SharePoint 2013 Claims and the Welcome Control

Recently, one of my colleagues wanted to update the SharePoint 2013 welcome control with custom claim values, rather than the default values, when utilizing ADFS SAML claims based authentication. If the signed in users display name is not updated in the all users table on the SharePoint web site, then the welcome control will display the primary encoded format of the user id. For example, if the user was authenticated by a trusted Identity Token Issuer, utilizing the User Principle Name (UPN) as the identifier claim, the format will be as follows:

i:05.t|Trusted Identity Token Issuer Name|UPN

The SharePoint claims encoding article can be found here: SharePoint 2013 and SharePoint 2010 Claims Encoding

If you are also not planning on running a SharePoint user profile import, then setting welcome control display can be a little problematic. One approach is to have a custom control in the master page. The control can update the inner HTML of the welcome control, so that it can display a value from augmented claims. In the example below, I specifically pull out the Claim Type of Email, but depending on your scenario, you could use any valid claim augmented from the SharePoint STS which was originally provided by the identity provider STS.

Please note that you may want to check the user is authenticated first and the claims exist, as per the notes in code below.

            // Cast the Thread.CurrentPrincipal
            IClaimsPrincipal icp = HttpContext.Current.User as IClaimsPrincipal;

            string claimValueforWelcomeControl = "No Claims Found";

            // Access IClaimsIdentity which contains claims
            IClaimsIdentity claimsIdentity = (IClaimsIdentity)icp.Identity;
            // Create a Claims Collection - could use IEnumberable and then LINQ
            ClaimCollection claimsCollection = claimsIdentity.Claims;
            // Grab the type we want to display from the claimsCollection
            if (claimsCollection.Count > 0)
            {
                try
                {
                    foreach (Claim c in claimsCollection)
                    {
                        // Whichever claim type you want from claims to be displayed in the welcome control
                        if (c.ClaimType == ClaimTypes.Email)
                        {
                            // consider checking the claimtype exists in the collection first
                            if (c.Value != null)
                            {
                                // Set the Welcome Control Value to the claim value
                                claimValueforWelcomeControl = c.Value;
                            }
                        }
                    }
                }
                catch (SPException ex)

                {

                    Literal1.Text = ex.ToString();
                }
            }

            try
            {
                ClientScriptManager clientScriptManager = Page.ClientScript;
                StringBuilder sb = new System.Text.StringBuilder();
                if (!clientScriptManager.IsClientScriptBlockRegistered("WelcomeControlUpdate"))
                {
                    
                    sb.Append("<script type=\"text/javascript\">");
                    // **** consider JQuery instead: $(document).ready(function (){"); ****
                    sb.Append("window.onload = function () {");
                    // sb.Append("document.getElementById('zz4_Menu').innerHTML = 'Some Claim Value';");
                    sb.Append("document.getElementById('zz4_Menu').innerHTML = '" + "From Claims: " + claimValueforWelcomeControl + "';");
                    sb.Append("}");
                    sb.Append("</script>");
                    clientScriptManager.RegisterStartupScript(this.GetType(), "WelcomeControlUpdate", sb.ToString());
                }
            }
            catch (Exception ex)
            {
                Literal1.Text = ex.ToString();
            }



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: