views:

468

answers:

4

I have two identical servers. Both Win2k3. I have a web service that queues emails and an application that consumes that service. Both are hosted on both machines using identical folder structures, permissions, and IIS settings. One is called "test" and the other "prod".

Ideally, the app on prod will point to the ws on prod. However, when that is the case, I get the following error page:

Server Error in '/Apps/UTMv1' Application.

The request failed with HTTP status 401: Unauthorized. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Net.WebException: The request failed with HTTP status 401: Unauthorized.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[WebException: The request failed with HTTP status 401: Unauthorized.]
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) +431201 System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) +204 utm.AppManagerEmailer.Emailer.AddToQueue(String txtFrom, String txtTo, String txtSubject, String txtBody, Int32 intAppId, Boolean blnIsBodyHtml) in C:\Documents and Settings\username\Desktop\Projects\utm\utm\Web References\AppManagerEmailer\Reference.cs:93 utm.test.Page_Load(Object sender, EventArgs e) in C:\Documents and Settings\username\Desktop\Projects\utm\utm\test.aspx.cs:23 System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14 System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +50 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +627

Version Information: Microsoft .NET Framework Version:2.0.50727.3053; ASP.NET Version:2.0.50727.3053

If the app on prod points to the ws on test, it works. Also, if the app on test points to the ws on prod, it works.

For fun, I tried using the ws on prod in another app. It behaved the same as the original app.

Also, I have other web services running on prod that work properly. This is the only one that seems to be causing problems.

Here's the code I use in the app to new-up the emailer and queue an email:

Emailer e = new Emailer();
e.Credentials = System.Net.CredentialCache.DefaultCredentials;
int intEmailId = e.AddToQueue(fromEmail, toEmail, subject, body, 103, true);

Here's the code for my web service:

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Services;
using System.Web.Services.Protocols;
using System.Xml.Linq;
using System.Net.Mail;
using System.Collections.Generic;

namespace AppManager.WebServices
{
    /// <summary>
    /// Summary description for emailer
    /// </summary>
    [WebService(Namespace = "http://www.mydomain.com/apps/appManager/")]
    [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
    [ToolboxItem(false)]
    // To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line. 
    // [System.Web.Script.Services.ScriptService]
    public class Emailer : System.Web.Services.WebService
    {
        [WebMethod]
        public int AddToQueue(string txtFrom, string txtTo, string txtSubject, string txtBody, int intAppId, bool blnIsBodyHtml)
        {
            Email e = new Email()
            {
                From = new MailAddress(txtFrom),
                Subject = txtSubject,
                Body = txtBody,
                IsBodyHtml = blnIsBodyHtml,
                AppId = intAppId
            };
            e.To.Add(txtTo);
            e.AddToQueue();

            return e.Id;
        }

    }
}

So, what do you think could be the problem?

A: 

I believe that you need to use System.Net.CredentialCache.DefaultNetworkCredentials. As to why it works on test, have you checked to see that test is requiring Windows Integrated authentication and doesn't allow anonymous access?

tvanfosson
I tried DefaultNetworkCredentials as well with the same results. As I said above, IIS settings for both servers are identical (including directory security). Anonymous access is disabled and integrated windows auth is enabled.
Byron Sommardahl
A: 

It really sounds like a configuration difference between the two servers.

That said, you may want to check out this KB http://support.microsoft.com/kb/896861

Microsoft added some loopback protection code that could result in a 401.1 error if FQDN's don't match exactly.

Check your system Event Viewer to see if there are any more details.

Serapth
The event viewer shows a web event for each 401 error. It has basically the same information as the error page except that the web event displays the username of the authenicated user and the thread account name (always "NT AUTHORITY/NETWORK SERVICE"). It also says "Is Impersonating" is false.
Byron Sommardahl
I just tried the following things (but no change): 1) Added the "Network Service" user to the folder permissions for the WS on prod. 2) Changed defaultCredentials to hard-coded netcredentials with username, password, and domain. 3) Added "<identity impersonate="true" />" to the system.web section of the app's web.config.
Byron Sommardahl
It doesn't look like that KB applies based on the criteria.
Byron Sommardahl
For lack of a better answer, I choose yours. It's GOT to be a difference between servers. I just don't know what it is!
Byron Sommardahl
A: 

u2u caml builder web service error

gh
A: 

Did you ever get a resolution for this - i have a similar issue