I use Windows Live Writer( for no other reason than it is simple and works) to create blog posts. I am running Windows 8 and downloaded Live Writer 2012. I then began the seemingly simple steps to configure it to publish directly to SharePoint. First, I started Live Writer and followed the steps in the wizard and received an error stating: “Problem with blog server – server error 2041 occurred. Attempted to perform an unauthorized operation.” Here are the steps to reproduce the error.
I was working on an MVC 4.0 web application that contained some WebAPI controllers. The requirement was to secure the site using Windows Authentication. However, only the web pages required security but, the Api controllers did not. I changed the web.config and IIS 7.5 to provide Windows Authentication. I then added an authorize attribute to my MVC controllers like “[Authorize(Roles = “FooWebUsers”)]”. Since, the WebAPI controllers did not need security I added the [AllowAnonymous] attribute to those controllers.
I tested the site and discovered the MVC Controllers were properly secured, prompting a login – ok good. Hit one of the API routes in fiddler and got a NT challenge and response or prompt for Login. What’s going on here? I added [AllowAnonymous] to the API controllers – not working. After much digging around I found what I wanted by implementing a custom Authorization attribute. Here’s the steps I went through to implement this.
I find when reviewing code to solve a relatively mundane process with several procedural steps that no pattern is used. The code becomes difficult to support and the intent of the process is muddied by the lack of design. Usually due to two leading factors. The first factor is lack of experience in the developer – create one class and a few methods with no pattern and you got it – right? Wrong. This coding style throws your fellow developers to the wolves.