Tuesday, September 29, 2009

Workaround for 401 problem with POST and NTLM authentication

Context: Invoke SharePoint Lists.asmx webservice from a WPF client to retrieve listitems. The SharePoint site is hosted by an external provider, and secured via NTLM authentication. To invoke the Lists webservice a WCF proxy is generated. The client WCF binding is set to basicHttpBinding, with security = NTLM.
Issue: When invoking the service from the WPF client, a 401 is returned. Via Fiddler inspected the http-request. The NTLM authentication protocol handling in 3-steps is visible, but despite that no succesfull authentication. A simple GET via WebClient to the Lists.asmx page, with same NTLM credentials applied does succeed.
And strangely, in case this is done before sending the POST webrequest, the latter does also succeed. That is..., when Fiddler is active. Without Fiddler monitoring the http transfer, the HTTP-GET request still succeeds, however the WCF proxy call then again fails.
Although I love Fiddler, it's no option to oblige application end-users to run it just to allow the WCF proxy call to succeed...
Instead I tried to implement the SOAP behaviour explicity self via WebClient, and abandon the WCF framework in this particular case. And this works!

N.B. The probable cause of the POST malfunctioning with HttpWebRequest / WCF proxy and NTLM authentication is described in the post 401 Error on HttpWebRequest with NTLM Authentication.

Tuesday, September 22, 2009

Embrace the New Way of Work

This morning I had an appointment at the headquarters of Microsoft Netherlands, at a location nearby Amsterdam. According to the route planner it ought to take me about an hour and a quart. However, due to a capital traffic jam it took me almost 3 hours (!!) to finally get there. Even despite my build-in marge I thus arrived late for the meeting, and could only attend the last 45 minutes. What a waste of time... Therefore next time we'll value our precious time, and organise via Microsoft Office Live Meeting a virtual and location-independent meeting. Cheers for that...

Monday, September 21, 2009

Tip - HowTo package multiple project-assemblies in a single WPF executable

It's a good practice to structure your Visual Studio solution according to the application layers. You can do that via a folder structure within a single project. But I prefer to structure each application layer within it's own VS project. This approach allows (the build of) each VS project to depend only on the architectural layer direct beneath it.
A consequence of structuring within multiple VS projects, is that each project will build its own assembly file. Often this is also required for deployment and update flexibility. Sometimes however its handier to package it all within a single assembly for deployment. An example is the build of a WPF .exe. Especially for a smaller application, it's a bit overdone to have to deploy one or more .dll assemblies besides the .exe.
Luckily it's easy possible to also package the other project-assemblies within the main .exe executable. The tool to the rescue here is ILMerge. You can modify the project file to automatically merge the dependant .dll assemblies within your main .exe:
<PropertyGroup>
<PostBuildEvent>ILMerge.exe /internalize /ndebug /out:$(TargetFileName) $(TargetFileName) TopForce.Communication.Application.dll TopForce.Communication.Integration.dll</PostBuildEvent>
</PropertyGroup>

Monday, September 14, 2009

Online interview explaining the business case of OBAs in the field of SAP/MS

At Tech-Ed Australia Kristian Kalsing has a session on the subject of OBAs in the field of SAP/MS. He was also interviewed on this subject. In this interview Kristian at first gives a good explanation of the business case of applying SAP / MS integration within the information worker's workplace, typical a non-casual user of the SAP environment. At the end he also gives some solid best practices to apply when starting with SAP / MS interoperability. You can watch the interview online.
Tags: SAP NetWeaver Microsoft SharePoint integration interoperability OBA

Friday, September 11, 2009

Tip - HowTo Enable Anonymous Access to discussion board listview within a public readonly publishing site

For a public exposed website you'll need to enable anonymous access, to allow arbitrair visitors to see the published content, and search crawlers to index your site. You'll also want the site visitors to only be able to view the site contents, not to modify it.
There are some exceptions to this general permission rule. One is when the website contains 1 or more discussion boards. To enable any arbitrair visitor to participate in a discussion thread, she needs update permission rights within the SharePoint DiscussionBoard. In a former project we learned that it's not trivial to enable update rigths for anonymous users in a further readonly publishing SharePoint site. To spare you the time to discover yourself how to still achieve this, I decided to publish here the steps I needed to perform.
  1. [Central Admin] create new web app
  2. [Central Admin] create a site collection with Publishing Portal as template
  3. [Central Admin] extend the web application for internet; and allow Anonymous.

    Note: in this stadium still WA allowed at the extended site.

  4. [Site itself] open up the extended site; since WA allowed possible to change settings
  5. [Site itself] enable anonymous access for entire site
    (site settings \ advanced settings \ settings \ Anonymous Access \ Entire Website)
  6. [Central Admin] disable Integrated WA for the extended site to make it totally anonymous
  7. [Shell/CMD on SharePoint server] !! toggle the lockdown feature on the extended site; and do either app pool recycle or IIS reset
  8. [Site itself] provision a DiscussionBoard, and set its permission to allow anonymous access.
  9. [Central Admin] re-enable WA on the extended site
  10. [Site itself] allow anonymous access for both viewing and adding items on the discussionboard list
  11. [Central Admin] disable again WA
This sequence of steps, and in this exact order, worked out for us. When deviating from it, we still experienced access denied issues; either upon trying to display the discussionboard ListView, or when trying to add a new thread or reply to existing discussion.