Geoffrey DeFilippi

Okay I’ve created the testing application and it seems to work to a fashion, but not the way I intended. Here is what I’ve done:

1) Created a small Test Application using Visual Studio 2005 (C#)
2) Referenced the Sharepoint Portal Area Usergroup.asmx (Web Service) by adding a Web Reference
3) Using the default.aspx code behind page in the page load function:

protected void Page_Load(object sender, EventArgs e) 
{ 
     UserGroup.UserGroup usrgrp = new UserGroup.UserGroup(); 
     usrgrp.Credentials = System.Net.CredentialCache.DefaultCredentials; 
     try 
     { 
          XmlNode lnode = usrgrp.GetAllUserCollectionFromWeb(); 
     } 
     catch (Exception ex) 
     { 
          Response.Redirect("notallowed.aspx"); 
     } 
 
     Response.Redirect("allowed.aspx"); 
}

The intent here is that if you aren’t authorized to read from the web service with your security credentials then an error gets thrown which is correct and you get redirected to a not authorized page.

We’ve created a GPO that pushes local users accessing the site into the Trusted Security Zone so that they automatically pass their credentials. What seems to be happening is that any logged in user has the ability to access this web service, so this is obviously not the correct method to call to obtain membership information the way I intend to use it.

I’ll post some results later if I find a method that allows only reader level users access to the web service (it thinking the get urls web service might be correct as this portal area is restricted to certain active directory groups and certain other users [a domain trust is in place]). I’m thinking the web service that lists subsites might be the way to go.

Stay posted!!!