Looks like SharePoint 2010 still has issues with Anonymous Access and its web services.
There are a fwe articles out there pointing at this issue in 2007 but I'm afraid its no better in 2010 (SharePoint 15?).
This article (Trinkit HQ) is short and sweet, and gets right to the point. Basically if your Web Application has Anonymous Access turned on, you will experience the 'Attempted to perform an unauthorized operation' error.
There are a few ways to deal with it, extend another web app, muck around with IIS (not recommended) but the bottom line is:
Anonymous Access = No Web Services
Showing posts with label Web Services. Show all posts
Showing posts with label Web Services. Show all posts
Wednesday, April 25, 2012
Thursday, March 15, 2012
SharePoint Search Web Services and anonymous access
Recently had to debug an issue with a 3rd Party app using the /_vti_bin/search.asmx web service which, at the time, stopped working with 'no changes' to the environment. We were receiving the SoapException: 'Server was unable to process request ... Unauthorized Operation'.
This turned out to be not quite the truth and infact Anonymous Access was enabled on the Web Application for use by a monitoring tool. The Farm configuration doesn't use Kerberos (jury is still out on whether Kerberos is needed in this situation anyway), just Ntlm and it seems that once a successful connection is made to another SharePoint web service (in this case /_vti_bin/lists.asmx) then a subsequent call to the search service works.
We did a bit of packet sniffing as well and it looks like the search service trys to authenticate differently than the other web services. Not sure why this is the case. I need to understand more about how Search works.
Here's the post on TechNet.
Moral of the story is to check, and double check the environment before spending time going down rabbit holes. Statements like 'it was working, then it stopped...with no change in the environment' just don't add up.
This turned out to be not quite the truth and infact Anonymous Access was enabled on the Web Application for use by a monitoring tool. The Farm configuration doesn't use Kerberos (jury is still out on whether Kerberos is needed in this situation anyway), just Ntlm and it seems that once a successful connection is made to another SharePoint web service (in this case /_vti_bin/lists.asmx) then a subsequent call to the search service works.
We did a bit of packet sniffing as well and it looks like the search service trys to authenticate differently than the other web services. Not sure why this is the case. I need to understand more about how Search works.
Here's the post on TechNet.
Moral of the story is to check, and double check the environment before spending time going down rabbit holes. Statements like 'it was working, then it stopped...with no change in the environment' just don't add up.
Subscribe to:
Posts (Atom)