SharePoint 2010: Programatically Retrieve Credentials from the Secure Store Service

SharePoint 2010′s Secure Store Service provides a way to map credentials and delegate access to remote resources. You may already be familiar with the MOSS 2007 Single Sign-on Shared Service, which was the former equivalent. The Secure Store Service integrates seemlessly with Business Connectivity Services (BCS), but it also features an API that can be taken advantage of within custom development projects. This makes the service an attractive option for storing sensitive configuration data such as connection strings, Web service credentials, etc.

The Secure Store Service allows us to create Target Applications which house sets of credentials. The two main types are Individual and Group applications, Individual meaning credentials are mapped to individual users, and Group meaning all users share the same set of credentials.

While the raw API isn't very intuitive, its design was likely intentional (additional security by obfuscation). With a little marshalling help from our interop library friends, we are able to retrieve credentials (provided the appropriate permissions to the target application).

To begin, we need to reference a couple of assemblies.


C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\ISAPI\Microsoft.BusinessData.dll



And now for the reason you came to this post … the code

using System.Collections.Generic; using System.Linq; using System.Runtime.InteropServices; using System.Security; using Microsoft.BusinessData.Infrastructure.SecureStore; using Microsoft.Office.SecureStoreService.Server; using Microsoft.SharePoint;   namespace Trentacular.SharePoint.Util {     public static class SecureStoreUtils     {         public static Dictionary<string, string> GetCredentials(string applicationID)         {             var serviceContext = SPServiceContext.Current;             var secureStoreProvider = new SecureStoreProvider { Context = serviceContext };             var credentialMap = new Dictionary<string, string>();               using (var credentials = secureStoreProvider.GetCredentials(applicationID))             {                 var fields = secureStoreProvider.GetTargetApplicationFields(applicationID);                 for (var i = 0; i < fields.Count; i++)                 {                     var field = fields[i];                     var credential = credentials[i];                     var decryptedCredential = ToClrString(credential.Credential);                       credentialMap.Add(field.Name, decryptedCredential);                 }             }               return credentialMap;         }           public static string ToClrString(this SecureString secureString)         {             var ptr = Marshal.SecureStringToBSTR(secureString);               try             {                 return Marshal.PtrToStringBSTR(ptr);             }             finally             {                 Marshal.FreeBSTR(ptr);             }         }     } }

How to Hide the SharePoint 2010 Ribbon

If you're creating a Web site and using SharePoint 2010 as a Content Management System platform, perhaps your first challenege as a designer is what to do with that ribbon that is smack-dab in the way of your nice custom layout? At first it seems to be a challenge: For unauthenticated users the ribbon makes no sense and is irrelevant. Your first thought may be to get rid of it entirely. But then, we still need the functionality for users who are authenticated (in order to edit their content) – so we can't get rid of it. What do we do?
There is a solution that fits the needs of designers, developers, their clients and their end-users: Enter the SP2010 Ribbon Toggler! Toggle it with a keystroke, querystring, or a button. Let's implement it:
How to do it
1. Open an editor of your choice to create a new .js file and paste the following code into it:
 function ShowRibbon() {
$('#s4-workspace').height($(document).height() – $('#s4-ribbonrow').height() * 2);

function HideRibbon() {
var newHeight = $(document).height();
if ($.browser.msie) { newHeight = newHeight – 3; }


2. Save your .js file as SP2010_RibbonToggler.js.
3. Open up SharePoint Designer and browse to your root site.
4. In the left tool pane called "Site Objects" click on "Site Assets."
5. In the top tool bar, select "Import Files" and import the .js file you created. (If you'd like to create a separate "scripts" folder within Site Assets, or organize it in any way you'd like, now's the time.)
6. In the left tool pane again select "Master Pages."
7. Open the Master Page that you're using for your Site. In most cases you're probably using v4.master.
8. In the HTML markup, find the section and place the following JavaScript references within the head section:


<script type="text/javascript" src=""></script>
< script type="text/javascript" src="/SiteAssets/SP2010_RibbonToggler.js"></script>


Note: We're first here referencing the jQuery framework. Our code uses this framework to easily and quickly access the Document Object across differing browers. We then reference our SP2010_RibbonToggler.js file. Remember to change the reference path if you put your SP2010_RibbonToggler.js file in a different location than instructed to at the beginning of this tutorial.

We now have two functions in our SharePoint site for turning on and off the ribbon! Now we just need to implement some Javascript code to use these functions. The sky's the limit for how you want to accomplish this. At Concurrency, we like to use a keystroke combination (ctrl+shift+r) to pop up the ribbon. Here's how to do that:

In your SP2010_RibbonToggler.js file, at the following code to it:

$(document).keydown(function (e) {
if (e.keyCode == 17) { ks = "a"; return false; }
if (e.keyCode == 16) { if (ks == "a") { ks = ks + "b"; return false; } }
if (e.keyCode == 82) {
if (ks == "ab") {
ks = "";
if($('#s4-ribbonrow').css('display')=="none") {
} else {
return false;
return true;


Additional ways to toggle

Another way to turn on and off the ribbon now is by passing a query string to the page. If we append ?ribn=1 to our site address at any time, the ribbon will show. This is how to do that:

In your SP2010_RibbonToggler.js file, at the following code to it:

if(getParameterByName('ribn')=="1″) {
} else {

function getParameterByName(name) {
name = name.replace(/[\[]/, "\\\[").replace(/[\]]/, "\\\]");
var regexS = "[\\?&]" + name + "=([^&#]*)";
var regex = new RegExp(regexS);
var results = regex.exec(window.location.href);
if (results == null)
return "";
return decodeURIComponent(results[1].replace(/\+/g, " "));


Or perhaps you only want to show the ribbon if the user has authenticated to SharePoint? Here's how to do that:

In your SP2010_RibbonToggler.js file, at the following code to it:


if (typeof _spUserId == "undefined") {
}else {


In fact, you can add all of these examples to your SP2010_RibbonToggler.js file and they will all work together for you. Wouldn't if be nice if you could download a fully functional .js file with all this working? It would…

Custom List Forms and Redirecting after Update in SharePoint 2010/2007

One of my clients required a custom edit form for their editing screen where it would show certain fields and then redirect to a new page after the OK button was clicked. I had done this before at another client except i'd never found a way to actually redirect the page after the save. Here is an article on how to do that to.

1. In Sharepoint Designer take your EditForm.aspx and copy it.
2. Rename it
3. Open this new form and click on the PlaceHolderMain (leave your ListFormWebPart on the page)
4. In the ListFormWebPart scroll down the properties in the xml which describes the webpart and change to false. For some reason the form will not work unless you leave the original on the page.
4. Click on Insert->Sharepoint Controls->Custom List Form
5. Choose the appropriate List and select Edit Form
6. Sharepoint generates the form for you.

To customize the save button, find the following control on the page Sharepoint:SaveButton

1. Delete the SaveButton
2. Add

input type="button" value="Save" name="btnSave" onclick="javascript: {ddwrt:GenFireServerEvent('__commit;__redirect={}')}"

3. This button allows the form to be saved and redirects to back to that page. See this article for more info

Hope it helps!


If you wish to update after redirecting this is how i did it:

add in

ParameterBinding Name="Source" Location="QueryString(Source)"

to your paramterbindings list then add

xsl:param name="Source">0 /xsl:param>
xsl:variable name="RedirectLoc"> xsl:value-of select="$Source"/> /xsl:variable>

to your stylesheet

then the button should be:

input type="button" value="Save" name="btnTopSave" onclick="javascript: {ddwrt:GenFireServerEvent(concat('__commit;__redirect={',$RedirectLoc,'}'))}"/>