Skip to content

If you encounter the error “RSS web part does not support authenticated feeds” in SharePoint

by on February 2, 2012

I have done this myself and it did fix the RSS feed from the same site and/or collection issue, however, there may be long term ramifications, so check with a security guru before making this change.

  1. Central Administration > Application Management

  2. Application Security > Authentication Providers
  3. Make sure the upper right hand dropdown shows the correct application (don’t you love SP 2007?)
  4. Click on Default
  5. IIS Authentication Settings > Click on Negotiate (Kerberos) > click on OK in the popup
  6. Click on Save

NOTE: if the application pool’s security account is not Network Service, additional manual configuration steps may be required.

  1. EMS permalink

    RSS will only work with authenticated sources when Kerberos is enabled. I learned this early on with SharePoint 2007 and now Kerberos is a standard configuration on all my installs unless specifically requested not to. Great post because many people set SharePoint up with NTLM and then struggle to get RSS to work on SharePoint sources. In my opinion, a couple extra steps to configure Kerberos is worth it in the long run.

    • Would you mind commenting on any additional steps or other implication switching to kerberos authentication may have, both good and bad? I usually try to keep my posts short and instructional, but this seems like a place we could use more insight.

  2. Additional steps to configuring Kerberos in SharePoint include registering Service Principle Names (SPNs) for the service accounts, server hostnames and SharePoint URLs on the domain/at the domain controller. Outside of the obvious security benefits of Kerberos, there are also Network related benefits. For example, NTLM and the double-hop limitation is mitigated by Kerberos (could also use SSO credentials). Some of the bad that goes with implementing Kerberos include duplicate SPNs, difficultly maintaining least privilege principle and a highly elevated permission set in order to lay the framework for Kerberos (Domain Admin to register SPNs for example).

    While it may not necessarily be beneficial to put forth the effort required to enable Keberos simply for RSS and/or OOTB RSS Feed Reader functionality – there is definately value in the experience gained implementing it.

    If Kerberos is not an option, and authenticated feed access is required – I am a big fan of the Smiling Goat Feedreader Webpart for MOSS 2007.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: