Home/ Questions/Q 7977075
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-04T09:05:25+00:00

I’m working on a scenario that runs like this: user click a link in

  • 0

I’m working on a scenario that runs like this: user click a link in a SAP site that takes him/her to a SharePoint site. To accomplish single sign-on, an http module takes a SAP cookie, gets a username and logs user into SharePoint.

When implemented on SP 2007, it used to work: simply calling SetAuthCookie(username) did the work, user got to the SharePoint 2007 site and everything worked as expected.

When on a SharePoint 2010 claims web app, it stopped working. That’s pretty much expected, per this great article from Steve Peschka. So I went ahead and started replacing the SetAuthCookie() code, but I’m facing two issues

Here’s my custom sign in code. Is there any equivalent to SetAuthCookie() that doesn’t need a password? (nevermind hard-coded url’s and pwd’s… just a prototype)

private SPIisSettings IisSettings
{
    get
    {
        SPWebApplication webApp = SPWebApplication.Lookup(new Uri("http://virtualcasa1/sites/blank2"));//XXX
        SPIisSettings settings = webApp.IisSettings[SPUrlZone.Default];
        return settings;
    }
}

private SecurityToken GetSecurityToken()
{
    SecurityToken token = null;
    SPIisSettings iisSettings = IisSettings;
    Uri appliesTo = new Uri("http://virtualcasa1");//XXX

    SPFormsAuthenticationProvider authProvider = iisSettings.FormsClaimsAuthenticationProvider;
    token = SPSecurityContext.SecurityTokenForFormsAuthentication(appliesTo, authProvider.MembershipProvider, authProvider.RoleProvider, "userfba", "pa55word");//XXX
    return token;
}

private void SignIn()
{
    SecurityToken token = null;

    if ((token = GetSecurityToken()) != null)
    {
        SPFederationAuthenticationModule fam = SPFederationAuthenticationModule.Current;
        HttpContext c = HttpContext.Current;
        fam.SetPrincipalAndWriteSessionToken(token);
        c.Response.Redirect("/sites/blank2");//XXX
    }
}

void OnAuthenticateRequest(object sender, EventArgs e)
{
    HttpContext c = HttpContext.Current;
    if (c.Request.Url.ToString().ToLowerInvariant().Contains("/authenticate.aspx"))
    {
        SignIn();
    }

Thanks much!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Finally was able to answer my own question (hate to answer myself, but sometimes that’s the way it works…), here are the details. Hope it helps someone, somewhere.

    • 0