Resolution: Issue - Error 403 - Forbidden while connecting to OOB web service on forms based authenticated sites
When you connect to the web service that is running in FBA site, you get the 403 - forbidden error
Resolution
1. Extend the FBA web application to a new application that is set up to use NTLM. then set up an NT user with full access rights.
2. Now when we test our code with the web services pointing to this new web application and passing our domain credentials to the web service, we are able to get everything working.
3. This is actually expected since the web services will still try to run with the domain credentials but FBA site uses and accepts different credentials.
4. Conclusion is, to use web services of the FBA site, we need to have extended site setup in NTLM and we should connect to the web services of the extended site using NT user.
Please follow the following steps to extend the SharePoint site in Windows mode and to check the solution.
1. Go to SharePoint Central Administration > Application Management > Create or Extend Web Application > Extend Web Application to Another IIS Web Site
2. Select the web site which you want to extend.
3. Provide the new port and necessary details. Also select the zone(last drop down list) as intranet.
4. You can verify that the site is extended in windows authentication by checking at Central Administration > Application Management > Authentication Providers > Edit Authentication.
Comments
- Anonymous
June 01, 2009
What I do to work around this is mangle the URL for the FBA site slightly to access the Authentication.asmx web service. If I have a forms site located on http://server/sites/worksite I use a url like http://server/sites/worksit/_vti_bin/Authentication.asmx to authenticate and then use the proper URL to access the other services like Lists.asmx after I have authenticated.