SharePoint config/security issue

[AJ Weber <aw...@comcast.net>]

ALL:

I realize this is only loosely related to Chemistry, but I'm hoping that 
maybe someone on the list has some experience with this issue in 
relation to CMIS (in this case dotCMIS) to SP 2013...

We recently had a SP 2013 user "share" a folder with another user. That 
"new user" was NOT a member of the SP Site.  When the user went to 
connect, our code failed immediately.  The ...getRepositories call in 
anticipation of creating a CMIS Session failed with an Unauthorized, and 
trying that URL in a browser from that user's desktop returned the same 
- a 401.

The user CAN click a link to the SharePoint website and get to the 
shared folder.  It is only CMIS that is showing an issue.

When we added the user to be a "Member of the Site", we think everything 
is now working properly.  We are going to test adding the user only to 
the specific Library (not the whole site).  This test is underway.

So the actual question is:  Does anyone have any experience with 
"limitations" or "requirements" for the SharePoint 2013 CMIS Provider as 
it pertains to end users' permissions or membership at the SP 
Site/Library level?  Is being a member of the site required?

Let me know if I can provide more details, and thanks for any tips, 
tricks or pointers!

-AJ