Well, you are not actually using the MCPermissions service with this change. Permission fetches will therefore not include Folder or File security tokens. If this is SharePoint 2010, you will also have had to tell it you were using SharePoint 2007 in order to be able to list files properly.
Karl On Tue, Feb 26, 2013 at 4:20 PM, Mark Lugert <[email protected]> wrote: > In the code I see this: > > // This fails: > MCPermissionsWS aclService = > *new* MCPermissionsWS(baseUrl + site, userName, password, configuration, > httpClient); > com.microsoft.sharepoint.webpartpages.PermissionsSoap aclCall = > aclService.getPermissionsSoapHandler(); > // This works: > PermissionsWS *aclService* = > *new* PermissionsWS(baseUrl + site, userName, password, configuration, > httpClient); > com.microsoft.schemas.sharepoint.soap.directory.PermissionsSoap *aclCall*= > aclService.getPermissionsSoapHandler(); > > As the code says, one fails and one works. The one that succeeds is > commented out. > > I commented out the one that fails and use the one that works. So now I > can sync everything, however I have not tried to sync any permissions. > Perhaps because the first one above fails permissions will fail to sync? > Not sure, but the one that fails gives an error 1000 and 401 unauthorized. > There is no useful logging in the event logs or in IIS logs to say exactly > who or what is unauthorized. > > -mark > > *From:* Karl Wright <[email protected]> > *To:* Mark Lugert <[email protected]> > *Cc:* "[email protected]" <[email protected]> > *Sent:* Tuesday, February 26, 2013 3:17 PM > *Subject:* Re: Sharepoint > ** > Any news on this?****Karl**** > On Sat, Feb 23, 2013 at 5:20 PM, Mark Lugert <[email protected]> wrote:** > > It's there. I'll have the admin double check the permissions again. > Seems like something doesn't have execute permissions. > > -mark > > *From:* Karl Wright <[email protected]> > ***To:* Mark Lugert <[email protected]> ***Cc:* " > [email protected]" <[email protected]> ** > *Sent:* Saturday, February 23, 2013 5:19 PM > *Subject:* Re: Sharepoint > ** > Yes, that's exactly correct. Check to be sure the Permissions.asmx file > is present, and that the service is enabled.****Karl**** > On Sat, Feb 23, 2013 at 3:37 PM, Mark Lugert <[email protected]> wrote:** > > Hi Karl, > > I added some debug to print the actual axis error in the sharepoint > connector. I'm getting error 1000. Looking at > MCPermissions.cs<http://mcpermissions.cs/>I see that it is what is raising > this error, in the code below: > > try > { > // Only handle requests for "item". Send all other > requests to the SharePoint web service. > if (objectType.Equals(itemType)) > { > retVal = GetItemPermissions(objectName); > } > else > { > > ServicePointManager.ServerCertificateValidationCallback += > new > RemoteCertificateValidationCallback(ValidateCertificate); > > using (SPPermissionsService.Permissions service = new > SPPermissionsService.Permissions()) > { > service.Url = SPContext.Current.Web.Url + > "/_vti_bin/Permissions.asmx"; > service.Credentials = > System.Net.CredentialCache.DefaultCredentials; > > retVal = > service.GetPermissionCollection(objectName, objectType); > } > } > } > catch (SoapException soapEx) > { > throw soapEx; > } > catch (Exception ex) > { > EventLog.WriteEntry("MCPermissions.asmx", ex.Message); > *throw RaiseException(ex.Message, "1000", ex.Source); > * } > > Now, the error is still a 401 unauthorized, but since it's inside > MCPermissions.asmx it's clearly not an issue with accessing the webpart > remotely. > > I assume since someone wrote that 1000 for a reason that this is not an > unknown issue. Any ideas what my issue may be? Seems like maybe this is > an issue accessing /_vti_bin/Permissions.asmx from within > MCPermissions.asmx? > > thanks, > Mark > > *From:* Karl Wright <[email protected]>***To:* > [email protected]; Mark Lugert <[email protected]> ** > *Sent:* Friday, February 22, 2013 3:07 PM > *Subject:* Re: Sharepoint > ** > Usually the only thing you have to be careful of with the plugin is to > install it when logged in as an administrator. The plugin gets the privs > it needs from the installation user.****If you've done that already, then > you also have to open up the IIS widget in Windows and grant .NET execute > privs to the _vti_bin directory. There's a whole lot of security > configuration for IIS that I am not an expert with either, but the idea is > to make sure all the .asmx assemblies under _vti_bin can be executed by a > remote user.****(And yes, Windows security is, in general, a complete > pain in the behind.)****Hope that helps.****Karl****** > On Fri, Feb 22, 2013 at 2:51 PM, Mark Lugert <[email protected]> wrote:** > > Ok thanks, installed. Seeing these two issues now, wondering if y'all > have seen these. I'm not a Sharepoint expert, but seems it's security is, > um, difficult: > > 1. Alternate access mappings have not been configured. Users or services > are accessing the site http://amazona-2h120gm with the URL > http://ec2-50-16-175-94.compute-1.amazonaws.com/. This may cause > incorrect links to be stored or returned to users. If this is expected, add > the URL http://ec2-50-16-175-94.compute-1.amazonaws.com/ as an AAM > response URL. For more information, see: > http://go.microsoft.com/fwlink/?LinkId=114854"/> > > Not sure this is actually causing any issues right now, but if you've seen > this let me know. > > 2. MCPermissions.asmx > The request failed with HTTP status 401: Unauthorized. > > My admin just ran the script for installing mcpermissions.asmx. But it > seems like there is an extra step to grant users access? > > thanks, > Mark > > *From:* Karl Wright <[email protected]> > ***To:* [email protected]; Mark Lugert <[email protected]> *** > Sent:* Friday, February 22, 2013 2:00 PM***Subject:* Re: Sharepoint** > **IIS uses NTLM or Kerberos typically. You want to configure it to use > NTLM.****In 1.1 and 1.1.1 there was a problem with the NTLM > implementation in**HttpClient, having to do with machines either not > joined to domains or**joined to child domains. If you think you may have > that problem, you**can download a version of httpclient that works > properly from**http://people.apache.org/~kwright . It's version > 4.2.4-SNAPSHOT.****Karl******On Fri, Feb 22, 2013 at 1:36 PM, Mark Lugert > <[email protected]> wrote:**> Ok will try. This server has other web > apps installed as well. There is**> clearly a conflict or or something > going on with the classpath.**>**> Another question though. The > Sharepoint connector uses what to**> authenticate? Seems like it would > use NTLM by default as I don't see**> anywhere basic auth being set.**>**> > The docs kind of gloss over that part, but I'm getting**>**> Got an > unknown remote exception accessing site - axis fault = Client, detail**> > = The request failed with HTTP status 401: Unauthorized.**>**> using the > exact same credentials I use to login via the browser. Checking**> > security log and stuff, but seems like this should be documented better.** > >**> thanks,**> mark**>****** > > ** > **** > > ** > **** > > ** > **** >
