Consuming SharePoint data in WCF or Custom Application

Recently I encounter an security concern for WCF application which is getting data from SharePoint for hardcoded username and password in web.config of WCF.

To resolve this, I have used Token generation approach where token is used to get the client context in order to CSOM to work. Also the token is generated for Certificate not for a user which solves the purpose.

Overview

Approach used to achieve this is the same manner how “SharePoint Provider Hosted App connect to the SharePoint”. High Trust Certificate is used to generate the token which later can be used to get Client context.

High Level Steps Involves –

1. Create High Trust Certificate
2. Export Certificate into .pfx and .cer
3. Adding certificate to SharePoint for token generation
4. Registering App in SharePoint and giving permission to SP resources
5. Updating WCF code to get Client context from token

Checkout next post for explanation on each step for Checkout next post to on this topic “How to access SharePoint from WCF”

 3,325 total views,  2 views today