How to configure and call non-anonymous WCF services from SharePoint application and WPF?

0

We have a CRM/ERP web application (ASP.Net Forms) running on top of SharePoint (WSS and 201x). On the other hand we have add-ins for Office (WPF) closely integrated to the web application via WCF services.

Both rely heavily on a WCF services project, in three ways:

  1. WCF services called from code behind
  2. AJAX-enabled client web services using webhttpbinding / enablewebscript
  3. WCF services called from the add-ins.

However, there is a security concern. In our current set-up, the WCF services need to be set to Anonymous authentication. Otherwise our web application and add-ins won't work using the current configuration.

Our goal: to disable the anonymous access to the WCF services somehow, without breaking either the web application or add-ins.

This proved much less straight-forward than expected.

This is our typical set-up:

  • Extended SharePoint site (WSS / 201x). Alternate Access Mapping configuration:
    • Default: Active Directory, NTLM.
    • Intranet: Membership Provider, Anonymous access.
  • ASP.Net web application runs within the main SharePoint web application (no sub web application in IIS).
  • WCF services project is configured in IIS as a 'sub' web application beneath the SharePoint web application.

This is what we came up with so far:

  • Added in the WCF services web.config
  • Changed Windows Authentication -> Advanced Settings to the following:
    • Extended Protection: Accept
    • [X] Enable Kernel-mode authentication
  • Changed client binding configuration of add-ins and web application to Security Mode TransportCredentialOnly with clientCredentialType Ntlm.

Above solution works in our SharePoint 2007 test environment in all three aforementioned places.

However in SharePoint 201x we can't get the WCF calls from within the web application to work. At least not using the same client bindings as the add-ins (while the WCF calls from the add-ins also work in SharePoint 2013).

The error message we’re getting is: No credentials are available in the security package. Another one we encountered is: Provider type not defined. (Exception from HRESULT: 0x80090017)

Question: How can we use WCF services non-anonymously from within a SharePoint web application and from WPF?

Any idea's on how to configure and call these in this scenario? (one way or another)

Any thoughts on this are greatly appreciated!

asp.net
wpf
wcf
iis
sharepoint
asked on Stack Overflow Jul 12, 2018 by EddyZ

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0