Question about LoginForms in PSI.

A

Amber

Hi, we are interested in the LoginForms web service in the PSI SDK. In
our environment we have created two web sites for PWA, Http://fbprojsvr:8080/pwa
and http://fbprojsvr:8082/pwa, using Windows and Forms authentication
respectively. Users can log on to Project server from http://fbprojsvr:8082/pwa
using Forms authentication accounts. We also have a in-house
application, which we plan to use the PSI SDK to integrate Project
Server, and we also want to use the LoginForms web service to log on
to Project Server, we know this will be practical solution, but we
have a confuse about how this can work:

We have look into the web.config file of the http://fbprojsvr:8082/pwa
ASP.NET 2.0 application, it use the following elements to use Forms
authentication
<authentication mode="Forms">
<forms loginUrl="/_layouts/login.aspx" />
</authentication>

According to ASP.NET 2.0 Forms Authentication sepcfication, all
unauthenticated request will be redirected to the login url(/_layouts/
login.aspx in this case), which is set at the forms element in
web.conf file. We want to know how the client web service proxy can
touch LoginForms service without been redirected. We also examed the
HttpModules sections of web.config file

<httpModules>
<clear />
<add name="SPRequest"
type="Microsoft.SharePoint.ApplicationRuntime.SPRequestModule,
Microsoft.SharePoint, Version=12.0.0.0, Culture=neutral,
PublicKeyToken=71e9bce111e9429c" />
<add name="OutputCache"
type="System.Web.Caching.OutputCacheModule" />
<add name="FormsAuthentication"
type="System.Web.Security.FormsAuthenticationModule" />
<add name="UrlAuthorization"
type="System.Web.Security.UrlAuthorizationModule" />
<add name="WindowsAuthentication"
type="System.Web.Security.WindowsAuthenticationModule" />
<add name="RoleManager"
type="System.Web.Security.RoleManagerModule" />
<!-- <add name="Session"
type="System.Web.SessionState.SessionStateModule"/> -->
<add name="PwaAuthentication"
type="Microsoft.Office.Project.PWA.PwaAuthenticationModule,
Microsoft.Office.Project.Server.PWA, Version=12.0.0.0,
Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
<add name="Session"
type="System.Web.SessionState.SessionStateModule" />
</httpModules>

We think it will be the
Microsoft.SharePoint.ApplicationRuntime.SPRequestModule module that
does the magic thing, if the PSI team (or SharePoint team) can explain
this to the ASP.NET community, it will be a greate contribution,
because this is a common issue about using Forms Authentication with
web services.
 
A

Adam Behrle

Hi Amber,

More or less LoginForms.asmx is excluded from the forms authentication
protection. If you open the web.config under the PSI folder (C:
\Program Files\Common Files\Microsoft Shared\web server extensions
\12\ISAPI\PSI), you'll notice that all users are allowed to hit the
LoginForms.asmx file. This is specified like so:

<location path="LoginForms.asmx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>

Hope that helps!

Adam
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Report Viewer Configuration Error 1
FBA Authentication, Access Denied in PWA 0
PSI & Impersonation 15
How to forward forms credentials to PSI from a custom page? 1
Error using Access as .Net MembershipProvider 2
MS Project Server 2007 - using the PSI 2
where can i find the Microsoft.Office.Project.Schema assembly? (20 0
Deploying CLR to SQL Server (2005) for accessing Project Server Interface (2007) 7

Top