Cookiesless authentication in sharepoint - sharepoint

I have a sharepoint site which works on form based authentication and now I want that sharepoint site to have cookieless authentication.
Basicaly in .Net we have option in web.config to modify the session state and to make cookieless false but how do we implement the same for sharepoint sites.
Please help me in finding best solution

I'm not sure about SharePoint 2010, but SharePoint 2007 does not support cookieless authentication:
“Cookieless” Forms Based Authentication (FBA) in SharePoint 2007
So… MOSS and WSS 3.0 are both now solidly based on the ASP.NET 2.0 platform, so this should all work in a SharePoint site, right? Well, sort of. So basically, no – not at all. Once you update your web.config to use "cookieless mode" everything appears to be working at first. You authenticate, and the ticket magically appears in your URL. The problems start to appear once you begin to navigate around your site. Some URLs have the ticket in them, and some don't. It basically comes down to this – if a URL is written using a standard ASP.NET control, or if you write a relative URL yourself, the ticket is preserved and cookieless FBA works. However, if a SharePoint control writes the URL, it's absolute, the ticket is not written, and FBA breaks.
We ran this past our PSS contacts, and apparently this is a known "issue", and it's not slated to be addressed in the 3.0 product. Basically, the feature is not supported. It no doubt has something to do with SharePoint writing URLs to support Alternate Access Mappings. There's really no reason why it couldn't write them relatively, but it obviously doesn't.

You can reduce a number of cookies by using Claims Based Authentication.
You need to setup Security Token Service as described in this blog post http://blog.sharepointsite.co.uk/2010/11/change-to-session-cookies-for-claims.html
However, note that you'll lose Client Integration, as Office use cookies from IE.

Related

Render/edit MS Office docs in browser with SharePoint or WOPI

I have a Rails application I want to do CRUD operation on user's documents online but I want to render MS Office (OpenXML-based) docs in the browser. I have heard about WOPI/SharePoint. How can I integrate it with my web app?
What you're looking for is indeed called WOPI. To be precise, you want to integrate Office Online Server (WOPI client) with your application (WOPI host). This is how SharePoint's integration works as well (SharePoint plays the role of a WOPI host here).
You need to implement the following flow:
Translated to your app - your Rails app will generate URLs pointing to the WOPI client and providing it with information about the MS Office files, authentication information, etc. Then, the WOPI client reaches for those files to your Rails app which will also need to implement the REST endpoints defined by MS-WOPI protocol (mainly CheckFileInfo, GetFile, and PutFile actions).
If you just want to provide view for the documents, that are publicily available, you could use office live viewer, or google docs viewer. You need to basically provide an URL to your document to those services.
I have found this site that has demos for online viewers currently available, you could check it out: https://xtai-umd.github.io/docs-viewer-demo/
SharePoint also has something called WopiFrame.aspx page (or WopiFrame2.aspx), that allows you to show documents like the site above, but with authentication. Please note that this will work only for the documents that are stored in the SharePoint (in the particular SharePoint where you use that WopiFrame.aspx, that is).
If you are developing SPFx web part, this is the way to go I think. Since in this case both are running in the context of SharePoint site, you don't really need to think much about security, it's all taken care of.
I mean, implementing your own WOPI server is not easy at all, and in addition to that you'll need Office Web Apps server, either installed on-premise in your organization, or the Microsoft's online one. To be able to use Microsoft's one you need to be a member of Cloud Storage program, as far as I know.
I would not recommend implementing custom WOPI server unless it is really needed for whatever reason (in my case, it was quite specific security requirements)

Windows Identity Foundation in SharePoint 2007

I've been reading about SharePoint 2010's Claims based authentication support. At this point, my shop has several clients who may not upgrade for a while, however. In making our other services claims compatible, we're wondering if claims based authentication is realistic without a great deal of reworking of existing code in our 2007 installations?
I planned on implementing Geneva (now WIF) in MOSS 2007 last year for a blog series, but I didn't get around to it.
When I looked into it, it was entirely possible, and just required extending your SharePoint site in the same manner you would for a Forms Based Authentication provider.
If you need more info, I can go back to my notes and see if I can scrounge up some detail.
Edit
Check out this blog post for more information on setting up claims on SharePoint 2007.

Help me understand Sharepoint

We've been asked to create a web application. One part of the specification is that in future, it can be integrated into Sharepoint. The last version of this app was written in PHP and "integrated" by means of an iframe embedded into Sharepoint; not ideal.
I'm looking to understand the use of Sharepoint in this context. I believe that you can write Sharepoint Applications which are more "native" to Sharepoint than the rough-and-ready iframe approach I discussed before. How easy is it to take a standard ASP.NET MVC application and fully integrate it into Sharepoint?
Does anyone have any thoughts, experiences, or resources on this matter?
I think the first question is what kind of integration with SharePoint are you trying to accomplish? The simplest is to use the Page Viewer webpart (i.e. iframe) method. You can also write custom webparts that show data from your custom application. That's a form of integration. The ultimate form of integration, of course, is to make your application run inside of SharePoint. That leads to my next point.
SharePoint (as of version 2007) is essentially a giant ASP.NET framework. So you can theoretically use it to host any ASP.NET web application. I have actually done it before and it works. However, that was a plain old ASP.NET webforms application (not MVC). If this is what you are trying to do, you definitely would need to rewrite your php application in ASP.NET.
In Sharepoint there is a Page Viewer webpart using which you can load a different url. This way you can easily "integrate" your application to sharepoint site ;-)
But if you are really looking at Re Engineering the application in SharePoint then its a different story. You have to study the current application and then develop it in SharePoint.
This fellow has an approach to writing PHP for SharePoint. A key statement:
There are two big tricks – getting the
XML right and using NTLM
authentication.

sharepoint fba

i have a wss 3.0 site up and running using forms based authentication. Is there a way to upload multiple files (basically copy and paste a folder containing files)?
also, when i try to access the site using designer 2007, i can't access the site and it asks me to install sharepoint services or frontpage extensions. how can i modify the site using designer?
I know that in designer that the functionality exists to copy/paste a folder.
Thank you!
Regarding your first question, see this on Stack Overflow. Essentially, it's by design and Microsoft don't give you that functionality. You could try turning on Client Integration but I don't know if it will work. If you need an alternative, searching around I found UploadZen which seems to support multiple uploads with FBA.
Are you also using forms auth with SharePoint Designer? The bottom of this blog post from Mike Hatch has information that might help you.
Try out installing the SP2 for the SharePoint 2007 and the office Application. In the Office application they have solved may of the issue that were part of FBA enabled sites. Please refer to this for more information.

How to configure SharePoint forms based authentication

Can someone please tell me how to do the following in SharePoint (WSS 3.0):
Have a user log in (user name and password) on a page and then if correct display the home page of a WSS 3.0 site?
I think it's called forms based authentication.
Here's a video about using Forms Auth. with WSS3 and here are some samples. Basically, you use the login.aspx page in _layouts to collect credentials and cache them. You have to modify web.config to use the membership provider. More on that here.
This is one of the best article on FBA
Save yourself a lot of time and checkout http://sharepointsolutions.com/SharePoint-Add-ons/Products/Pages/ExtranetCollaborationManager.aspx
I have done it several ways but this has made life easier when configuring environments.
As a special case of Forms Based AuthN, in case you don't have to own the DB containing your users, you can rely on Live ID to authenticate users to your site. Haven't tried this, but may help you.
I just believe some JavaScript is enough to do that.Maybe I am Wrong!

Resources