SharePoint Login as a Different User

What the hell Microsoft? Why did you decide to remove the ability for a user to logon as a different user in SharePoint 2013? It was there in 2010, but this feature is not there in 2013.

Microsoft's recommendation is to right-click on Internet Explorer and then select run-as and then enter your username and password. This is not a good option for most users and in our environment it is not practical. So to get this functionality back, we will create a SharePoint feature that is deployed at the farm level. There are some sites out there that detail this but there is one problem with all of them, they do not redirect the user back to the same site where they did the logout / login function. I have included the specific code to solve the problem but I am not including the details on how to create the feature. Once the feature is created add an empty element to the project and paste in the code below. The LogoffAndLogin() javascript function will get the current subsite and pass it in as a parameter to then allow the logoff webservice to redirect the user back to the original page after login.

  1. <?xml version="1.0" encoding="utf-8"?>
  2. <Elements xmlns="http://schemas.microsoft.com/sharepoint/">
  3. <CustomAction
  4. Id="LoginScript"
  5. ScriptBlock="function LogoffAndLogin(){ if (typeof SP != 'undefined') { var siteCollUrl = '';SP.SOD.executeFunc('SP.js', 'SP.ClientContext', function(){var clientContext = new SP.ClientContext.get_current();var site = clientContext.get_site();clientContext.load(site);clientContext.executeQueryAsync(Function.createDelegate(this, function(){siteCollUrl = site.get_url();var fullURL = siteCollUrl + '/_layouts/closeConnection.aspx?loginasanotheruser=true&amp;amp;Source=' + siteCollUrl; window.location = fullURL;}))})} else { alert('An error occurred during the logoff process, please try again.');}};"
  6. Location="ScriptLink">
  7. </CustomAction>
  8. <CustomAction
  9. Id="LogInAsUser"
  10. GroupId="PersonalActions"
  11. Location="Microsoft.SharePoint.StandardMenu"
  12. Sequence="998"
  13. Title="Sign in as a Different User"
  14. Description="Sign Out and Login as a Different User">
  15. <UrlAction Url="javascript:LogoffAndLogin();"/>
  16. </CustomAction>
  17. </Elements>

I have the code all in one line and I realize that it might be a bit difficult to follow. I have included the code broken out as multiple lines to help you follow what is going on.

  1. LogoffAndLogin(){
  2. if (typeof SP != 'undefined') {
  3. var siteCollUrl = '';
  4. SP.SOD.executeFunc('SP.js', 'SP.ClientContext', function(){
  5. var clientContext = new SP.ClientContext.get_current();
  6. var site = clientContext.get_site();
  7. clientContext.load(site);
  8. clientContext.executeQueryAsync(Function.createDelegate(this, function(){
  9. siteCollUrl = site.get_url();
  10. var fullURL = siteCollUrl + '/_layouts/closeConnection.aspx?loginasanotheruser=true&amp;amp;Source=' + siteCollUrl;
  11. window.location = fullURL;
  12. }))
  13. })
  14. }
  15. else {
  16. alert('An error occurred during the logoff process, please try again.');
  17. }
  18. };

This has worked well in our environment. This is a stupid problem that MS created, but this solution should work well to solve it. Good luck !!



SharePoint security trimmed site list

Okay, so it has been a bit since I have posted anything, mainly due to that I have not anything notable to post.  This is not due to me not doing anything notable but that the things that I have done that were notable were proprietary and I did not feel comfortable disclosing in a public forum. 

So the problem that I was given was that when people landed on the root site within the root site collection of our managed path / application the user hit a page that was essentially blank.  From there they did not know where they should go and did not really know what they would be able to access.  So here comes a webpart that can help solve the problem.  What the goal of this webpart was is to create a security trimmed list of sites the user would have access at the root level.  I am not going to go through each and every step for creating a webpart but I will give some high level info since these are steps that I struggled with when creating the webpart.

 

  1. So first off, when you are creating this webpart select the "Visual Web Part option" in the project type.
  2. You MUST select DEPLOY AS FARM SOLUTION.  The sandboxed solution will not have access to the necessary objects needed for this webpart.  Specifically getting all site collections in a web application (managed path).
  3. To start we will create two classes.  SiteLookup and SPSiteInfo. 

    SiteLookup

    1. using Microsoft.SharePoint;
    2. using System;
    3. using System.Collections.Generic;
    4. using System.Linq;
    5. using System.Text;
    6. using System.Threading.Tasks;
    7.  
    8. namespace SPSiteListing.ListSPSites
    9. {
    10. class SiteLookup
    11. {
    12. private Boolean _EnableTrimming;
    13. private SPContext _Context;
    14. private string _CurrentUserName;
    15. public SiteLookup(SPContext context, Boolean enablePermissionTrimming)
    16. {
    17. _EnableTrimming = enablePermissionTrimming;
    18. _Context = context;
    19. _CurrentUserName = context.Web.CurrentUser.LoginName;
    20. }
    21. public List<SPSiteInfo> GetSites()
    22. {
    23. if (IsRootInApplication())
    24. {
    25. var list = new List<SPSiteInfo>();
    26. list.AddRange(GetSitesUnderCurrentWeb());
    27. list.AddRange(GetSitesUnderManagedPath());
    28. return list;
    29. }
    30. else
    31. return GetSitesUnderCurrentWeb();
    32. }
    33. public Boolean IsRootInApplication()
    34. {
    35. if (_Context.Site.RootWeb.Url != _Context.Site.Url)
    36. return false;
    37. if (_Context.Site.WebApplication.Sites[0].Url != _Context.Site.Url)
    38. return false;
    39. return true;
    40. }
    41. public List<SPSiteInfo> GetSitesUnderManagedPath()
    42. {
    43. var sites = new List<SPSiteInfo>();
    44. var applicationSites = _Context.Site.WebApplication.Sites;
    45. foreach (SPSite item in applicationSites)
    46. {
    47. //you must set disable catching access exceptions to prevent sharepoint from catching it
    48. item.CatchAccessDeniedException = false;
    49. try
    50. {
    51. if (item.RootWeb.DoesUserHavePermissions(_CurrentUserName, SPBasePermissions.Open) || !_EnableTrimming)
    52. sites.Add(new SPSiteInfo(item));
    53. }
    54. catch (UnauthorizedAccessException)
    55. {
    56. //The user does not have access to check their access. So an exception will be thrown.
    57. //This will not cause a problem to not do anything with it, since we are security trimming
    58. //we do not want this one listed anyway.
    59. }
    60. }
    61. return sites;
    62. }
    63. public List<SPSiteInfo> GetSitesUnderCurrentWeb()
    64. {
    65. var sites = new List<SPSiteInfo>();
    66. if (_EnableTrimming)
    67. {
    68. foreach (SPWeb item in _Context.Web.GetSubwebsForCurrentUser())
    69. {
    70. sites.Add(new SPSiteInfo(item));
    71. }
    72. }
    73. else
    74. {
    75. foreach (SPWeb item in _Context.Site.AllWebs)
    76. {
    77. sites.Add(new SPSiteInfo(item));
    78. }
    79. }
    80. return sites;
    81. }
    82. }
    83. }

    SPSiteInfo

    1. using Microsoft.SharePoint;
    2. using System;
    3. using System.Collections.Generic;
    4. using System.Linq;
    5. using System.Text;
    6. using System.Threading.Tasks;
    7.  
    8. namespace SPSiteListing.ListSPSites
    9. {
    10. class SPSiteInfo
    11. {
    12. public string SiteName { get; private set; }
    13. public string SiteUrl { get; private set; }
    14. public string HTMLLink
    15. {
    16. get
    17. {
    18. return String.Format(@"<a href=""{0}"">{1}</a>",
    19. SiteUrl,
    20. String.IsNullOrEmpty(SiteName) ? SiteUrl : SiteName);
    21. }
    22. }
    23. public SPSiteInfo(SPSite site)
    24. {
    25. try
    26. {
    27. SiteName = site.RootWeb.Title;
    28. }
    29. catch (UnauthorizedAccessException)
    30. {
    31. //since the user does not have access to get the title, we can do something
    32. //here if we want with demonstrating that. but it isn't necessary
    33. }
    34. SiteUrl = site.Url;
    35. }
    36. public SPSiteInfo(SPWeb site)
    37. {
    38. SiteName = site.Name;
    39. SiteUrl = site.Url;
    40. }
    41. }
    42. }
  4. So now that we have the classes written to get the data, we need a something to display the data in the webpart. To do that we will use the ascx file created already (just adding a ul with an id and a runat) and add some code in the page_load method.

    ASCX file

    1. <ul id="siteList" runat="server">
    2.  
    3. </ul>

    ASCX code behind

    1. protected void Page_Load(object sender, EventArgs e)
    2. {
    3. SiteLookup query = new SiteLookup(SPContext.Current, true);
    4. foreach (var item in query.GetSites())
    5. {
    6. var li = new HtmlGenericControl("li");
    7. li.InnerHtml = item.HTMLLink;
    8. siteList.Controls.Add(li);
    9. }
    10. }


So that is basically it. There are some details that are not covered in this post, but this should get you past the things that I struggled with when I created my webpart.


Good Luck !!

The culture paradigm shift

Almost everyone who knows me almost immediately knows my political and religious views and even like-minded people refer to me as a zealot.  With that disclosure I am going to place in writing what I have been saying for a long time, and that is my belief that there is currently a paradigm shift going on throughout the United States and slowly we as a people are shifting back to the ideals of years past.

At the beginning of the 1960’s people wanted to throw away their straight-laced image and embrace the counter-culture that began to develop.  This counter-culture embraced drugs, liberal ideals, and “free love” resulting in a society that had a great deal of moral decay.  The detestable act of abortion became legal and communist philosophies started to be embraced by a large portion of the United States.

I know that I am generalizing quite a bit but my point is not the specifics it is what I believe is coming as a whole.  While the counter-culture in the 1960’s embraced moral decay, the counter-culture of today is embracing God and conservative ideals.  Examples of this can be demonstrated with the wave of religious movies that have been released in recent years as well as the strength of the Tea Party movement.  Other areas demonstrating this shift have been with the support of companies that are demonstrating their faith such as Hobby Lobby and Chick-Fil-A.  I have been saying for a long time that there is a shift coming and I think that it is becoming apparent.

I think of the United States’ culture as a pendulum, it never stays in the middle it always swings from one side to the other.  At its worst we have big government with things like government-controlled healthcare where at its best we have winning the cold war.  So here is my prediction, over the next few years the Tea Party will become a large influence in daily politics and the Christians will stand united to show their faith and be lights unto the world. 

So I say support your Hobby Lobby and Chick-Fil-A.  Be the salt of the earth and tell your story of Christ in your life.

 

What is the cost of free?

Benjamin Franklin wrote in 1783, “Sell not virtue to purchase wealth, nor Liberty to purchase power,” and while he was not speaking about the Internet (obviously since it was not invented until almost two-hundred years later by Al Gore?) or our give me society he was addressing a similar people.  Today, we are blasted with free applications and services but are they really free and what are they truly costing us. 

Since the beginning of time we have had scrupulous individuals with different types of scams and charades that they have tried to use to gain from unsuspecting people and in recent times this has become ever more apparent but for many unnoticed.  There has been “free” applications on the Internet for a long time and while there are many good free applications (I think everyone knows of a few) that may have additional features for a fee or they offer a non-commercial version for free but all companies need to make money and to think that they do not is just naïve. 

So let us take a look at some of these free services that we use every day and think how these companies are making their money.  What about the free anti-virus programs?  Some are free for consumers for a reason, they are bad but others are free so that the company can gain data about viruses such as their proliferation around the world and use that for their commercial products that are sold for servers.  What about the DVD ripping program?  Well that could be a virus or it could be something that is giving data about the person that is downloading it, however when it comes to single utility applications it can be difficult to determine what the true intention is for the person giving the program.

Beyond the applications how do companies make money from free services?  Some of the free services such as DropBox give you a little in hopes that you will buy more space.  Other free services are supporting their company through advertisements and this can start becoming a little bit more sinister.  Facebook for example has a new “feature” that will allow you to tag music and television programming from within the Facebook application on Android and IOS.  Who is to say whether or not Facebook will be scanning more than just during a tag and even if they do not associate it to an individual account they are using the data to send statistics back to Facebook (which can then be sold to marketing people for most tagged shows).  Facebook also uses your demographic information for advertisement targeting therefore potentially exposing your sensitive data to marketing executives.

When discussing free services online there is one very large elephant in the room and that is the all-powerful Google.  Google has access to not only your search queries (meaning that they do track what you search for if you are logged into the Google site) but they also potentially have access to much of your personal data as well, use Gmail?  What about on the corporate site?  Google may have you there too with Google Analytics.  By using Google Analytics a company can track how many hits are coming to a page but through their clever code that the company has willingly placed on their page, Google is able to gain a lot of data that can then be used for more trending analysis.  Since there are only a few lines of code you are adding to the page with Google Analytics some may not realize that Google is adding a lot more and with that you have given them control to do whatever they want.

In this world of free we don’t always know the costs or the extent of the data that is being used on us.  Just as a conclusion to this, Google Analytics has enough data on from the person that is browsing to a site with it on there to determine your location (down to the city), internet service provider, age, gender, and any search terms you used to get to the site.  Who knows what else they have but are not providing it in the report for Google Analytics.

I do not wish anyone to be scared off the grid but if you are… Google will notice