开发者

SharePoint 2010: consuming web services from NetSuite - 403 Forbidden error

My company is working on a new SharePoint site, which will use Forms Based Authentication to allow our customers to log into the site for subscriber specific content (downloads, license info, etc).

All these customers are located within our CRM, NetSuite, which is where we want our customer care teams to update a customers information and assign them to FBA roles (the roles are already added to Groups in SharePoint).

To do this, I'm looking to create SOAP XML files, that can be used by NetSuite's own development language, SuiteScript, which would send the SOAP request, and the process the response.

For example: Using soapUI I'm constructing the following XML:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/">
<soapenv:Header/>
  <soapenv:Body>
    <dir:GetUser开发者_运维技巧Info>
      <dir:userLoginName>myUserName</dir:userLoginName>
    </dir:GetUserInfo>
  </soapenv:Body>
</soapenv:Envelope>

The problem is that my XML response, when executing this XML using soapUI, is 403 FORBIDDEN - the Raw response is:

HTTP/1.1 403 Forbidden
Cache-Control: private, max-age=0
Server: Microsoft-IIS/7.5
SPRequestGuid: 36264ce4-9702-44bb-9693-23852a5e0c99
X-SharePointHealthScore: 1
X-Forms_Based_Auth_Required: http://mySPserver/_layouts/login.aspxReturnUrl=/_layouts/Error.aspx&Source=%2f_vti_bin%2fusergroup.asmx
X-Forms_Based_Auth_Return_Url: http://ec2-devmoss1/_layouts/Error.aspx
X-MSDAVEXT_Error: 917656; Access denied. Before opening files in this location, you must first browse to the web site and select the option to login automatically.
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.4762
Date: Tue, 19 Jul 2011 19:25:47 GMT
Content-Length: 13

403 FORBIDDEN

I'm guessing I need to log in somehow using credentials within the XML, but how do I do that? I tried using this in my <soapenv:Header>...

<soapenv:Header> 
  <h:BasicAuth xmlns:h="http://soap-authentication.org/basic/2001/10/" SOAP-ENV:mustUnderstand="1"> 
    <Name>user</Name> 
    <Password>password</Password> 
  </h:BasicAuth> 
</soapenv:Header>

but then my Raw response becomes:

HTTP/1.1 400 Bad Request
Cache-Control: private
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.4762
Date: Tue, 19 Jul 2011 19:43:12 GMT
Content-Length: 0

Can anyone advise on how to correctly form an XML SOAP call for this, or any, SharePoint web service method, or point me to an article/question (with answer) that explains it? I tried googling and looking through stackoverflow (of course ), but I just cannot find the information/solution I need.

(sorry for the really long question)

Kevin


In the warm, fuzzy .Net world...

Accessing webservices on a SharePoint site using FBA takes a little extra work.

In .Net, it's pretty simple. In fact, there's a MSDN article with code samples and all on precisely how to do that. In summary, you first call the Login method on Authentication.asmx, and use the returned cookie in all future web service requests.

Outside .Net

One dark and stormy night, I ventured out into the non-Microsoft world. No-man's land. Without the .Net generated web service proxies, we were rolling our own SOAP messages to communicate with SharePoint webservices.

Where's my cookie??

Without the .Net proxy, you can't use CookieContainer as the MSDN article suggests. Authentication.asmx's description for Login shows the following SOAP response:

SharePoint 2010: consuming web services from NetSuite - 403 Forbidden error

The response XML simply contains the authentication cookie's name. Where did the actual cookie go? GIMME MY COOKIE!!!

Getting the cookie

It turns out the cookie is sent in the SOAP header. If login is successful, the response's SOAP header will look something like this:

SharePoint 2010: consuming web services from NetSuite - 403 Forbidden error

The Set-Cookie field above gives us the FBA cookie called .ASPXAUTH, with value 987A98.......

Using the cookie

To use the cookie for web service requests, we need to include it in the SOAP request header by adding a Cookie field:

SharePoint 2010: consuming web services from NetSuite - 403 Forbidden error

You can include multiple cookies by separating the name/value pairs with semi-colons. Once the .ASPXAUTH cookie is set, you can send the request and a response should be returned as normal.

No-man's land behind ISA lines

SharePoint sites behind an ISA server with Forms authentication can be handled similarly. The difference is that we have to get the authentication cookies from the ISA server instead of SharePoint. That can be done by POSTing to the /CookieAuth.dll?Logon url. I won't go over the details, but it shouldn't be hard to figure out the appropriate url and querystring to use.


I found this again after the original blog disappeared then reappeared. Added for posterity here in case the blog goes away.

New blog location.

Author Bio

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜