Bryant Likes

First an insensitive validator and next an Impersonating WebPart. What is web development coming too? :)

Jay Nathan now has a .Text blog! After you subscribe you should read his article on the Impersonating WebPart. It covers the basics of how to use the WebPart to impersonate users along with an overview of things like CAS.

If you're new to SharePoint development and you don't know what CAS stands for then you really need to read Maxim Karpov's article on the subject. Jan also talks about it in reference to the SmartPart here. While CAS is not something I really enjoy, it is essential to understand. If you don't at least understand the theory then you're going to run into real trouble the first time you get a security exception in the web part you're developing.

But back to the article. One thing that caught my attention since it is something that I've struggled with before:

Impersonator i = new Impersonator("SharePointRead", "MARINER", 
"password123").Impersonate();

// Code requiring higher permissions...

i.Undo();

Note: Instead of hard-coding the account credentials, they should probably be stored in the SharePoint's web.config file or a SQL Server table.

I really don't want to put the username and password in the code (as noted), but I also really don't want to put them in a database or a web.config file either. What I really want to do is figure out how to make this work with single sign-on. Unfortunately I haven't even got single sign-on running so I haven't looked at if this is possible.

Overall I think the Impersonating WebPart is a great idea and will probably cover 99% of what you would use it for. However, there are some cases (like Reporting Services) where I think you might need to have something like single sign-on in order to deal with who sees what data.