BDC access denied for extended webapplication


  • Hi,

    I have two webapplications and its extensions uses claims for authorization. Webapplication A and extension can access bdc with no problems. The default zone of Webapp b can access bdc, but its extensions (Internet) is always getting "Access denied by bdc".

    The setup for both webapps are similar:

    - Both apppools have full permission for bdc set in ssp admin in "Manage BDC permission"
    - Both apppools are in the farm admin group
    - Reverttoself is used
    - Copy to all descendant in ssp admin also used -> both apppools shows up in the ACL 
    - BDC calls are made in a webpart using SP.RunWithElevatedPrivileges
    - Debugging shows that the lobsystem/instance can be found, but the function findfiltered is causing the problem.

    The logs are only showing "Access denied by BDC" with no additional information.

    Thanks for any advice.  




    Thursday, January 19, 2012 11:25 AM