SharePoint 2007 Document Encryption

Since releasing the new Advanced SharePoint Development course, I have been working on various items to add to it!  One of them is using Enterprise Library with SharePoint Event Handlers to implment document encryption!  Here is the lab!

Module #15: SharePoint Event Handlers Lab #3

 

 

Course:           Advanced SharePoint Development

Estimated Time to Complete:  45 minutes

Objectives:

·        Create an Event Handler feature that encrypts documents

Operating Notes:  none

Deliverables:

·        None

 

Overview:         SharePoint has exposed several events that we can tie into with our own code.  Let’s see how to do this!

Exercise 1 – Create a new SharePoint Event Handler

Purpose:         Create and register an event handler for SharePoint events

Result:           
A new event handler

Task 1 – Create a new Visual Studio Class Library

  1. Open Visual Studio, select New->Project
  2. Select Class Library from the project templates
  3. Name the project EncryptDocumentEventReceiver
  4. For location, c:asp
  5. Add a reference to
    • Microsoft.SharePoint.dll
    • Microsoft.Practices.EnterpriseLibrary.Common
    • Microsoft.Practices.EnterpriseLibrary.Security
    • Microsoft.Practices.EnterpriseLibrary.Security.Cryptography
  6. Add a using statement to
    • Micorosft.SharePoint
    • Microsoft.Practices.EnterpriseLibrary.Common;
    • Microsoft.Practices.EnterpriseLibrary.Common.Configuration;
    • Microsoft.Practices.EnterpriseLibrary.Security;
    • Microsoft.Practices.EnterpriseLibrary.Security.Configuration;
    • Microsoft.Practices.EnterpriseLibrary.Security.Cryptography;
  7. Rename class1 to EncryptDocument
  8. Make EncryptDocument inherit from SPItemEventReceiver
  9. Add the following methods:

private void Encrypt(SPItemEventProperties properties)

        {

            //get the file, encrypt it

            SPFile file = properties.ListItem.File;

            byte[] bytes = file.OpenBinary();

 

            //encrypt the file

            IConfigurationSource source = new SystemConfigurationSource();

            SymmetricCryptoProviderFactory factory = new SymmetricCryptoProviderFactory(source);

            ISymmetricCryptoProvider provider = factory.CreateDefault();

 

            byte[] encryptedByteArray = provider.Encrypt(bytes);

            string encryptedText = Convert.ToBase64String(encryptedByteArray);

 

            file.SaveBinary(encryptedByteArray);

            file.Update();    

        }

 

        private void Decrypt(SPItemEventProperties properties)

        {

            //get the file, encrypt it

            SPFile file = properties.ListItem.File;

            byte[] bytes = file.OpenBinary();

 

            //encrypt the file

            IConfigurationSource source = new SystemConfigurationSource();

            SymmetricCryptoProviderFactory factory = new SymmetricCryptoProviderFactory(source);

            ISymmetricCryptoProvider provider = factory.CreateDefault();

 

            byte[] decryptedByteArray = provider.Decrypt(bytes);

            string decryptedText = Convert.ToBase64String(decryptedByteArray);

 

            file.SaveBinary(decryptedByteArray);

            file.Update();           

        }

 

        public override void ItemCheckedOut(SPItemEventProperties properties)

        {

            Decrypt(properties);

 

            base.ItemCheckedOut(properties);

        }

 

        public override void ItemCheckedIn(SPItemEventProperties properties)

        {

            Encrypt(properties);

 

            base.ItemCheckedIn(properties);

        }

       

        public override void ItemAdded(SPItemEventProperties properties)

        {

            Encrypt(properties);

 

            base.ItemAdded(properties);

        }       

 

  1. Right Click the project, select Properties
  2. Select the Signing tab
  3. Click “Sign the assembly”
  4. Select <New…>, type EncryptDocumentEventReceiver.snk
  5. Uncheck “Password…”
  6. Build the project, Press Ctrl-Shift-B
  7. Copy the C:ASPEncryptDocumentEventReceiverEncryptDocumentEventReceiverinDebugEncryptDocumentEventReceiver.dll to the c:windowsassembly directory (this installs the assembly in the gac)

Task 2 – Extend the web.config file

  1. Open Enterprise Library console
  2. Click the open button, browse to the c:inetpubwwwrootwssvirtualdirectories100web.config file
  3. Click Open
  4. Right click the “C:inetpub…” node, select New->Cryptography Application Block
  5. Right click the Symmetric Provider node, select New->Symmetric Algorithm Provider
  6. Select TripleDESCryptoServiceProvider, Click Ok
  7. In the Cryptographic key wizard, Click Next
  8. Click Generate
  9. Click Next
  10. Name the key “EncryptIt.key”, Click Save
  11. Click Next
  12. Select Machine mode, Click Finish
  13. Click the Cryptography Application Block node
  14. For DefaultSymmetricCryptoProvider, select TripleDESCryptoServiceProvider

Task 3 – Create a console application to register the event handler

  1. In Visual Studio, click Add->New->Project
  2. Select a Windows Console Application
  3. Modify the Main method to this:


static void Main(string[] args)

        {

            try

            {

                SPSite site = new SPSite("http://localhost:100");

                SPWeb web = site.OpenWeb();

 

                SPEventReceiverDefinitionCollection receivers = web.EventReceivers;               

                SPEventReceiverDefinition newRecevier = receivers.Add();

                newRecevier.Name = "EncryptDocumentItemAdded";

                newRecevier.Assembly = "EncryptDocumentEventReceiver, Version=1.0.0.0, Culture=neutral,PublicKeyToken=3041621ef2536dab";

                newRecevier.Class = "EncryptDocumentEventReceiver.EncryptDocument";

                newRecevier.Type = SPEventReceiverType.ItemAdded;

                newRecevier.Update();

 

                newRecevier = receivers.Add();

                newRecevier.Name = "EncryptDocumentItemCheckedOut";

                newRecevier.Assembly = "EncryptDocumentEventReceiver, Version=1.0.0.0, Culture=neutral,PublicKeyToken=3041621ef2536dab";

                newRecevier.Class = "EncryptDocumentEventReceiver.EncryptDocument";

                newRecevier.Type = SPEventReceiverType.ItemCheckedOut;

                newRecevier.Update();

 

                newRecevier = receivers.Add();

                newRecevier.Name = "EncryptDocumentItemCheckedIn";

                newRecevier.Assembly = "EncryptDocumentEventReceiver, Version=1.0.0.0, Culture=neutral,PublicKeyToken=3041621ef2536dab";

                newRecevier.Class = "EncryptDocumentEventReceiver.EncryptDocument";

                newRecevier.Type = SPEventReceiverType.ItemCheckedIn;

                newRecevier.Update();               

            }

            catch (Exception ex)

            {

                Console.Write(ex.Message);

            }

        }

 

 

  1. Compile the project (Ctrl-Shift-B)
  2. Run the Console Project
  3. Reset IIS
  4. Open the http://localhost:100 site
  5. Create a text document, upload it to the document library
  6. Open the document, notice it is encrypted
  7. Check out the document
  8. Open the document, it is now decrypted!

 

Utilize Active Directory Provider in ASP.NET 2.0

You can use the System.Web.Security.ActiveDirectoryMembershipProvider class to do Membership against active directory!!!


However, you have to setup a special connection string to point to a domain controller and to run as a user to query LDAP.


I’ll be working with this a little bit later and will likely post the code for this project somewhere…


Here is more info on how to do this:


http://msdn2.microsoft.com/en-us/library/system.web.security.activedirectorymembershipprovider.aspx

How to Setup the Web Site Configuration WebSite outside VS.NET 2005

Here’s how to do it:



  • Copy all files in the C:WindowsMicrosoft.NETFrameworkv2.0.50727ASP.NETWebAdminFiles to a directory inside C:inetpubwwwroot (likely called Admin) – IGNORE the one that is in the inetpubwwwrootaspnet_webadmin…that is a bad copy!!!
  • Go into IIS, make the directory a web application, set it’s asp.net version to 2.0
  • The default.aspx page that normally loads expects the queryString variables of applicationPhysicalPath and applicationURL (as the web application is modifiying membership/roles/profile via the providers and the updating the web.config file of the web application you are pointing it at)!!!
  • You can set this statically in the default.aspx page and have it not care about the queryString variables
  • Then you would want to lock down the web with IIS authentication

ACA.NET 4.0 vs Enterprise Library

Despite what most people may think, Avanade actually devloped the original versions of Enterprise Library.  This innovative piece of software spawned the future of what we now know as our beloved Software Factories (Smart Client, Web Service, Mobile, etc).  Let’s give Avanade some serious credit for being the people they were and are today! 


Thanks Avanade!

ASP.NET 2.0 Top Features…

These are the top new features of ASP.NET:



  • Master Pages!

  • Web Diagnostics

  • Provider Model (Membership, Roles, Security)

  • Asyncronous Web Pages!

If you think your web pages are fast and well architected, but you didn’t use the things above, then you don’t know that you don’t know those things will make it even faster and well architected!

Coolest new things about BizTalk 2006

By far, the coolest things about BizTalk 2006 are:



  • Flat File Schema generator…wow…that thing is awesome!

  • Application containers in the BizTalk Admin Console…good job MS!

  • Bigger window to code custom C# code in orchestrations…woohoo!

There are a few others, but dang…those are some biggies!