Why does my web part throw an error about "NT Authority/Anonymous User"?

views:

401

answers:

+2 Q:

Why does my web part throw an error about "NT Authority/Anonymous User"?

My Sharepoint 2007 web part executes code to start a K2 workflow process. The workflow server resides on another server.

When my code executes, I get the following error: "24408 K2:NT AUTHORITY\ANONYMOUS LOGON from 172.172.172.172:1721 does not have rights to Start Process MyProject\MyProcessName"

I'm sure this is a general IIS delegation problem (not K2 specific), but I'm not sure how to go about solving it. Why does Sharepoint try to connect to the other server as AnonymousLogon when it should be impersonating the current domain user?

Notes: - My Sharepoint AppPool identity is a domain user (not Network Service). - ASP.NET impersonation is enabled.

+2 A:

What you are trying to do is called delegation and not impersonation. Impersonation is only on the local server. There are many thing that have to be right for delegation to work.

A place to start would be Kerberos authentication and troubleshooting delegation issues

David Wang blog is a very useful resource on thous issues.

Igal Serban 2008-11-11 15:10:32

+1 A:

You should also head over to K2 Underground, there is a plethora of information about how to get Kerberos delegation working with their product. The install guide that comes with K2 also has step by step instructions on how to install K2 & configure it to work with Kerberos.

cpound 2008-11-11 18:51:07

ansaurus

tags:

views:

answers:

Why does my web part throw an error about "NT Authority/Anonymous User"?

related questions