12
votes

I'm going nuts with this one and can't find any decent information ANYWHERE ..

There is lots of info around about connecting to SharePoint 3.0 Web Services with WCF and Ntlm impersonation. However, when the client accessing the SharePoint services is remote to the SharePoint network and needs to authenticate, how does one best configure and pass credentials to the SharePoint service.

Can I specify a windows username and password local to the SharePoint box inside the servicemodel.config .. our SharePoint instance is running as standalone outside the domain that is accessing it. Therefore impersonation is irrelevant as the domain users do not exist on the sharepoint box.

I have tried many combinations like the following codes.. however I repeatedly get exceptions such as:

"The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'NTLM,Basic realm="wss.internaldev.local"'.

Can anyone provide an example of connecting to a "remote" SharePoint web service with Windows credentials?

ListsSoapClient proxy = new ListsSoapClient();

proxy.ClientCredentials.Windows.ClientCredential.UserName = "admin_user";
proxy.ClientCredentials.Windows.ClientCredential.Password = "admin_password";
proxy.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Identification;

listItems = proxy.GetListItems(...);

proxy.Close();

Binding examples:

<security mode="TransportCredentialOnly">
  <transport clientCredentialType="Windows" proxyCredentialType="None" />
</security>

or..

<security mode="TransportCredentialOnly">
  <transport clientCredentialType="Ntlm" />
</security> 

behaviour:

<behavior name="behavior_WSS">
  <clientCredentials>
    <windows allowedImpersonationLevel="Impersonation" allowNtlm="true" />
  </clientCredentials>
</behavior>

or

    <windows allowedImpersonationLevel="Delegation" allowNtlm="true" />
1
This question might be better suited to ServerFault,comJazza
There is a project on CodePlex that add WCF support to sharepoint. spwcfsupport.codeplex.comHamed Saeedifard

1 Answers

1
votes

Did you try the things suggested here?

eg, in code:

proxy.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonation.Impersonate;
// AllowNtlm = false;