远程服务器返回错误:(401)未经授权。在ASP.NET中使用CSOM [英] The remote server returned an error: (401) Unauthorized. Using CSOM in ASP.NET
问题描述
我试图把我创造了一些的SharePoint 2013列表数据时,在本地之一运行的服务器在我的机器上本地运行,当它工作正常。在服务器上的本地和本地运行时,我的用户相同的凭据。问题是,当我发布和浏览我得到的服务器上我的ASP.NET应用程序中的远程服务器返回错误:(401)未经授权错误...
I'm tried to pull some SharePoint 2013 list data I created which works fine when running locally on my machine and when run locally one the server. I'm user the same credentials when running both locally and locally on the server. The issue is when I publish and navigate to my ASP.NET app on the server I get the "The remote server returned an error: (401) Unauthorized." Error...
我看着网页
此指出的上下文好像是用IUSR:
<一href=\"http://blogs.msdn.com/b/sridhara/archive/2014/02/06/sharepoint-2013-csom-call-from-web-part-fails-with-401-for-all-users.aspx\">http://blogs.msdn.com/b/sridhara/archive/2014/02/06/sharepoint-2013-csom-call-from-web-part-fails-with-401-for-all-users.aspx
This points out that the context seems to be using IUSR: http://blogs.msdn.com/b/sridhara/archive/2014/02/06/sharepoint-2013-csom-call-from-web-part-fails-with-401-for-all-users.aspx
这人提到尝试设置默认网络凭据:
<一href=\"https://sharepoint.stackexchange.com/questions/10364/http-401-unauthorized-using-the-managed-client-object-model\">https://sharepoint.stackexchange.com/questions/10364/http-401-unauthorized-using-the-managed-client-object-model
This one mentions to try setting the default network credentials: https://sharepoint.stackexchange.com/questions/10364/http-401-unauthorized-using-the-managed-client-object-model
我用文章中提到的修补,以及试图迫使上下文中使用DefaultNetworkCredentials但没有运气尝试。我想对于该应用使用的凭据登录的用户,而不是本机...
I've tried using the fixes mentioned in the article as well as trying to force the context to use DefaultNetworkCredentials but no luck. I would like for the app to use the credentials of the logged in user and not the machine...
下面是code我使用的是:
Here is the code I'm using:
SP.ClientContext context = new SP.ClientContext("MySPDevInstance");
context.Credentials = CredentialCache.DefaultNetworkCredentials;
Entity entity = context.Web.GetEntity(collectionNamespace, collectionName);
LobSystem lobSystem = entity.GetLobSystem();
LobSystemInstanceCollection lobSystemInstanceCollection = lobSystem.GetLobSystemInstances();
context.Load(lobSystemInstanceCollection);
context.ExecuteQuery();
LobSystemInstance lobSystemInstance = lobSystemInstanceCollection[0];
FilterCollection filterCollection = entity.GetFilters(filter);
filterCollection.SetFilterValue("LimitFilter", 0, 1000);
EntityInstanceCollection items = entity.FindFiltered(filterCollection, filter, lobSystemInstance);
服务器正在运行IIS 6.0
The server is running IIS 6.0
任何意见将是多少AP preciated!
Any advice would be much appreciated!
感谢您
推荐答案
我presume你的ASP.NET网站使用Windows集成(NTLM)身份验证。验证这样的用户无法验证到从服务器端第二位置(Web服务器)。您遇到了被称为双跳(1)NTLM的限制。您必须在服务器端使用专用帐户,或者如果你真的想使用已登录用户的身份,则必须使用允许委派的身份验证方案,如Kerberos。
I presume your ASP.NET web site is using Windows Integrated (NTLM) authentication. A user authenticated this way cannot authenticate to a second location from the server side (the web server.) You are experiencing what is known as the "double-hop" (1) limitation of NTLM. You must use a dedicated account on the server side, or if you really do want to use the logged-in user's identity, you must use an authentication scheme that permits delegation, such as Kerberos.
如果你真的需要用户的身份访问SharePoint数据并不能更改认证方案,那么要做到这一点的最好办法是使用JavaScript CSOM。这意味着,用户直接验证到SharePoint服务器(单跳,不加倍),你的ASP.NET站点提供包含此脚本给用户的页面。
If you really need the user's identity to access SharePoint data and you cannot change the authentication scheme, then the best way to do this is to use the JavaScript CSOM. This means the user is authenticating directly to the SharePoint server (a single hop, not double) and your ASP.NET site serves the page containing this script to the user.
(1)http://blogs.msdn.com/b/knowledgecast/archive/2007/01/31/the-double-hop-problem.aspx
这篇关于远程服务器返回错误:(401)未经授权。在ASP.NET中使用CSOM的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
