Provider Hosted APP with ADFS – Created By Issue
https://sharepoint.stackexchange.com/questions/203172
-
12-12-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have created one provider hosted app and have done ADFS configuration for SSO to SharePoint Site to SharePoint APP Site.
But when I adding/updating list item created by user is “i:0i.t|00000003-0000-0ff1-ce00-000000000000|app@sharepoint” instead of my logged in user in SharePoint Site.
I am in impression that SharePoint Site passes same user token to SharePoint APP but its passing common token to everyone user and the user is “i:0i.t|00000003-0000-0ff1-ce00-000000000000|app@sharepoint”
I have implemented ADFS version 2.0. SharePoint 2013 and hosted site in my local IIS.
How can I have same user for both (SharePoint Site and SharePoint Provider APP Site)?
My SharePoint Site:
My APP Site:
Both have different user; how can I have same user in both site with ADFS SSO?
Solution 2
I accomplish my requirement as follows:
My SharePoint Site:
APP Site:
As I did ADFS but User context is different.
I solved this issue by impersonating concept as below code:
List oList = clientContext.Web.Lists.GetByTitle("Contact");
clientContext.Load(oList);
clientContext.ExecuteQuery();
ListItemCreationInformation itemCreateInfo = new ListItemCreationInformation();
Microsoft.SharePoint.Client.ListItem oListItem = oList.AddItem(itemCreateInfo);
User user = clientContext.Web.EnsureUser("spadmin@spdomain.com");
clientContext.Load(user);
clientContext.ExecuteQuery();
Response.Write("<p>" + user.LoginName + "</p>");
oListItem["Title"] = "Test";
oListItem["Author"] = user;
oListItem["Editor"] = user;
oListItem.Update();
clientContext.ExecuteQuery();
Also, I have created app part for Provider Hosted APP and in Page I am passing current user in query string and by reading Query String I am impersonating user and doing CRUD Operation.
OTHER TIPS
It seems you are making calls to SharePoint via App Only Context. Hence all the operations that the app performs are executed under App context and NOT user context. You can create context for logged in user as below:-
var spContext = SharePointContextProvider.Current.GetSharePointContext(Context);
var clientContext = spContext.CreateUserClientContextForSPAppWeb();
To create client context for SAML auth
var clientContext = TokenHelper.GetS2SClientContextWithClaimsIdentity(sharepointUrl,HttpContext.Current.User, TokenHelper.IdentityClaimType.SMTP, TokenHelper.ClaimProviderType.SAML)
PS: you need to make sure the user whose context is being used has appropriate rights to perform the desired operation via SharePoint app
PS: you also need to make sure that the token helper class is modified for SAML support. Refer this link for detailed explanation and step by step process. Verify that you have all required entries in the config file of the PHA web application.
