Vulnerability in EPiServer.Forms
I'm looking to perform an integration between an EPiServer site and SharePoint, and would prefer to use the standard connector if possible.
I have gone through the documentation, and feel that it is perhaps out of date, or simply missing some details, so if anyone can assist me in filling in the gaps, it would be very helpful.
We generally just need to pull in content from a set of document libraries in sharepoint - no web parts are necessary for this integration.
To attempt a proof of concept, I've:
So I was thinking perhaps there is a setting or something that needs to be configured from the SharePoint side, but when I log in I don't see anything obvious. This page (http://world.episerver.com/add-ons/connect-for-sharepoint/configuring-connect-for-sharepoint/) does not seem to mention any such thing, despite appearing to be the most recent, but this page (http://world.episerver.com/documentation/Items/Installation-Instructions/EPiServer-Connect/Sharepoint/Installation-Instructions--EPiServer-7-Connect-for-SharePoint/) mentions a SharePointConnector2013.wsp file. However the nuget package does not include said file, and there doesn't appear to be a download link for the file anywhere that I see. The file is also referenced only up to the 2013 version, so I'm not sure whether it really applies to the Office 365 version of SharePoint or not.
If anyone has experience getting the Connect for SharePoint module working under CMS 7.5 or 8.0, against SharePoint in Office 365, any insight would be greatly appreciated.
Oh - and I did install the SharePoint Client Components SDK from Microsoft.com as called out here (http://world.episerver.com/add-ons/connect-for-sharepoint/configuring-connect-for-sharepoint/) although based on the release notes of the latest Connect seem to imply that is no longer necessary ("Changes in 18.104.22.16800 for CMS 8: --- Using REST services to avoid dependency to Microsoft Sharepoint Client DLL"). Having the SDK/DLL installed didn't change any behavior.
I'm in the exact same "state" (getting 403-forbidden)
I can't find a better guide than http://world.episerver.com/add-ons/connect-for-sharepoint/configuring-connect-for-sharepoint/ and it feels incomplete??
Please EPiServer, tell us how to configure sharepoint 365 to make this work.
I sent a question about this to the episerver support, and they verified it as a bug in the current version of the Sharepoint connector (22.214.171.12400).
No information on when it would be fixed yet.
Anything new here? I tried with version 126.96.36.19900 and I get the 403-forbidden as well. Couldn't find a registered bug either.
When I contacted EPiServer, I was told the bug specifically was that the Connector at that time used the url to detect whether it was accessing an On-Premise or Online version of SharePoint. If the SharePoint url wasn't the default online one then that detection wouldn't work and the wrong auth method would be used, which would cause the auth to fail with the 403 code.
To counter that, a new option group was added to the SharePoint Connector configuration screen that allows you to explicitly indicate whether you are connecting to an On-Premise or Online version of SharePoint, rather than attempting to infer that from the url.
The option is present in the newest version of the Connector (188.8.131.5200). I have installed this version of the connector and can confirm that once I set the Online option, I stopped receiving the 403 I had been seeing.
If you've installed the latest version and are still getting the error, you might be encountering something different than I did.