Lots of places use sharepoint.
How can we securely retrieve the logged on sharepoint user when they view our app inside a web part?
A:
If your WebPart is running in SharePoint you can get the current user from the SPContext.
SPContext.Current.Web.CurrentUser.LoginName
Shane.
Shaneo
2010-08-17 08:55:59
Thanks, but if the web part is external, ie Sharepoint is on the local network intranet, and our app is hosted elsewhere, we can't do that.
Igor K
2010-08-17 13:18:40
Ah ok, could you create a webpart that renders an iFrame and perhaps appends an extra value to the querystring containing the information you need?
Shaneo
2010-08-17 14:10:15
Thats possible but unsecure. ie http://ourapp.com?user=SPContext.Current.Web.CurrentUser.LoginNameAnyone could just tamper with the URL
Igor K
2010-08-18 00:50:09
If you can't use the HttpContext, then this is the only technique I could think of - could you encrypt the value before you append it to your querystring?
Shaneo
2010-08-18 08:45:37
A:
you need to be in the SharePoint context in order to get the SPUser object in code. Otherwise you could just try
Context.User.Identity.Name
But of course this will not the the AD name and not the SharePoint user.
RogerNoble
2010-08-18 00:35:58
That wouldnt work though as its just an external app in an iframe inside sharepoint
Igor K
2010-08-18 00:49:15
Yes, thats what I mean - you can only get the HttpContext, not the SPContext.
RogerNoble
2010-08-18 01:05:00
Agreed, you should be able to get the AD credentials from the HttpContext
Shaneo
2010-08-18 08:44:43