Unauthorized Sharepoint WSDL from Coldfusion 8

Question

How do I solve the error:

Unable to read WSDL from URL: https://workflowtest.site.edu/_vti_bin/Lists.asmx?WSDL.
Error: 401 Unauthorized.

I can successfully view the WSDL from the browser using the same user account. I'm not sure which authentication is being used (Basic or Integrated).

How would I find that out?

The code making the call is:

<cfinvoke 
  username="username" 
  password="password"
  webservice="https://workflowtest.liberty.edu/_vti_bin/Lists.asmx?WSDL" 
  method="GetList" 
  listName="{CB02EB71-392E-4906-B512-8EC002F72436}"
>

The impression I get is that coldfusion doesn't like being made to authenticate to get the WSDL.

Full stack trace:

coldfusion.xml.rpc.XmlRpcServiceImpl$CantFindWSDLException: Unable to read WSDL from URL: https://workflowtest.liberty.edu/_vti_bin/Lists.asmx?WSDL.
  at coldfusion.xml.rpc.XmlRpcServiceImpl.retrieveWSDL(XmlRpcServiceImpl.java:709)
  at coldfusion.xml.rpc.XmlRpcServiceImpl.access$000(XmlRpcServiceImpl.java:53)
  at coldfusion.xml.rpc.XmlRpcServiceImpl$1.run(XmlRpcServiceImpl.java:239)
  at java.security.AccessController.doPrivileged(Native Method)
  at coldfusion.xml.rpc.XmlRpcServiceImpl.registerWebService(XmlRpcServiceImpl.java:232)
  at coldfusion.xml.rpc.XmlRpcServiceImpl.getWebService(XmlRpcServiceImpl.java:496)
  at coldfusion.xml.rpc.XmlRpcServiceImpl.getWebServiceProxy(XmlRpcServiceImpl.java:450)
  at coldfusion.tagext.lang.InvokeTag.doEndTag(InvokeTag.java:413)
  at coldfusion.runtime.CfJspPage._emptyTcfTag(CfJspPage.java:2662)
  at cftonytest2ecfm1787185330.runPage(/var/www/webroot/tonytest.cfm:16)
  at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:196)
  at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:370)
  at coldfusion.filter.CfincludeFilter.invoke(CfincludeFilter.java:65)
  at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:279)
  at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:48)
  at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40)
  at coldfusion.filter.PathFilter.invoke(PathFilter.java:86)
  at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:70)
  at coldfusion.filter.BrowserDebugFilter.invoke(BrowserDebugFilter.java:74)
  at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28)
  at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38)
  at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:46)
  at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38)
  at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22)
  at coldfusion.CfmServlet.service(CfmServlet.java:175)
  at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89)
  at jrun.servlet.FilterChain.doFilter(FilterChain.java:86)
  at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42)
  at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)
  at jrun.servlet.FilterChain.doFilter(FilterChain.java:94)
  at jrun.servlet.FilterChain.service(FilterChain.java:101)
  at jrun.servlet.ServletInvoker.invoke(ServletInvoker.java:106)
  at jrun.servlet.JRunInvokerChain.invokeNext(JRunInvokerChain.java:42)
  at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:286)
  at jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:543)
  at jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:203)
  at jrunx.scheduler.ThreadPool$DownstreamMetrics.invokeRunnable(ThreadPool.java:320)
  at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:428)
  at jrunx.scheduler.ThreadPool$UpstreamMetrics.invokeRunnable(ThreadPool.java:266)
  at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66)

Answer 1

I know nothing about ColdFusion but I my first suspect would be a simple permision problem rather than anything CF specific.

Does that CF call use Basic or Integrated authentication? Does IIS match? Can you browse to the WSDL using IE/Firefox and the same user account?

Answer 2

CFInvoke can only pass basic authentication, not windows integrated authentication.

Sharepoint won't be able to downgrade to basic authentication since sharepoint needs to know who is calling the services to check authentication and authorization of the data being requested.

Your best bet here is to create an asp.net proxy service you can call with CFInvoke which will impersonate the windows authentication you need to call the sharepoint web service.

Another option would be to create a C# com object which makes the authenticated call and passes the information back to CF when you call the C# com object from CF.

Answer 3

It it's a permission error like darpy and Ryan suggest, the easiest thing to do is grant the right permission to ColdFusion. On Windows, ColdFusion defaults and runs as the Local System account. You can change that by updating the LogOn properties of the Windows Service for ColdFusion.

Answer 4

I had the same problem.

Open your IIS, and change the LoginType to Basic. (in my german Windows it is: "Verzeichnissicherheit" -> "Steuerung des Anonymen Zugriffs und der Authentifizierung" -> "Bearbeiten" -> Set the checkbox for "Standardauthentifizierung" )

-Kevin

Answer 5

This blog post on cfsilence.com might help. ColdFusion/Sharepoint Integration - Part 1 - Authenticating

What it boils down to:

• ColdFusion uses the Apache Axis web service library
• by default, this library can do nothing but basic HTTP authentication
• you can configure Axis to use an alternative HTTP client library (Jakarta Commons)
• this one can do NTLM authentication, no need to change code or IIS authentication scheme
• after a restart of ColdFusion, you should be good to go

Answer 6

Does that CF call use Basic or Integrated authentication? Does IIS match? Can you browse to the WSDL using IE/Firefox and the same user account?