R – SOAP web service running on SharePoint

sharepointsoapweb services

I have a SOAP web service running on my sharepoint box under the _layouts directory, and a thick client which uses that SOAP service. We have one sharepoint box that uses basic auth and another which uses client certificates. I need that SOAP service to update some list items in a document library. The problem I'm having is nothing seems to work unless I run within an elevated privileges block. Here is a code snippet of what I'm trying to do.

using (SPSite site = new SPSite(fileUrl))
using (SPWeb web = site.OpenWeb()) {
   // web.CurrentUser is always null unless in elevated privileges block.
   // do something with document library...
   web.Files.Add(...); // fails with access denied unless in elevated privileges block.
}

I also tried "SPContext.Current.Web" but it returns null for "web.CurrentUser" even if I'm in an elevated privileges block.

I really can't use an elevated privileges block because the users complain that anything my SOAP service touches has a modified by system.

From the thick client we are using code like the following…

HttpWebRequest request = (HttpWebRequest)WebRequest.Create(requestString);
if(basicAuth) {
   request.Credentials = System.Net.CredentialCache.DefaultCredentials;
}
else {
   X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
   store.Open(OpenFlags.ReadOnly);
   foreach (X509Certificate2 certificate in store.Certificates) {
      request.ClientCertificates.Add(certificate);
}
request.GetResponse();

We are manually constructing the SOAP request for various reasons.

Best Answer

If you want your webservice to properly integrate within the sharepoint context (i.e. being able to query the "current sharepoint user"), you should really deploy it to _vti_bin (the ISAPI subfolder of the 12 hyve), not to _layouts.

Discovery is a bit of a pain and requires manual tweaking of files (see the MSDN article on custom webservices within SharePoint for more information), but as you are hand-building your request anyway discovery should not be an issue.

[Edit] As an alternative, you can try acquiring the SPUserToken of the windows authenticated user,

SPUserToken token = web.AllUsers[WindowsIdentity.GetCurrent().Name].UserToken;

and then use this token to open the site and web as this user.

Related Solutions

Python – How to consume a WSDL (SOAP) web service in Python

I would recommend that you have a look at SUDS

"Suds is a lightweight SOAP python client for consuming Web Services."

REST / SOAP endpoints for a WCF service

You can expose the service in two different endpoints. the SOAP one can use the binding that support SOAP e.g. basicHttpBinding, the RESTful one can use the webHttpBinding. I assume your REST service will be in JSON, in that case, you need to configure the two endpoints with the following behaviour configuration

<endpointBehaviors>
  <behavior name="jsonBehavior">
    <enableWebScript/>
  </behavior>
</endpointBehaviors>

An example of endpoint configuration in your scenario is

<services>
  <service name="TestService">
    <endpoint address="soap" binding="basicHttpBinding" contract="ITestService"/>
    <endpoint address="json" binding="webHttpBinding"  behaviorConfiguration="jsonBehavior" contract="ITestService"/>
  </service>
</services>

so, the service will be available at

Apply [WebGet] to the operation contract to make it RESTful. e.g.

public interface ITestService
{
   [OperationContract]
   [WebGet]
   string HelloWorld(string text)
}

Note, if the REST service is not in JSON, parameters of the operations can not contain complex type.

Reply to the post for SOAP and RESTful POX(XML)

For plain old XML as return format, this is an example that would work both for SOAP and XML.

[ServiceContract(Namespace = "http://test")]
public interface ITestService
{
    [OperationContract]
    [WebGet(UriTemplate = "accounts/{id}")]
    Account[] GetAccount(string id);
}

POX behavior for REST Plain Old XML

<behavior name="poxBehavior">
  <webHttp/>
</behavior>

Endpoints

<services>
  <service name="TestService">
    <endpoint address="soap" binding="basicHttpBinding" contract="ITestService"/>
    <endpoint address="xml" binding="webHttpBinding"  behaviorConfiguration="poxBehavior" contract="ITestService"/>
  </service>
</services>

Service will be available at

REST request try it in browser,

http://www.example.com/xml/accounts/A123

SOAP request client endpoint configuration for SOAP service after adding the service reference,

  <client>
    <endpoint address="http://www.example.com/soap" binding="basicHttpBinding"
      contract="ITestService" name="BasicHttpBinding_ITestService" />
  </client>

in C#

TestServiceClient client = new TestServiceClient();
client.GetAccount("A123");

Another way of doing it is to expose two different service contract and each one with specific configuration. This may generate some duplicates at code level, however at the end of the day, you want to make it working.

Best Answer

Related Solutions

Python – How to consume a WSDL (SOAP) web service in Python

REST / SOAP endpoints for a WCF service

Reply to the post for SOAP and RESTful POX(XML)

Related Topic