Active Directory User Data Web Service Platform Component
Active Directory User Data Web Service Platform Component
The Active Directory User Data Web Service Platform Component (hereafter called "ADUserDataWS") is a key piece of the FabriKam solution. It is used by all five FabriKam solutions, and it serves a critical function in each. For a full description of the ADUserDataWS – including a code review that looks at the security design, the Web service's methods, and so on – refer to the document titled FabriKam Platform Component: Active Directory User Data Web Service.
In brief, ADUserDataWS runs as an intranet application hosted by Internet Information Services 6.0, and it receives XML-formatted requests, queries Active Directory through the Active Directory Services Interface (ADSI), and returns the results as XML so they can be used in forms and documents. The figure below shows the architecture of ADUserDataWS.
.gif)
Figure 1. The Deployed ADUserDataWS
In the figure above, an InfoPath form captures user input (for example, a partial name), and sends the XML as a properly formatted query to the Web service. Upon receipt, ADUserDataWS authenticates the client and uses ASP.NET Impersonation to allow the Web service to run in the context of the client user, that is, including <identity impersonate="true"/> in Web.config. Assuming the user has an account in the domain, the Web service will return results to the client application.
For developers, this architecture translates into a few key benefits:
Deployment is easier when used with Microsoft Office System products. ADUserDataWS is hosted on a central IIS server, and no additional components are needed on client computers.
Data is returned as XML, allowing direct binding into the form.
The XML form is optimized for the business process; no knowledge of the Active Directory schema is necessary.
ADUserDataWS helps the developer focus on using the data in Active Directory to fit the context of the business process.
Using ADUserDataWS means that the deployed InfoPath forms do not need to be fully trusted in order to query the Active Directory (as would be the case if the forms were to query using ADSI directly).
Development time is significantly reduced.
To see ADUserDataWS in action, run any of the five solutions. Some of the FabriKam solutions use the Web service automatically. For example, the Sales Report form uses it to fill in the name of the person filling out the form (which is shown in the top left of the form). This field cannot be changed by the user. Other solutions provide user interaction. For example, the Technical Manual Creation solution's InfoPath form allows users to create a new technical manual project and to define team members. As they type in full or partial names of team members, ADUserDataWS automatically fills in the full correct name, as well as the e-mail address.