Security in Groove Web Services
Applies to: SharePoint Workspace 2010 | Visual Studio 2008
This section describes security issues for SharePoint Workspace 2010
Security Issues in Groove Web Services
When you make Groove Web Services calls, you should always make sure that you use the correct request key, and that you receive the correct response key from Groove Web Services. Groove Web Services will use the request key to validate that your application is running under the same account.
Testing Response Keys
Your client application should test the response key each time it gets a response from Groove Web Services, so that it can ensure that it is communicating with Groove Web Services and not a rogue application. The following code shows you how to test a response key. For more information, see Reading Groove Web Services Registry Keys.
string responseKeyFromCall = spacesSvc.GrooveResponseHeaderValue.GrooveResponseKey;
string responseKeyFromRegistry = …; // Get key from registry
if (responseKeyFromCall != responseKeyFromRegistry)
throw new Exception ("Response Key does not match expected value.");
}