Sharepoint没有从活动目录获取当前用户NetworkCredential

时间:2012-01-17 09:59:47

标签: asp.net .net web-services sharepoint sharepoint-2010

我们有一个奇怪的问题,我们有单点登录,我们正在尝试从Exchange ews webservice获取未读的电子邮件数,问题是它总是得到所有用户的实际数量,这实际上是服务器用户。

'it should now get for current user who requested the page 
'but its always for server user where sharepoint is installed
Public Sub GetUnreadEmailCount()
    Dim errormsg As String = String.Empty
    Dim UnreadCount As Integer = 0
    Dim esb As New ExchangeServiceBinding

    Try
        esb.RequestServerVersionValue = New RequestServerVersion
        esb.RequestServerVersionValue.Version = ExchangeVersionType.Exchange2007_SP1
        esb.UseDefaultCredentials = True
        esb.Url = Domain + "/EWS/Exchange.asmx"

        ServicePointManager.ServerCertificateValidationCallback = New RemoteCertificateValidationCallback(AddressOf CertificateValidationCallBack)


        Dim biArray(1) As BaseFolderIdType
        Dim dfFolder As New DistinguishedFolderIdType
        dfFolder.Id = DistinguishedFolderIdNameType.inbox
        biArray(0) = dfFolder
        Dim geGetFolder As New GetFolderType
        geGetFolder.FolderIds = biArray
        geGetFolder.FolderShape = New FolderResponseShapeType
        geGetFolder.FolderShape.BaseShape = DefaultShapeNamesType.AllProperties
        Dim gfResponse As GetFolderResponseType = esb.GetFolder(geGetFolder)

        Dim rmta As ResponseMessageType() = gfResponse.ResponseMessages.Items
        Dim rmt As FolderInfoResponseMessageType = DirectCast(rmta(0), FolderInfoResponseMessageType)
        If rmt.ResponseClass = ResponseClassType.Success Then
            Dim folder As FolderType = DirectCast(rmt.Folders(0), FolderType)
            UnreadCount = folder.UnreadCount

        End If

        Label1.Text = vbCrLf + "Unread email count : " + UnreadCount.ToString
        ' Return UnreadCount
    Catch ex As Exception
        If Not ex.Message Is Nothing Then errormsg = ex.Message
        Try
            If Not ex.InnerException.Message Is Nothing Then errormsg = errormsg + " : " + ex.InnerException.Message
        Catch e As Exception

        End Try
    Finally
        If esb IsNot Nothing Then esb.Dispose() : esb = Nothing
        If Not errormsg = String.Empty Then
            Label1.Text = vbCrLf + "Error : " + errormsg
        End If
    End Try

End Sub

2 个答案:

答案 0 :(得分:1)

我们实际上遇到了同样的问题,尽管我们没有使用单点登录。所以我不确定这正是你所经历的。

问题是,计算机A 上的用户无法将凭据提供给计算机B (SharePoint?),然后计算机B 将这些凭据发送到计算机C

它被称为“双跳”问题并且是一个安全功能,但我并没有真正涉及它的技术方面。我们的解决方案是使用Kerberos。

我希望这可以帮助您,如果没有,它可以帮助您排除这个特定问题:)

答案 1 :(得分:0)

您的服务器端代码作为AppPool的身份运行,这是您的sharepoint服务帐户。我假设“服务器用户”的意思是'

esb.UseDefaultCredentials = true; 

将使用上下文的信用。我不确定EWS服务中可用的内容,因此如果您可以使用更高权限的帐户并根据进入的用户获取,即HttpContext.Current.User.Identity作为参数那么这可能是最好的方式。

您可以通过javascript直接向EWS服务进行身份验证,完全跳过服务器端代码,然后编写消耗&根据需要显示服务器内容。

您需要找到一种方法来直接授权用户使用EWS服务。双跳是NTLM的问题,因为您的NTLM票证仅对第一跳有效。 Kerberos修复了这个问题,但您仍需要模拟。