Re: Recommended way to pass identity to web service

Tech-Archive recommends: Fix windows errors by optimizing your registry

for #2, if i did that i would want to make sure there was no logic hard
coded. Can you tell me the basic steps that you would do to
authenticate/authorize the client?

thanks

"Steven Cheng[MSFT]" <stcheng@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:KjA$TKNfHHA.4692@xxxxxxxxxxxxxxxxxxxxxxxxx
Thanks for your reply TS,

Now I've got that your concern is that the webservice and your proxy
component will be called by multiple client applications and you want each
of them only have the permission to view their own document in the MOSS
(through excel service).

I've also discussed this with some SPS engineers and here are some of our
suggestion:

1. If you want to use the SPS security, then you can just configure the
document permission for those excel document in the SPS server(just like
you configure permission of other document in sharepoint document
library).
And when you use webservice to access teh excel service document, it will
also perform authorization based on the document library's permission
setting. So each of your client application will use its own domain
account
to access the document library:

#Plan Excel Services security
http://technet2.microsoft.com/Office/en-us/library/a49883a7-de84-4a66-8fa0-7
c7d125f237b1033.mspx?mfr=true

#Manage permissions for a list, library, folder, document, or list item
http://office.microsoft.com/en-us/help/HA100215641033.aspx

http://www.sharepointblogs.com/ssofian/archive/2006/07/28/9532.aspx


2. If you still want to use a single fixed accoutn for access the excel
service, that account should have permission in SPS to access all those
excel files. And for different clients, we do the access control in our
webservice proxy wrapper class. You can create a wrapper component class
which call the excel service proxy internally. and before call excel
service webmethod, the wrapper class can do security validation(our own
code logic) according to client application(caller)'s identity and which
document they want to access.

How do you think?


Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no
rights.







.

Relevant Pages

  • Re: Recommended way to pass identity to web service
    ... of them only have the permission to view their own document in the MOSS ... (through excel service). ... And when you use webservice to access teh excel service document, ... So each of your client application will use its own domain account ...
    (microsoft.public.dotnet.framework.aspnet.webservices)
  • Re: Launching an .exe on intranet
    ... you mentioned that your client wanted to ... "replace the functionality of his Excel file... ... share access to it, an ASP app is what you want, in which case you only need ... VB is a language for writing executables. ...
    (microsoft.public.frontpage.programming)
  • Re: My first database (long)
    ... looks similar to an Excel spreadsheet, many people tend to confuse the 2. ... designing reports, the biggest issue for you right now is actually designing ... As Pete and Bruce have mentioned, getting a good book on database design ... > The database contains client records. ...
    (microsoft.public.access.gettingstarted)
  • Re: Help creating database
    ... After the first round, the client can walk away with what they have so far, ... help you shoot yourself and your boss in the foot or feet. ... The problem with so many amateur Excel ... For a journeyman Access developer your proposed application seems to ...
    (microsoft.public.access.gettingstarted)
  • Re: Unique Selection of Data
    ... Excel converts TRUE to 1 and FALSE to 0. ... Optional Question A: I am trying to adapt these formula as a template so I ... > Client ID Service Item ...
    (microsoft.public.excel.worksheet.functions)