I just completed a SharePoint developer tool called SPDev.exe. The initial purpose of this utility is to auto-generate the web service WSDL.aspx and Disco.aspx files needed for a custom SharePoint web service.
After upgrading to .NET Framework 3.5 Service Pack 1 on my SharePoint web servers I began to get the following Unauthorized exception.
Type: WebException, Exception Message: The request failed with HTTP status 401: Unauthorized.
This error really has nothing to do with SharePoint, and is really just an IIS web services related item. This problem is due to an added bit of security included in the .NET Framework 3.5 Service Pack 1. Here is the Microsoft KB article explaining the issue and how to work around the problem. This Microsoft article refers to the problem coming after applying other service packs for Windows XP and Server 2003, but .NET Framework 3.5 Service Pack 1 is also now using this same bit of added security – the loopback check.
You will likely not encounter this problem on a single web server configuration and if you are using the server name to access the web site.
However, most enterprise SharePoint farms consist of at least two web servers that are load balanced. This is where the problem exists.
- You are calling your web services from your web servers using the load-balanced URL, not the server name.
This isn’t a bug. There was a security fix built into the Windows networking stack that prevents a machine name that resolves to the loopback address from accepting a connection unless that machine name matches the NETBIOS name.
One option is to use the server name instead of the load balanced IP. This should remedy the problem. However, the standard method to apply configuration changes across a SharePoint farm is via SharePoint solution files. This usually requires the configuration entries to be the same across all the web servers in the SharePoint farm, and using the load balanced URL is likely the most appropriate.
Suggested configuration changes to resolve this:
- Add the DisableLoopbackCheck registry entry discussed in this Microsoft KB article. Note: you will need to reboot your server before the DisableLoopbackCheck takes effect.
- Be sure to add your load balanced host name for your web farm to the Hosts file on each front end web server. Use the loop-back IP address (127.0.0.1). This will ensure that each web server looks at itself to access the web services preventing any trips back out to the load-balancer – and possibly calling the web service another web server in the farm. This will be much less efficient.
- If this problem appeared to be inconsistent (sometimes erroring, sometime successful), this is most likely due having multiple web servers. The call to the web service will be successful if by chance the load balance redirected the call to the same (self) web server to access the web service. It will fail when trying to call across to a different web server.
Web Services and Service-Oriented Architectures
When it comes to software development books, I usually read books that are much more technically oriented than this book. This book is exactly what it sells itself to be; a non-technical book on a technical subject. The content is excellent for any software development manager wanting to better understand web services.
The book starts out with more of a conceptual view by telling story about a businessman on a business trip. This story is intended to be a bit of utopia and how web services and Service Oriented Architecture (SOA) can help to bring these daily conveniences to the average person. The book then moves on to the changes required and the impact that change itself will bring to an organization. There are some excellent points and examples made in this part of the book. Again, they are short and to the point. The last part dives into the architectural stages of implementing web services.
This book hits its target audience of technical and non-technical managers who need to better understand and communicate the concept, benefits, and risks with implementing web services to upper management, as well as coherently communicating with the technical staff.
This 232 page book is a quick and easy read with 188 pages of core content and the rest providing reference material like terms and definition. A worthwhile read and good handbook for the software development manager needing a clear and concise book on what web services are. I appreciate the clear and to-the-point content.