SharePoint Experts, Information Architects, Expert Witness

We provide consulting in a broad array of business and technology from architecture to design to deployment of global systems with a focus on surfacing data in the enterprise. Specialists in Microsoft, we are a premier provider of SharePoint Expertise (including 2016 and Office 365). We also provide Expert Witness/Legal Expert in eDiscovery, source discovery, patent infringement, piracy and more! We also have established SICG DLDS s.a. - our counterpart in Costa Rica that specializes in water systems (http://www.crwatersolutions.com) - Contact me direct: david_sterling@sterling-consulting.com or call 704-873-8846 x704.

Search This Blog

Tuesday, January 23, 2018

Using SharePoint Web Services from Anonymous Mode

NOTE: This is only applicable to on premise.

You might have a need to access the SharePoint Web Services (in my case it was the UserProfileService.asmx) from an anonymous site. The issue is authentication - through both CSOM and Server Side code, there are problems with authentication.

A test with elevated, impersonation using a token and impersonation in .NET failed to produce results. In all cases, the permissions were blocked (user not part of the site, etc.). The actual fix was from a post I stumbled on wherein you can add a section to the Web.config to make it work.

Look for the end tag </system.web.extensions> and add the following just below it:

<!-- Disable anonymous access to _vti_bin -->
<location path="_vti_bin">
    <system.web>                 
        <authorization>
            <deny users="?" />
        </authorization>
    </system.web>
</location>

This effectively blocks anon-users from accessing _vti_bin (a good thing anyway) but permits the web services to work (you still need to set network credentials).

FYI: You should be using SPWebConfigModification to make the change - while I've documented this myself, here's another quick guide: https://blogs.technet.microsoft.com/heyscriptingguy/2010/09/14/use-powershell-to-script-changes-to-the-sharepoint-web-config-file/


Kudos to: http://www.sharepointdiary.com/2012/06/sharepoint-web-services-exposed-to-anonymous-users.html#ixzz551Cj8h3j



No comments: