Tangible Thoughts

My earlier frustration with a programming issue I had with SharePoint Portal Server Single Sign On (SPS SSO) came to the attention of very nice chap inside Redmond . All I can say about this chap is that he is very nice, goes by the name of Chris, and works with SharePoint Portal Server; Did I say he was nice guy already? Well anyway he is a nice chap.

He was able to throw a suggestion at me that actually bowled me over. It was one of those things that go totally un-noticed until someone points it at you.

Anyways here is the low-down on the Credentials.SetCredentials() method as I understand it. Chris correct me if I go wrong or add anything if you feel is necessary, and thanks for the info below.

1. The Microsoft.SharePoint.Portal.SingleSignon.Credentials.SetCredentials() method needs to be called on an HTTP POST (i.e. postback), so Button/LinkButton clicks or anything else that would generate a postback is the way to go.

2. If you are creating an Aspx page that would call the Credentials.SetCredentials() method, then the add form digest as a server control to the html code

<SPSWC:SSOFormDigest runat="server" ID="SSOFormDigest1" />

When developing a WebPart, something that didn’t work for me was adding

FormDigest object to the WebPart.

3. Alternatively even if you are creating a WebPart you can add the current page to the Single Sign On Canary Checker like shown below when the page is loading. Please note it is important that the Page be added to the CanaryChecker before it is dispatched to the browser. So if you are creating a WebPart you can add the following code to OnInit(), OnLoad() or CreateChildControls()

Microsoft.SharePoint.Portal.SingleSignon.SSOCanaryChecker.AddCanary(Page);

      I was also informed that only one of above points (i.e. 2. or 3.) should be done, not both.

Now my suspicions are that page, whether it be a WebPart Page or Aspx page should be added the Canary Checker so that on postback when the SetCredentials() method is called the page will be successfully validate. Now I am able to vaguely piece together the role of the Canary although I still am not too sure.

Here is what the resulting WebPart Code looks like (only essential snippets are shown)

                        …

            protected override void OnInit(EventArgs e)

            {

                  base.OnInit (e);

                  SSOCanaryChecker.AddCanary(Page);

            }

            …

protected override void CreateChildControls()

            {

                  btn = new Button();

                  btn.Text = "Set SSO Credentials";

                  btn.Click += new EventHandler(btn_Click);

                  Controls.Add(btn);

            }

            …

            private void btn_Click(object sender, EventArgs e)

            {

                  try

                  {

                        string[] rgSetCredentialData = new string[5];

                        rgSetCredentialData[0] = "sky";

                        rgSetCredentialData[1] = "rb26dett”;

                        Credentials.SetCredentials(1,

                              “ApplicationName”,

                              rgSetCredentialData);

                  }

                  catch (SingleSignonException esso)

                  {

                        switch (esso.LastErrorCode)

                        {

                              case SSOReturnCodes.SSO_E_CANARY_VALIDATION_FAILURE :

                              {

                                    // Do something to communicate the error

                                    break;

                              }                      

                        }                

                  }

            }

…

            protected override void RenderWebPart(HtmlTextWriter output)

            {

                  btn.RenderControl(output);

}

Thanks again for this info Chris and may your frags be plenty J.