To set the Title for a BPEL instance Name.
use ora:setCompositeInstanceTitle() in Java_Embedding or in an Assign Statement.
for example :
<assign name="assign_InstanceTitle">
<copy>
<from>ora:setCompositeInstanceTitle(concat("LOGIN:",string($inputVariable.request/ns5:Username))))</from>
<to>$instanceTitle</to>
</copy>
</assign>
puts the instance name as “LOGIN:User1″ in the em console
Prevent CSRF (Cross Site Request Forgery) Attacks in SharePoint Application Pages.
Cross-Site Request Forgery (CSRF) is an attack outlined in the OWASP Top 10 whereby a malicious website will send a request to a web application that a user is already authenticated against from a different website. Much detailed & better explanation is here
To prevent CSRF attacks in SharePoint application pages, which POST’s (http) data to the server, use SharePoint FormDigest Control. This FormDigest Control inserts a generated digest (token) into the form page, when it is requested (usually through GET )& in the code behind we can validate this token using SPUtility.ValidateFormDigest()to make sure that the form/page is not tampered with. Its a good practice to validate the FormDigest in the code behind, which writes data to the DB/Server/SP list,..ideally any write operation that uses RunWithElevatedPrivileges . Two steps:
1. Initialize FormDigest control in the custom application page.
<SharePoint:FormDigest runat="server"/>
2. Check for
SPUtility.ValidateFormDigest()
in the code behind POST methods of application pages to make sure that the form is not tampered with.
Deploying referenced project assemblies to GAC through sharepoint WSP
To deploy referenced project assemblies to GAC through SharePoint WSP:
1. Open the Package designer in the SharePoint project.
2. Select the Advanced tab.
3. Click the Add button.
4. Select the Add Assembly from Project Output menu item.
5. Use the Source Project dropdown to select which project in your solution should have its assembly included.
6. Make sure the Deployment Target is set to GlobalAssemblyCache.
7. Click OK, Build & Deploy the Solution, the referenced assemblies should be in GAC.
Get maxPwdAge for a Domain in AD.
Get Domain level directory entry with username/password, get the property value for ‘maxPwdAge‘ (which would be System.__ComObject)
Convert System.__ComObject to datetime/int.
We have to use COM Interop Libraries for this one, ActiveDs.dll (you can find it on the web)
System.Int64 largeInt=0;
IADsLargeInteger int64Val = (IADsLargeInteger) ent.Properties["maxPwdAge"].Value;
largeInt = int64Val.HighPart * 0x100000000 + int64Val.LowPart;
Console.WriteLine(largeInt);
long ticks = Math.Abs((long)largeInt);
TimeSpan passwordAge = TimeSpan.FromTicks(ticks);
Console.WriteLine("PasswordAge={0}",passwordAge );
Console.WriteLine("PasswordAge in Days={0}", passwordAge.Days);
For more information on converting Large Integer Property Type, please check http://msdn.microsoft.com/en-us/library/ms817837
“Please close SPWeb objects when you are done with all objects obtained from them, but not before”
DO NOT use SPList directly from methods in webparts & application pages. SPList is a sharepoint object & will instantiate a new SPWeb Object,
if used outside of its parent SPweb object. Always perform operation on SPObjects with in the SPWeb(parent SPObject) context.
or else
We will get the exception with this message : “Please close SPWeb objects when you are done with all objects obtained from them, but not before“
Muchos Muchos Gracias to Jonas for the explanation & pattern in this article
Anonymous Custom Application Pages in SharePoint Sites.
We sometimes want custom application pages in SharePoint solution , which needs to be enabled for anonymous access, for example: SiteLogin.aspx or AppError.aspx. By default, when we create an custom application page in visual studio in a SharePoint 2010 solution, it inherits from Microsoft.SharePoint.WebControls.LayoutsBasePage . so by default this custom application page needs login
To make an application page anonymous, just Inherit from Microsoft.SharePoint.WebControls.UnsecuredLayoutsPageBase & override AllowAnonymousAccess() property to return true;
Recycle IIS Application Pool’: 0x80070005Access denied
While deploying SharePoint 2010 solution from Visual Studio 2010, we often stumble upon the below deployment error:
Recycle IIS Application Pool’: <nativehr>0×80070005</nativehr><nativestack></nativestack>Access denied
Solution: The Deploy Solution user that is running the visual Studio needs to be site collection Admin on the site , in my case, its Domain\Administrator
Extending the Active Directory User Schema
Active Directory user schema has enough properties/attributes to cover most user profile information, but in some cases , we might need to extend this schema to add our own custom attributes. Microsoft Active Directory provides this capability to customize the user schema at various domain/forest hierarchy levels. The below article was tremendously helpful for us to achieve this. Thanks a lot Kurt Hudson.
http://www.informit.com/articles/article.aspx?p=169630&seqNum=3
Unique X.500 Object Id: is an unique object identifier for an attribute. This is NOT auto-generated when extending user schema, we need to come up with one or use this script to generate one. For more information, please check Obtaining an Object Identifier from Microsoft
Getting the Current Logged in user in SharePoint 2010
We all know the below way to get the current logged in user in SharePoint:
SPWeb web = SPContext.Current.Web; SPUser user = web.CurrentUser;
but this actually returns the user account running the application pool identity for that site.(if the application pool is configured to run as a standalone/service user account))
Another way to get the current context logged in user is through ensuring the login name:
SPWeb web = SPContext.Current.Web; string loginName = System.Threading.Thread.CurrentPrincipal.Identity.Name SPUser user = web.EnsureUser(@"i:" + loginName ); // Had to Append "i:" in my case of Custom Authentication Providers
For more information, please check out SPWeb.EnsureUser
Once we have current SPUser Object, we can also get to his SP Security Groups :
SPUser user = web.EnsureUser(@"i:" + loginName );
SPGroupCollection userGroups = user.Groups;
foreach (SPGroup spgroup in userGroups)
{
}
Deploying SSRS 2008 Reports in sharepoint integrated mode.
While deploying SSRS (SQL Server Reporting services) in SharePoint Integration mode, the deployment Path URL’s must be absolute (this includes http://, the site collection, the path to the site,the library,). For example :
TargetServerURL - indicates which site to deploy the report. In the above example, I deployed it to a Sub-site ‘Reports’. We can even deploy it at site collection level. i.e http://dev:3660
TargetDataSourceFolder - A regular SharePoint data connection library to store & may be share the data source used by the report.
TargetReportFolder – A regular SharePoint library to save the report.
During deployment via Business Intelligence Visual Studio, it may ask for appropriate account privileges. Successful Output below : ——————————————————————————————————————————–
Deploying to http://dev:3660/Reports
Deploying data source ‘http://dev:3660/reports/ReportsDataSource/AWDataSource.rsds’.
Deploying report ‘http://dev:3660/reports/AWReports/AWVendors.rdl’.
Deploy complete — 0 errors, 0 warnings
========== Build: 1 succeeded or up-to-date, 0 failed, 0 skipped ==========
========== Deploy: 1 succeeded, 0 failed, 0 skipped ==========
