Pages

Search This Blog

Sunday, February 19, 2012

How to retrieve trusted login provider information : claims based authentication : sharepoint 2010

Sharepoint 2010 supports claims based authentication wherein an external identity provider (like ADFS) issues SAML tokens which are used by sharepoint to authenticate users in the sharepoint web application.

Many a times, we need to programmatically retrieve the login provider's information in the sharepoint web application. This can be done using the following code:

using (SPSite theSite = new SPSite(http://siteurl/))
{
// Get the web application.
    SPWebApplication wa = theSite.WebApplication;
    // Get the zone for the site.
    SPUrlZone theZone = theSite.Zone;
    // Get the settings that are associated with the zone.
    SPIisSettings theSettings = wa.GetIisSettingsWithFallback(theZone);

    // Get the token service manager so that we can retrieve the appropriate
    // trusted login provider.
    SPSecurityTokenServiceManager sptMgr = SPSecurityTokenServiceManager.Local;
    // Get the list of authentication providers that are associated with the zone.
    foreach (SPAuthenticationProvider prov in
        theSettings.ClaimsAuthenticationProviders)
    {
        // Ensure that the provider we are looking at is a SAML claims provider.
        if (prov.GetType() ==
    typeof(Microsoft.SharePoint.Administration.SPTrustedAuthenticationProvider))
        {
            // Get the SPTrustedLoginProvider object by using the DisplayName property.
            var lp =
                from SPTrustedLoginProvider spt in
                sptMgr.TrustedLoginProviders
                where spt.DisplayName == prov.DisplayName
                select spt;
            // There should be only one match, so retrieve that value.
            if ((lp != null) && (lp.Count() > 0))
            {
                // Get the login provider.
                SPTrustedLoginProvider loginProv = lp.First();
                // Get the logon information.provinfo contains the display name of the trusted login provider
                // as well as the provider url
                string provInfo = prov.DisplayName + " - " +
                    loginProv.ProviderUri.ToString();
              
            }
        }
    }
}


No comments:

Post a Comment