Tuesday, May 14, 2013

Using the ADFS FedAuth Token programmatically through the SharePoint Client Object Model

If you are using the SharePoint Client Object Model along with Active Directory Federation Services (ADFS), you may encounter numerous hurdles or obstacles when attempting to interact with SharePoint:

First of all, since you are using Claims-based Authentication, the standard Windows/NTLM Authentication model will no longer work (and is not quite as straightforward).  Therefore, you will need to follow an article similar to the following:

Remote Authentication in SharePoint Online Using the Client Object Model

However, the problem with this code is that it prompts you for your login credentials each time you attempt to access SharePoint.

But, what if you want to generate the FedAuth Token programmatically without a login prompt?

Well, you can do that as well, thanks to an article by Steve Peschka described here:

Using the Client Object Model with a Claims Based Auth Site in SharePoint 2010http://blogs.technet.com/b/speschka/archive/2010/06/04/using-the-client-object-model-with-a-claims-based-auth-site-in-sharepoint-2010.aspx

As you will see from the above article, you will actually need to enable a new Endpoint on your ADFS Server in order to be able to call ADFS directly to generate the FedAuth token for you.

  1. Open the AD FS 2.0 Management application
  2. Expand the Service node and click on the Endpoints node
  3. Right-click on the /adfs/services/trust/13/windowstransport node and click on Enable on the shortcut menu
  4. Restart the AD FS 2.0 Windows Service (from the Services Control Panel)
The one major thing lacking in Steve Peschka's code, though, is the ability to utilize custom login credentials. Fortunately, that is relatively easy to accomplish:

 ctx.Credentials = new NetworkCredential(UserName, Password, Domain);  

That is all there is to it!

Happy Coding!!

1 comment:

  1. Yes, I am so excited for this new projects. Its really amazing useful for us. Thanks a lot for sharing this article. Now it's time to avail vacuum sealer bags for more information.