Lire la chaîne de connexion de l'application Secure Store Service

sharepoint.stackexchange https://sharepoint.stackexchange.com//questions/79451

  •  10-12-2019
  •  | 
  •  

Question

J'ai quelques pages d'application qui se connectent à un DAL fait dans la structure d'entité et se connecte à SQL.

Cependant, les développeurs de ce sac de propriété utilisent pour stocker le nom d'utilisateur, la DB, le mot de passe et le dbname.

Je souhaite utiliser l'application Secure Store Service. J'ai créé une application cible et j'ai créé 4 clés. Nom d'utilisateur (Nom d'utilisateur générique) Nom de dB (générique) Serveur (générique) Mot de passe (mot de passe), masqué.

Comment puis-je lire ces paramètres de ma couche-cadre d'entité pour obtenir les valeurs? 

  public static void Invoke<TConnection>(Action<TConnection> action)
            where TConnection : DbConnection, IDisposable, new()
        {
            var connection = new TConnection();

            try
            {
                //connection.Open();

                action(connection);

                connection.Close();
                connection.Dispose();
            }
            catch (SqlException)
            {
                connection.Close();
                connection.Dispose();
                throw;
            }
            catch (TimeoutException)
            {
                connection.Close();
                connection.Dispose();
                throw;
            }
            catch (Exception)
            {
                connection.Close();
                connection.Dispose();
                throw;
            }
        }

        public static void CreateEntityConnection(EntityConnection connection, bool openConnection)
        {
            connection.ConnectionString = GetDMSConnectionString();

            if (openConnection)
                connection.Open();
        }

        public static string GetDMSConnectionString()
        {
            // Specify the provider name, server and database.
            string providerName = "System.Data.SqlClient";
            string serverName =
            string databaseName = 
            string userName = 
            SecureString password = 
            password.MakeReadOnly();

            // Initialize the connection string builder for the
            // underlying provider.
            SqlConnectionStringBuilder sqlBuilder =
            new SqlConnectionStringBuilder();

            sqlBuilder.DataSource = serverName;
            sqlBuilder.InitialCatalog = databaseName;
            sqlBuilder.UserID = userName;
            sqlBuilder.Password = 

            // Build the SqlConnection connection string.
            string providerString = sqlBuilder.ToString();

            // Initialize the EntityConnectionStringBuilder.
            EntityConnectionStringBuilder entityBuilder =
            new EntityConnectionStringBuilder();

            //Set the provider name.
            entityBuilder.Provider = providerName;

            // Set the provider-specific connection string.
            entityBuilder.ProviderConnectionString = providerString;

            // Set the Metadata location.
            entityBuilder.Metadata = @"res://*/DMSModel.csdl|
                                        res://*/DMSModel.ssdl|
                                        res://*/DMSModel.msl";


            return entityBuilder.ToString();
        }

Était-ce utile?

La solution

You can Access to the secure store service programmatically

Retrieve the Central Administration Site

public static SPSite GetCentralAdminSite()
{
    SPAdministrationWebApplication adminWebApp = SPAdministrationWebApplication.Local;
    if (adminWebApp == null)
    {
        throw new InvalidProgramException("Unable to get the admin web app");
    }

    SPSite adminSite = null;
    Uri adminSiteUri = adminWebApp.GetResponseUri(SPUrlZone.Default);
    if (adminSiteUri != null)
    {
        adminSite = adminWebApp.Sites[adminSiteUri.AbsoluteUri];
    }
    else
    {
        throw new InvalidProgramException("Unable to get Central Admin Site.");
    }

    return adminSite;
}

Decrypt the secure string

private static string GetStringFromSecureString(SecureString secStr)
{
    if (secStr != null)
    {
        IntPtr pPlainText = IntPtr.Zero;
        try
        {
            pPlainText = Marshal.SecureStringToBSTR(secStr);
            return Marshal.PtrToStringBSTR(pPlainText);
        }
        finally
        {
            if (pPlainText != IntPtr.Zero)
            {
                Marshal.FreeBSTR(pPlainText);
            }
        }
    }

    return null;
}

Now we can retrieve all credentials stored in the Secure Store Application 

public static Dictionary<string, string> GetCredentialsFromSecureApp(string applicationId)
{

    var credentialMap = new Dictionary<string, string>();

    // Get the default Secure Store Service provider.
    ISecureStoreProvider provider = SecureStoreProviderFactory.Create();
    if (provider == null)
    {
        throw new InvalidOperationException("Unable to get an ISecureStoreProvider");
    }

    var providerContext = provider as ISecureStoreServiceContext;
    if (providerContext != null)
        providerContext.Context = SPServiceContext.GetContext(GetCentralAdminSite());

    var secureStoreProvider = new SecureStoreProvider
                              {
                                  Context = SPServiceContext.GetContext(GetCentralAdminSite())
                              };

    using (var credentials = secureStoreProvider.GetCredentials(applicationId))
    {
        var fields = secureStoreProvider.GetTargetApplicationFields(applicationId);
        for (int i = 0; i < fields.Count; i++)
        {
            var field = fields[i];
            var credential = credentials[i];

            var decryptedCredential = GetStringFromSecureString(credential.Credential);

            credentialMap.Add(field.Name, decryptedCredential);
        }

    }

    return credentialMap;
}

Add this references to your project :

using System.Runtime.InteropServices;
using Microsoft.BusinessData.Infrastructure.SecureStore;
using Microsoft.Office.SecureStoreService.Server;
using Microsoft.SharePoint;
using Microsoft.SharePoint.Administration;

To do a simple test, I created a console application with this code:

static void Main(string[] args)
{
    Dictionary<string, string> dic = GetCredentialsFromSecureApp("Secure App ID");

    foreach (var VARIABLE in dic)
    {
        Console.WriteLine(VARIABLE.Key +" : "+ VARIABLE.Value);
    }
    Console.ReadKey();
}

enter image description here

Licencié sous: CC-BY-SA avec attribution
Non affilié à sharepoint.stackexchange
scroll top