SharePoint Connector: SharePoint Security Cache Service

Owned by Lars Gjestang
Last updated: Nov 07, 2019 by Mateusz Lorc
1 min read

SharePoint Security Service is a supportive Windows service that will run regardless of the fetch service and works even if all SharePoint connections are disabled. Main purpose of this service in SharePoint connector is to cache tokens for each user in SharePoint. It can work with multiple Office365 tenants (multiple Office365 Auth Realms in Locator) at the same time. For each Office365 Auth Realm there is only single cache set regardless of how many connections are created for that tenant. On each run it updates the cache of user SIDs. Security Service uses following Auth Realm Settings:

  • SecurityServiceInterval - to set wait time in minutes between runs.
  • SPO_IndexUsername and SPO_IndexUserPassword - credentials for user that performs the requests to SharePoint. This is the user that has been set up as separate user for authentication and identification in the SharePoint Online Connection page. In cases when this additional user has not been set up the Security Service uses index user from last edited connection that uses this Auth Realm.

When identification plugin is called for some user and Security Service is used then the plugin first checks if tokens have been are already cached and returns them making the identification plugin take significantly less time. However if that user's token cache has not been built yet the plugin queries SharePoint for the tokens.

When Security Service is set up it performs self test. You can verfiy If it succeeded in the Via.SharePoint.SecurityService.exe.log if you see "Passed self test." message.

SharePoint Security Service should be used only on localhost, on a single server solution.














































































ayfie