a new instance of the grid, adjust its properties, and add it to the Controls collection for the web part. Listing 6-5 shows how to create the child controls for the web part.

Listing 6-5: Creating Child Controls

 //CHILD CONTROLS protected DataGrid grdAudit; protected Label lblMessage; protected override void CreateChildControls() {     //DataGrid     grdAudit = new DataGrid();     grdAudit.Width = Unit.Percentage(100);     grdAudit.HeaderStyle.Font.Name = "arial";     grdAudit.HeaderStyle.ForeColor = System.Drawing.Color.Wheat;     grdAudit.HeaderStyle.BackColor = System.Drawing.Color.DarkBlue;     grdAudit.AlternatingItemStyle.BackColor = System.Drawing.Color.LightCyan;     Controls.Add(grdAudit);     //Label     lblMessage=new Label();     lblMessage.Width = Unit.Percentage(100);     lblMessage.Font.Name = "arial";     lblMessage.Text = "";     Controls.Add(lblMessage); } 

 

Rendering the Web Part

Because your web part is displaying just the rows from the audit table, you can place your single sign-on code directly in the RenderWebPart method without concern for the state of any of the child controls. If you were relying on user interaction, you would have to consider the web part life cycle and event firing order to determine the best place to retrieve credentials. Listing 6-6 shows how to render the web part output.

Listing 6-6: Rendering the Web Part

 //RENDERING protected override void RenderWebPart(HtmlTextWriter output) {     string[] strCredentials=null;     string strConnection=null;     SqlDataAdapter objAdapter;     SqlCommand objCommand;     SqlConnection objConnection;     DataSet objDataSet;     //Try to get credentials     try     {     // Call MSSSO     Credentials.GetCredentials(Convert.ToUInt32(1),         "MSSSOAudit",ref strCredentials);     //save credentials     userName=strCredentials[0];     password=strCredentials[1];     //Create connection string     strConnection += "Password=" + password;     strConnection += ";Persist Security Info=True;";     strConnection += "User ID=" + userName + ";Initial Catalog=SSO;";     strConnection += "Data Source=(local)";     }     catch (SingleSignonException x)     {     if (x.LastErrorCode==SSOReturnCodes.SSO_E_CREDS_NOT_FOUND)         {lblMessage.Text="Credentials not found!";}     else         {lblMessage.Text=x.Message;}     }     //Try to show the grid     try     {         //query the SSO database         objAdapter=new SqlDataAdapter();         objDataSet=new DataSet("root");         objConnection=new SqlConnection(strConnection);         objCommand=new SqlCommand("Select * from SSO_Audit",objConnection);         objAdapter.SelectCommand=objCommand;         objAdapter.Fill(objDataSet,"audit");         //bind to the grid         grdAudit.DataSource=objDataSet;         grdAudit.DataMember="audit";         grdAudit.DataBind();     }     catch (Exception x)     {         lblMessage.Text+=x.Message;     }     finally     {         //draw grid         grdAudit.RenderControl(output);         output.Write("<BR>");         lblMessage.RenderControl(output);     } } 

 

Creating a Strong Name

At this point, it should be clear that accessing the Strong Name tool is a common operation when creating web parts. Therefore, you may want to make it more easily available in Visual Studio. Follow these steps to add the Strong Name tool to the Visual Studio environment:

1. In Visual Studio select Tools External Tools from the menu.

2. In the External Tools dialog, click Add.

3. Change the Title for the new tool to Strong Name Tool .

4. Near the Command box, click the ellipsis ( ) button.

5. Navigate to \Program Files\Microsoft Visual Studio .NET 2003\SDK\v1.1\bin and select sn.exe .

6. In the Open file dialog, click Open.

7. Check the "Use output window" box.

8. Check the "Prompt for arguments" box. Figure 6-4 shows the completed tool definition.

   
   Figure 6-4: Adding the Strong Name tool to Visual Studio

9. After you complete the definition, click OK.

10. To use the Strong Name tool, select Tools Strong Name Tool from the Visual Studio menu.

11. In the Strong Name Tool window, type -k c:\keypair.snk into the Arguments box.

    Note	This operation overwrites any previously defined key pair at the same location. To avoid this problem, you can either continue with the existing key pair, or define a new key in another location.

12. Click OK.

13. In Visual Studio .NET, open the AssemblyInfo.cs file.

14. In AssemblyInfo.cs modify the AssemblyKeyFile attribute as follows :

     [assembly: AssemblyKeyFile(c:\keypair.snk)] 

15. Save and close AssemblyInfo.cs .

Compiling the Web Part

Once the strong name is defined and referenced in the key file, you are ready to compile the code. Because web parts must run in the \bin directory underneath the root of the web site, it is easier if you simply compile your assembly into the required directory. This will make it easier to get the web part working.

1. Right-click the MSSSOAudit project in Visual Studio .NET and select Properties from the pop-up menu.

2. In the Property Pages dialog, select Configuration Properties Build.

3. Set the Output Path property to \inetpub\ wwwroot \bin .

4. Click OK.

5. Compile the web part by selecting Build Build MSSSOAudit.

Modifying the web.config File

For the web part to successfully access the SQL database, you must make an entry in the web.config file under the <SafeControls> section. You will also have to change the trust level for the site because web parts cannot access databases under the default trust level of WSS_Minimal.

1. In Visual Studio, select Tools Strong Name Tool from the menu.

2. In the Strong Name Tool window, type the following into the Arguments box:

    -T c:\inetpub\wwwroot\bin\MSSSOAudit.dll 

3. Click the OK button to display the PublicKeyToken .

4. Open the web.config file in Visual Studio.

5. Locate the <SafeControls> section of the file. In this section, you must add a new <SafeControl> entry for your web part. The following example shows the form, but you must substitute your particular PublicKeyToken :

    <SafeControl Assembly="MSSSOAudit, Version=1.0.0.0, Culture=neutral, PublicKeyToken=ba635e9bfab94eac" Namespace="MSSSOAudit" TypeName="*" /> 

6. Locate the <System.web> section of the file. In this section, change the <trust> element so that the security policy is set to WSS_Medium as shown here:

    <trust level="WSS_Medium" originUrl="" /> 

7. Save the file and close it.

Using the Web Part

Once the web part is properly compiled, placed in the \bin directory, marked as safe, and given permission to access SSO, it can be used in a portal page. To use the web part, you will import it into a gallery. Once it's imported, you can drag it onto a page and set its properties.

1. Log in to SPS as a member of the MSSSOAdmins security group.

2. Navigate to any site that you have previously created.

3. On the site home page, select Modify Shared Page Add Web Parts Import.

4. In the Import pane, click Browse.

5. Locate the file MSSSOAudit.dwp and click Open.

6. In the Import pane, click Upload.

7. Drag the MSSSOAudit web part from the pane to any zone on the page. The audit records should immediately appear in the grid.