tags:

views:

76

answers:

1
Q: 

Another - HTTP request is unauthorized error

Whenever I try to consume my web service through WCF, I receive this error:

The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLMnProviders'.

I know I have Kerberos setup correctly for this environment (it's calling SharePoint 3.0 services that I use in other applications). Integrated Windows security has been working great but this is the first time I've tried to consume it through WCF.

I've gone through this site many times to ensure I have the right header. Is the above error failing because it's expecting "Negotiate" but it's receiving "Negotiate,NTLMnProviders"? I know I can change my headers through that site but it always has 'Negotiate,NTLMnProviders' for the Kerberos header. Anyone got any ideas?

A: 

Not really an answer but here are some more details...

<system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="ListsSoap">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" proxyCredentialType="Windows"/>  
          </security>          
        </binding>
        <binding name="SiteDataSoap">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" proxyCredentialType="Windows"/>
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://something.com/_vti_bin/lists.asmx"
          binding="basicHttpBinding" bindingConfiguration="ListsSoap"
          contract="WSS_Server.ListsSoap" name="ListsSoap">
        <identity>
          <dns value="localhost" />
        </identity>
      </endpoint>
      <endpoint address="http://something.com/_vti_bin/SiteData.asmx"
          binding="basicHttpBinding" bindingConfiguration="SiteDataSoap"
          contract="WSS_Server_SiteData.SiteDataSoap" name="SiteDataSoap">
        <identity>
          <dns value="localhost" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>

And then I'm instantiating my proxy and calling this in code...

proxy.ClientCredentials.Windows.AllowedImpersonationLevel =
                System.Security.Principal.TokenImpersonationLevel.Impersonation;

proxy.ClientCredentials.Windows.AllowNtlm = false;

// Web service call
proxy.GetWeb(...);
RailRhoad  2009-09-14 13:33:55

related questions

Dynamic programming with WCF
WCF Service Returning "Method Not Allowed"
Exceptions in Web Services
What SPN do I need to set for a net.tcp service?
How do I unit test a WCF service?
Best practices for versioning your services with WCF?
Lazy Loading with a WCF Service Domain Model?
How many ServiceContracts can a WCF Service have?
How can I authenticate using client credentials in WCF just once?
WCF - Domain Objects and IExtensibleDataObject
InvalidOperationException while creating wcf web service instance
Closing and Disposing a WCF Service
What WCF best practices do you follow in object model design?
WCF push to client through firewall?
Loading System.ServiceModel configuration section using ConfigurationManager
I would like some tips for debugging WCF Web Service exceptions
What's the best way to authenticate over WCF?
Good Reads for Distributed Systems
.Net - Returning DataTables in WCF
What is the easiest way to add compression to WCF in Silverlight?
WCF Backward Compatibility Issue
Best Practices for securing a REST API / web service
Web Services -- WCF vs. Standard
C# WCF Service - Backward compatibility issue
WCF - High availability