We have a CRM/ERP web application (ASP.Net Forms) running on top of SharePoint (WSS and 201x). On the other hand we have add-ins for Office (WPF) closely integrated to the web application via WCF services.
Both rely heavily on a WCF services project, in three ways:
However, there is a security concern. In our current set-up, the WCF services need to be set to Anonymous authentication. Otherwise our web application and add-ins won't work using the current configuration.
Our goal: to disable the anonymous access to the WCF services somehow, without breaking either the web application or add-ins.
This proved much less straight-forward than expected.
This is our typical set-up:
This is what we came up with so far:
Above solution works in our SharePoint 2007 test environment in all three aforementioned places.
However in SharePoint 201x we can't get the WCF calls from within the web application to work. At least not using the same client bindings as the add-ins (while the WCF calls from the add-ins also work in SharePoint 2013).
The error message we’re getting is: No credentials are available in the security package. Another one we encountered is: Provider type not defined. (Exception from HRESULT: 0x80090017)
Question: How can we use WCF services non-anonymously from within a SharePoint web application and from WPF?
Any idea's on how to configure and call these in this scenario? (one way or another)
Any thoughts on this are greatly appreciated!
User contributions licensed under CC BY-SA 3.0