We have used the new Adaptive Web Service function in Web Dynpro with good success in a SP12 environment. Web service destinations were configured for both the model and meta data functions; the model data was configured with logon tickets, and the meta data destination was configured with a service user - all worked well.

However, once we upgraded to SP17, it appears that accessing /inspection.wsil now requires authentication; not only that, but you must have administrator rights to access this content.

I have two questions:

1. Why would you need administrator rights to access this content, when you can browse the deployed web services on the engine with no authentication at all?

2. Assuming that there are some special priviledges required, can someone tell me what these are? The documentation is no help, and the detailed release notes for SP17 have not been published yet.

As a test, I created a role and granted all UME permissions to that role. I then granted the role to the service user, but I still get an authentication error. This implies that there is a application-level permission that must be granted via the Security Provider, but I'm not willing to go through all the applications via the VA to determine which permissions in which application needs to be granted to the service user to make this work.

Anyone else run into this issue, and if so, have you solved it? And, if you've solved it, how?

I have see this thread:

which led me to try granting all UME permissions to the role, but as I mention above, that didn't solve the problem.