SharePoint Gen

The official blog of Chandrasekar, Microsoft SharePoint MCS

Anonymous access in BDC

Anonymous access in BDC

  • Comments 6

When anonymous users log into the SharePoint site which has BDC web parts, you will see the error message “You do not have permission to access abc in xyzInstance”.  This is fixed in the Infrastructure update of WSS and MOSS.  In the Application Definition File, for each method instance ( for which we need to give anonymous access), we need to add a property called AllowAnonymousExecute. Its a boolean value which needs to be set as true. 


<MethodInstance Type="Finder" ReturnParameterName="Products" ReturnTypeDescriptorName="ProductDataReader" ReturnTypeDescriptorLevel="0"  Name="ProductFinderInstance">


         <Property Name="AllowAnonymousExecute" Type="System.Boolean">true</Property>




Remember, this is effective only on MethodInstances.  Internally Association is a special MethodInstance and so it should work when AllowAnonymousExecute property is used within it as well.  This essentially means that it works for all the BDC web parts including Business Related Web Part.



     <Association Name="FK_DimProduct_DimProductSubcategory_Instance" AssociationMethodEntityName="DimProduct" AssociationMethodName="FK_DimProduct_DimProductSubcategory" AssociationMethodReturnParameterName="@DimProduct" AssociationMethodReturnTypeDescriptorName="Reader" AssociationMethodReturnTypeDescriptorLevel="0" IsCached="true">


                                    <Property Name="AllowAnonymousExecute" Type="System.Boolean">true</Property>


                        <SourceEntity Name="DimProductSubcategory" />

            <DestinationEntity Name="DimProduct" />



Leave a Comment
  • Please add 1 and 6 and type the answer here:
  • Post
  • We have the infrastructure updates, and yet we get the same error. "You don't have permission to connect to <Instance>"

    We only receive this for anonymous access.

    Under manage permisisons for the particular BDC app, I have given execute rights to "everyone" on the domain. Hence all other users on the domain don't have a problem executing this bdc webpart.

    any suggestions?

  • Can you tell me which BDC web part you are trying to connect to ADF so that we can figure out the method instance type used ?  If possible, paste the chunk of xml used.

  • Does this method work with SSO?

  • Well, then i believe you are defeating the whole purpose of using SSO.  SSO is for single sign authentication and anonymous access is completely a different concept !

  • Thank you for your quick response.  SSO has been set up for an intranet set which has been extended to an internet site.  Can you point me to a 'best practice' for setting up bdc connections and anonymous access?  Does ssp have to be extended as well?

  • I found the information I was looking for in Chapter 12 of Microsoft Office SharePoint Server 2007 Administrator's Companion.  Thanks!

Page 1 of 1 (6 items)