SharePoint 2010’s Secure Store Service offers a valuable solution for managing credentials and delegating access to remote resources. With an API that can be integrated into custom development projects, it is an ideal option for storing sensitive configuration data such as connection strings and web service credentials.
Target Applications
The Secure Store Service enables the creation of Target Applications, which house sets of credentials. These applications are available in two main types:
1. Individual Applications
In Individual Applications, credentials are mapped to individual users.
2. Group Applications
In Group Applications, all users share the same set of credentials.
By using the Secure Store Service API, we can retrieve credentials when granted the appropriate permissions to the target application.
Assembly References
To get started, we need to reference a couple of assemblies:
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\ISAPI\Microsoft.BusinessData.dllMicrosoft.Office.SecureStoreService.dllC:\Windows\assembly\GAC_MSIL\Microsoft.Office.SecureStoreService\14.0.0.0__71e9bce111e9429c\Microsoft.Office.SecureStoreService.dll
SecureStoreUtils Code
The SecureStoreUtils class provides the GetCredentials method, which retrieves the credentials for a given application ID.
csharp
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Security;
using Microsoft.BusinessData.Infrastructure.SecureStore;
using Microsoft.Office.SecureStoreService.Server;
using Microsoft.SharePoint;
public static class SecureStoreUtils
{
public static Dictionary<string, string> GetCredentials(string applicationID)
{
...
}
public static string ToClrString(this SecureString secureString)
{
...
}
}
By utilizing the Secure Store Service in SharePoint 2010, developers can securely manage credentials and delegate access to remote resources while maintaining a high level of security and ease of use. This approach is particularly valuable for custom development projects where sensitive configuration data must be stored and accessed in a secure manner.