Wednesday, January 06, 2010

Access Denied with SP custom web service

This one was bugging me for a while! I have an application that has a SharePoint workflow, that then calls a custom web service that interacts with the SP object model (long story...has to do with credentials).

Things were working fine until of late I started getting Access Denied messages when invoking a web service. In particular, the web service would fail when I tried to intantiate a web object, either through .RootSite or .OpenWeb(). I tried all sorts of combinations of Information Policy settings in Central Admin, switching to a different app pool account in IIS, impersonation in the code, you name it.

Now, the curious thing was it appeared the 401 Access Denied message was coming from IIS, not from SharePoint. I could attach to the debugger, and my code definitely was being executed, just failing at that .RootSite/.OpenWeb call. More curious, switching from Integrated Autheticatio to Anonymous allowed the web service call to work fine.

Well, I found a reference to an issue introduced by the .Net 3.5 SP1 Framework with the loopback adapter. Since the web service and the workflow were executing on the same server, I think it was the Framework that was causing the problem, too many repeat calls to the same server. When I changed the URL for my web service from http:// to http://localhost, the service ended up working fine. Repeated on a second server hosting the same instance.

Time to update the deployment documentation!!

And, happy 2010! Learned PowerShell yet?

No comments: