How to avoid hard coding credentials into Sharepoint webpart?
Posted
by SeeBees
on Stack Overflow
See other posts from Stack Overflow
or by SeeBees
Published on 2010-04-20T22:10:06Z
Indexed on
2010/04/20
23:03 UTC
Read the original article
Hit count: 234
I am building a Sharepoint web part that will be used by all users. The web part connects to a web service which needs credentials with higher privileges than common users. I hard coded credentials in the web part's code.
query.Credentials = new System.Net.NetworkCredential("username", "password", "domain");
query
is an instance of the web service class
This may not be a good approach. In regard with security, source code of the web apart is available to people who are not allowed to see the credential. This is bad enough, But is there any other drawback of this approach?
A web part doesn't have a .config file associated. The .config file is in application-level of the sharepoint site, and I don't want to modify it for a single webpart. I wonder if there is a webpart-specific way to solve this problem? Say provide a WebBrowsable property to an admin so that he/she can set credentials. Is this possible?
Thanks
© Stack Overflow or respective owner