I have a public SaaS application. Users can signup and create and manipulate data records, etc. I also have a sharepoint server. I have an 'admin' user on the Sharepoint site. My SaaS app can log onto the Sharepoint server using the admin login and upload download files. That is all fairly straight forward.
What I want to be able to do is (1) programmatically create individual logins on Sharepoint for my SaaS users, (2) be able to log them in a serve them a links to sharepoints document so that they can 'live edit' them in Word. I want my app to be able to control which users can access and edit which documents.
The users are not all part of a single organisation, so I don't think I can use Active Directory. But I don't really know anything about Activie Directory, so that may not be true.
Does that make any sense? Is that even possible? I've done a lot of searching online but can't find anything that seems to achieve that. My alternative is to implement some sort of WebDav server, but having looked at that as an option, I think it makes more sense to try and integrate with the existing Sharepoint server.
Any help or pointers would be very gratefully received. Thanks.
Are you open to user Office 365. If yes, then think you should explore Microsoft Graph API. It allows you n number of options to connect the Microsoft 365 products including SharePoint Online and Identity/user management.
Related
I have a logged in user to the azure's active directory, is that possible to use the token i have to connect to SharePoint to upload some files instead of using the username and password?
This is for SharePoint 365
I believe you can do this using the Microsoft Graph API as you'd be using the users access token. I don't really recommend it as there's usually other ways to do what you need.
Side note: If you mean spoof the user in question then no, I don't believe so. I think you can generate a special type of password to access the SharePoint API using Azure but I don't know much about it personally.
Extra side note: It'd probably be easier just to upload the files to SharePoint and adjust the Created/Modified columns to the user.
In Firebase console in Authentication tab we have tab "Users" where our users were previously registered. It is possible somehow to pull these users via API? I couldn't find a way to do it
An API to read all the users from Firebase Authentication is available in the Firebase Admin SDK. There is no C# version of the Admin SDK at the moment through.
The best I can think of is to put the required functionality into Cloud Functions, and then call those from C#. Just be certain to secure the end point in that case, since an ability to list all users of an app is going to be very appealing to bad actors.
I created a website using HTML/CSS to display a SQL reports index. This has worked fine up till now because users needed access to a security group and something inside SQL to view the report and the data fields. We are now getting to the stage where there are too many reports and some have sensitive names so we need to limit access based on Active Directory security groups. Thing is that I have no clue at all how to manage access via AD Groups. I have managed to get basic AD authentication working for another project that I deployed for the company, but that didn't require access beyond Domain Users.
Could anyone please point me in the right direction to authenticate via AD, check a user for groups and then display info based on their access. The last bit should be really easy, the hardest part will be checking group info and then filling a variable that I can then use to create a loop that will display all the reports the user has access to.
I have found a partial answer. The below link is a guide on how to pull all AD groups a user belongs to and then checking to see if they are a member of a certain group. This is largely what I was looking for and if I can meld it into what I want, I think I can use this to do what I need.
http://www.c-sharpcorner.com/UploadFile/scottlysle/test-for-user-group-membership-in-Asp-Net-C-Sharp/
Alternatively Microsoft windows server can also run LDAP which has an unbelievable number of compatible libraries to code with.
tutorial linked, its just another server role/feature you can install (like ad itself)
http://osqa.sjsoft.com/questions/248/how-do-i-install-minimal-active-directoryldap-services-on-windows-server-2008
also here is a Q.A.D SO answer to querying user-groups are you using windows framework like asp? whats your server technology?
Query From LDAP for User Groups
Hey guys, so I'm working on an app that aggregates information for the user (eg. get search results from yahoo, google, etc. and put them in one window), but requires a logon/ authentication. Do you guys know how this can be done with asp.net or other windows server languages?
So here's another example: user goes to website, then website logs him into gmail, yahoo and hotmail, then pools all the emails together into the website.
Thank you!
EDIT: OK I think I need to clarify a little. What I'm planning on doing is having the web app log in to each website, then read the html for specific things like scores or whatnot. I know how to do nearly every part of this, except my concern is that since asp.net is server based it won't let me have 50 users online at the same time logged into different accounts (imagine facebook.com has 50 logins from the same server). I have tried doing this with javascript but I'm running into problems with browser permissions, so I'm considering other avenues.
Well you are going to need to store credentials for all of the combined services.
Simple enough, encrypt them and throw them in the database once they have added gmail, yahoo, hotmail etc..
Use the built in ASP.NET membership provider initially, Forms Authentication, design a DB schema for the data you are wanting to store and code away.
Simple stuff.
We have a SharePoint site and we now want to only allow users that have registered and paid to have access to the site by yearly subscription.
We would like to automate the process of managing the subscriptions and creating the users as much as possible.
I understand we will not get a turnkey solution. However, does the SO Community have any ideas on how we could do this. We will be using forms authentication.
A bit more info would be welcome, but I'll give it a try.
I assume you are running with FormsBasedAuthentication? If so, you would need to write the logic that creates the user in the database. The existing ASP.NET Membership Provider should meet all your needs. After that, you would need to add the newly created user to the appropriate sharepoint groups (this can also be done using the sharepoint object model).
The first step though would be to create your "become a member" page and make that accessible anonymously. Add a webpart / control to that page that handles the payment and then when succesful creates the ASP.NET Membership Provider user. Then adds that user to the appropriate sp groups. The easiest way to restict access would be to create a subsite of the main welcome site (root of the sitecollection), which has it's own rights and groups. make the root site accessible for anyone, allow access to the subsite for paying users only.
The codeplex project SharePoint 2007 List Membership Provider allows you to maintain your users in a SharePoint list