Sharepoint hosted app prompts for credentials when accessed

Question

Hi all!

I've just started my journey into the Sharepoint-2013-app-wilderness, and am immediately facing some challenges.

Background:
At the office we've set up a dev-environment consisting of:

- a common Sharepoint 2013 server running on win2008
- a domain controller (also running the dns)
- developer machines running Visual Studio 2012 on windows 8

The problem:
Everything seems to be running fine, so I thought I should have a go at my first Sharepoint hosted App following one of the walkthroughs on the interwebz.

When having completed the configuration, and added and deployed the project successfully(!!), I was about to test it out.

When opening the app (from the developer machine), I am immediately prompted with a "Windows security" log-in box asking for my credentials. I can enter the same credentials as I am logged in with at the host site and successfully access the new app, but this is (for obvious reasons) not a very user-friendly approach. If I don't enter my credentials, I get the "401 Unauthorized".

I've configured the system to Disable the Loopback Check, but this didn't make any difference.

Any other suggestions??

Regards,
Jon S.

Answer 1

Do you have an app domain defined?

Scot

---

Author, Microsoft SharePoint 2013 App Development
Author, Professional Business Connectivity Services
Author, Inside SharePoint 2013
Blog, www.shillier.com
Twitter, @ScotHillier
SharePoint Trainer, Critical Path Training

Answer 2

Yes, absolutely!

I've updated the DNS and added a corresponding App url in Central Admin...   :-|

Answer 3

I had the same problem. Found the answer here: http://blogs.perficient.com/microsoft/2012/10/configuring-sharepoint-2013-preview-for-on-premise-apps/

Just had to add http://*.app.bfdev.net to my local intranet sites in IE (where app.bfdev.net is my app domain)

Answer 4

Brilliant - thanx a lot!!

What I still can't understand is how this is supposed to work in a public facing site.
I mean, you can't just go ahead and tell every visitor of your site to add the app-domain to their "Intranet sites" in the browser...

...or is there something I'm missing here..??

Regards,
Jon

Answer 5

Does anyone have an answer for, or any opinions about this??

Answer 6

Hi Yonzo,

Unfortunately I do not have the answer for this but I was hoping that maybe you or someone else had found something?

I am experiencing the same issue, I have setup an Intranet site for a company that works great for internal users because the Sharepoint site and app site have been added to the Intranet sites in Internet Explorer so it just logs them straight in user their Windows credentials. The problem I now have is that I am trying to setup external access (on a different address by extending the web application) and I do not want users to be prompted multiple times to login. Ideally I would like to use forms authentication where they can login once using the form and it also logs them into the app website.

Getting them to add the site to the Intranet zone is not an option because they could be logging it from anywhere (i.e. Internet cafe) plus they may be on a PC that isn't logged in as their domain user account so surely this wouldn't even work?

Any help would be appreciated.

Regards
Tony

---

Impreza Software Development

Answer 7

Hi Tony!

Unfortunately I haven't been able to solve this one, so until proven wrong I think Sharepoint Hosted Apps are useless for public facing sites...!   :-(

Regards,
Jon

Answer 8

Hi Jon, Thanks for the reply, I am actually using a provider hosted app so it would seem that Sharepoint and provider hosted apps are useless for Sharepoint sites that are going to accessed externally! Hopefully Microsoft or someone else will come up with a solution for this soon because having users login multiple times is completely unworkable! Regards Tony

---

Impreza Software Development

Answer 9

Hmmm, I find this hard to believe!

I mean - if this is correct, the whole app-model is useless for public facing sites, regardless of the selected hosting option...!! Maybe with the exception of auto-hosted solutions...

We/I have to dig deeper into this!

Please post any findings here, I certainly will!  :-)

Answer 10

Yonzo if you are talking about public facing sites you are 99% of times using anonymous access. 

Today it's not possible to access custom lists anonymously on the public 365 site. Microsoft says it will be fixed soon but so far nothing has happened. Anyway, until that's fixed you can use the Anonymous feature on CodePlex http://anonymous365.codeplex.com

It has a Sandboxed Solution that set the appropriate access rights on the list and everything should work fine.
Remeber that Solution settings page is hidden in Office 365 (2013). You have to go to https://yoursite/_catalogs/solutions/Forms/AllItems.aspx to upload the solution.

HTH

---

Marco Rizzi @Avanade Italy http://blog.marcorizzi.com

Answer 11

Hi Marco,

What about people in my situation though who have an intranet setup internally and they need to allow external access for members of the company that work remotely who may be using an internet cafe or on a PC from home that is not connected to the domain? In this situation you are not going to be using anonymous access and the customer isn't going to want to have to login multiple times to be able to access anything.

Regards
Tony

---

Impreza Software Development

Answer 12

Thanks for the input, Marco - I wasn't aware of that "limitation" (bug)!

And thanks to you as well, Tony - you're describing my situation exactly!
Having the users log in again whenever they hit a custom app, is just not acceptable in my opinion..!

MS messed thing up introducing sandbox solutions in SP2010 (which we invested a huge amount of time an money in), and I'm not too impressed with the SP2013 app-model either.

I hate to admit it, but by patience with Sharepoint is degrading by the minute...

Regards,
Jon

Answer 13

Thanks

Worked for me. Added the *.Appdomain to Local intranet sites in IE and the system stopped asking for credentials

---

MP