Any news on this? Karl
On Sat, Feb 23, 2013 at 5:20 PM, Mark Lugert <[email protected]> wrote: > It's there. I'll have the admin double check the permissions again. > Seems like something doesn't have execute permissions. > > -mark > > *From:* Karl Wright <[email protected]> > > *To:* Mark Lugert <[email protected]> > *Cc:* "[email protected]" <[email protected]> > *Sent:* Saturday, February 23, 2013 5:19 PM > *Subject:* Re: Sharepoint > ** > Yes, that's exactly correct. Check to be sure the Permissions.asmx file > is present, and that the service is enabled.****Karl**** > On Sat, Feb 23, 2013 at 3:37 PM, Mark Lugert <[email protected]> wrote:** > > Hi Karl, > > I added some debug to print the actual axis error in the sharepoint > connector. I'm getting error 1000. Looking at > MCPermissions.cs<http://mcpermissions.cs/>I see that it is what is raising > this error, in the code below: > > try > { > // Only handle requests for "item". Send all other > requests to the SharePoint web service. > if (objectType.Equals(itemType)) > { > retVal = GetItemPermissions(objectName); > } > else > { > > ServicePointManager.ServerCertificateValidationCallback += > new > RemoteCertificateValidationCallback(ValidateCertificate); > > using (SPPermissionsService.Permissions service = new > SPPermissionsService.Permissions()) > { > service.Url = SPContext.Current.Web.Url + > "/_vti_bin/Permissions.asmx"; > service.Credentials = > System.Net.CredentialCache.DefaultCredentials; > > retVal = > service.GetPermissionCollection(objectName, objectType); > } > } > } > catch (SoapException soapEx) > { > throw soapEx; > } > catch (Exception ex) > { > EventLog.WriteEntry("MCPermissions.asmx", ex.Message); > *throw RaiseException(ex.Message, "1000", ex.Source); > * } > > Now, the error is still a 401 unauthorized, but since it's inside > MCPermissions.asmx it's clearly not an issue with accessing the webpart > remotely. > > I assume since someone wrote that 1000 for a reason that this is not an > unknown issue. Any ideas what my issue may be? Seems like maybe this is > an issue accessing /_vti_bin/Permissions.asmx from within > MCPermissions.asmx? > > thanks, > Mark > > *From:* Karl Wright <[email protected]>***To:* > [email protected]; Mark Lugert <[email protected]> ** > *Sent:* Friday, February 22, 2013 3:07 PM > *Subject:* Re: Sharepoint > ** > Usually the only thing you have to be careful of with the plugin is to > install it when logged in as an administrator. The plugin gets the privs > it needs from the installation user.****If you've done that already, then > you also have to open up the IIS widget in Windows and grant .NET execute > privs to the _vti_bin directory. There's a whole lot of security > configuration for IIS that I am not an expert with either, but the idea is > to make sure all the .asmx assemblies under _vti_bin can be executed by a > remote user.****(And yes, Windows security is, in general, a complete > pain in the behind.)****Hope that helps.****Karl****** > On Fri, Feb 22, 2013 at 2:51 PM, Mark Lugert <[email protected]> wrote:** > > Ok thanks, installed. Seeing these two issues now, wondering if y'all > have seen these. I'm not a Sharepoint expert, but seems it's security is, > um, difficult: > > 1. Alternate access mappings have not been configured. Users or services > are accessing the site http://amazona-2h120gm with the URL > http://ec2-50-16-175-94.compute-1.amazonaws.com. This may cause incorrect > links to be stored or returned to users. If this is expected, add the URL > http://ec2-50-16-175-94.compute-1.amazonaws.com/ as an AAM response URL. > For more information, see: http://go.microsoft.com/fwlink/?LinkId=114854 > "/> > > Not sure this is actually causing any issues right now, but if you've seen > this let me know. > > 2. MCPermissions.asmx > The request failed with HTTP status 401: Unauthorized. > > My admin just ran the script for installing mcpermissions.asmx. But it > seems like there is an extra step to grant users access? > > thanks, > Mark > > *From:* Karl Wright <[email protected]> > ***To:* [email protected]; Mark Lugert <[email protected]> *** > Sent:* Friday, February 22, 2013 2:00 PM***Subject:* Re: Sharepoint** > **IIS uses NTLM or Kerberos typically. You want to configure it to use > NTLM.****In 1.1 and 1.1.1 there was a problem with the NTLM > implementation in**HttpClient, having to do with machines either not > joined to domains or**joined to child domains. If you think you may have > that problem, you**can download a version of httpclient that works > properly from**http://people.apache.org/~kwright . It's version > 4.2.4-SNAPSHOT.****Karl******On Fri, Feb 22, 2013 at 1:36 PM, Mark Lugert > <[email protected]> wrote:**> Ok will try. This server has other web > apps installed as well. There is**> clearly a conflict or or something > going on with the classpath.**>**> Another question though. The > Sharepoint connector uses what to**> authenticate? Seems like it would > use NTLM by default as I don't see**> anywhere basic auth being set.**>**> > The docs kind of gloss over that part, but I'm getting**>**> Got an > unknown remote exception accessing site - axis fault = Client, detail**> > = The request failed with HTTP status 401: Unauthorized.**>**> using the > exact same credentials I use to login via the browser. Checking**> > security log and stuff, but seems like this should be documented better.** > >**> thanks,**> mark**>****** > > ** > **** > > ** > **** >
