Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Web Services > ASP.Net authentication problem to WCF service on Server 2008

Reply
Thread Tools

ASP.Net authentication problem to WCF service on Server 2008

 
 
Eddie
Guest
Posts: n/a
 
      01-29-2009
I am having a tough time deploying a web site to IIS 7 on Windows Server 2008.
The site works fine until it tries to make calls to a WCF service hosted on
the same host.

Everything works great for the service from my workstation when the web is
ran in Visual Studio 20008
using the exact same web config etc. As soon as I deploye the web in a
virtual directory on the server
Bam. Authentication errors. It also works as is when both are deployed on a
Windows 2003 Server. What
is different about Server 2008 that is causing this? HELP! Please.

In case it is important, all of the service operations require Active
Directory group membership for the
ASP.net page's authenticated user and are adorned as:
[PrincipalPermission(SecurityAction.Demand, Role = "SOAMemberShipService")]

I get the following error from the web site:

The request for security token could not be satisfied because authentication
failed.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.

Exception Details: System.ServiceModel.FaultException: The request for
security token could not be satisfied because authentication failed.

Source Error:



Line 919:
Line 920: public HSMembersService.MemberSearchResult
SearchMembers(HSMembersService.MemberSearch MemberInfoToSearch) {
Line 921: return base.Channel.SearchMembers(MemberInfoToSearch);
Line 922: }
Line 923: }

Source File: c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Te mporary
ASP.NET Files\csrweb\a4d18657\a6d0910d\App_WebReferences.j gx1svpr.0.cs Line:
921

Stack Trace:



[FaultException: The request for security token could not be satisfied
because authentication failed.]

System.ServiceModel.Security.SecurityUtils.ThrowIf NegotiationFault(Message
message, EndpointAddress target) +6375432

System.ServiceModel.Security.IssuanceTokenProvider Base`1.ThrowIfFault(Message
message, EndpointAddress target) +25

System.ServiceModel.Security.SspiNegotiationTokenP rovider.GetNextOutgoingMessageBody(Message
incomingMessage, SspiNegotiationTokenProviderState sspiState) +173

[SecurityNegotiationException: The caller was not authenticated by the
service.]
System.Runtime.Remoting.Proxies.RealProxy.HandleRe turnMessage(IMessage
reqMsg, IMessage retMsg) +4596611
System.Runtime.Remoting.Proxies.RealProxy.PrivateI nvoke(MessageData&
msgData, Int32 type) +1713
HSMembersService.IHSMembersService.SearchMembers(M emberSearch
MemberInfoToSearch) +0
HSMembersService.HSMembersServiceClient.SearchMemb ers(MemberSearch
MemberInfoToSearch) in
c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Te mporary ASP.NET
Files\csrweb\a4d18657\a6d0910d\App_WebReferences.j gx1svpr.0.cs:921
_default.btnSearch_Click(Object sender, EventArgs e) in
e:\CSRWeb\default.aspx.cs:114
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +131
System.Web.UI.WebControls.Button.RaisePostBackEven t(String eventArgument)
+140
System.Web.UI.Page.RaisePostBackEvent(IPostBackEve ntHandler
sourceControl, String eventArgument) +39
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3215



ASP.net web site's web.config (relevant Service portion):


<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IHSMembersService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false"
hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows"
negotiateServiceCredential="true"
algorithmSuite="Default" establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint
address="http://hssoabusstg/Services/MembershipService/HSMembersService.svc"
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IHSMembersServ ice"
contract="HSMembersService.IHSMembersService"
name="WSHttpBinding_IHSMembersService">
<identity>
<servicePrincipalName value="host/hssoabusstg" />
</identity>
</endpoint>
</client>
</system.serviceModel>


Services web.config:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<compilation debug="true" />

</system.web>
<appSettings>
<add key="MaxSearchResults" value="100"/>
</appSettings>
<connectionStrings>
<add name="BIDWConnection"
connectionString="CHANGEDTOPROTECTTHEINNOCENT"
providerName="System.Data.SqlClient" />
</connectionStrings>
<!-- When deploying the service library project, the content of the config
file must be added to the host's
app.config file. System.Configuration does not support config files for
libraries. -->
<system.serviceModel>
<services>
<service name="HSMembersService.HSMembersService"
behaviorConfiguration="HSMembersService.HSMembersS erviceBehavior">

<!-- Service Endpoints -->
<!-- Unless fully qualified, address is relative to base address
supplied above -->
<endpoint address ="" binding="wsHttpBinding"
contract="HSMembersService.IHSMembersService"
bindingConfiguration="wsHttpBindingConfig">
<!--
Upon deployment, the following identity element should be
removed or replaced to reflect the
identity under which the deployed service runs. If removed,
WCF will infer an appropriate identity
automatically.
-->
<!--<identity>
<dns value="localhost"/>
</identity>-->
</endpoint>
<!-- Metadata Endpoints -->
<!-- The Metadata Exchange endpoint is used by the service to
describe itself to clients. -->
<!-- This endpoint does not use a secure binding and should be
secured or removed before deployment -->
<endpoint address="mex" binding="mexHttpBinding"
contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBindingConfig" >
<security mode="Message">
<message clientCredentialType="Windows" />
</security>

</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="HSMembersService.HSMembersServiceBehavior">
<!-- To avoid disclosing metadata information,
set the value below to false and remove the metadata endpoint
above before deployment -->
<serviceMetadata httpGetEnabled="True"/>

<serviceAuthorization principalPermissionMode="UseWindowsGroups"
/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="True" /><!-- Change
this before deployment -->
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Difference between Ajax Enabled WCF service and regular WCF? Cindy Lee ASP .Net 1 03-19-2010 05:59 PM
Proxy authentication problem WPF browser app calling WCF service pjb ASP .Net Web Services 0 12-09-2009 10:47 AM
AJAX enabled WCF Service Vs Standard WCF Service Simon ASP .Net 0 10-13-2009 09:13 AM



Advertisments