How to read credentials from Secure Store Service Application in SharePoint

Ashok Raja
 
Solutions Architect
December 20, 2012
 
Rate this article
 
Views
1590

Secure Store Service Application is the application in which credentials required to communicate with external applications are stored in SharePoint.

Use the below piece of code to extract credentials from Secure Service Application. This code requires reference to Microsoft.BusinessData.dll, Microsoft.SharePoint.dll, and System.Web.dll.

 using Microsoft.SharePoint;
 using Microsoft.BusinessData.Infrastructure.SecureStore;
 using System.Runtime.InteropServices;
 .
 .
  public string[] GetCredentialsFromSecureStoreService(SPSite Site, string AppId)
 {
     string[] Credentials = new String[2];
     SPSecurity.RunWithElevatedPrivileges(delegate
     {
         using (SPServiceContextScope scope = new Microsoft.SharePoint.SPServiceContextScope(SPServiceContext.GetContext(Site)))
         {
             string Provider = "Microsoft.Office.SecureStoreService.Server.SecureStoreProvider, Microsoft.Office.SecureStoreService, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c";
             Type ProviderType = Type.GetType(Provider);
             ISecureStoreProvider provider = (ISecureStoreProvider)Activator.CreateInstance(ProviderType);
             string appTargetName = AppId;
             SecureStoreCredentialCollection credentials = provider.GetCredentials(appTargetName);
             foreach (ISecureStoreCredential cred in credentials)
             {
                 if (cred.CredentialType == SecureStoreCredentialType.UserName)
                 {
                     Credentials[0] = ParseString(cred.Credential);
                 }
                 else if (cred.CredentialType == SecureStoreCredentialType.Password)
                 {
                     Credentials[1] = ParseString(cred.Credential);
                 }
             }
         }
     });
     return Credentials;
 }
 
 private static string ParseString(System.Security.SecureString secureString)
 {
     string outStr = null;
     IntPtr intPtr = IntPtr.Zero;
 
     try
     {
         intPtr = Marshal.SecureStringToBSTR(secureString);
         outStr = Marshal.PtrToStringBSTR(intPtr);
     }
     finally
     {
         Marshal.FreeBSTR(intPtr);
     }
 
     return outStr;
 }

To call the code

 private void ReadCredentials()
 {
     using (SPSite site = new SPSite("http://srv1:901/"))
     {
         string[] str = GetCredentialsFromSecureStoreService(site, "BcsDemoForBlog");
         string UserName = str[0];
         string Password = str[1];
     }
 }

To learn more about BCS with Secure Store Service check-out my blog post.

To learn how to configure Secure Store Service Application check-out this tech net article.

Category : Tips

Author Info

Ashok Raja
 
Twitter Linked In
Solutions Architect
 
Rate this article
 
I am Ashok Raja, Share Point Consultant and Architect based out of Chennai, India. ...read more
 

Leave a comment