Click here to Skip to main content
15,218,196 members
Rate this:
Please Sign up or sign in to vote.
See more:
Hi all,

I have a hosted wcf in a server. i want to use that service in my windows application . i am sending windows integrated authentication to wcf service but it is throwing the following error.

The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'.


the service hosted iis is having windows authentication enabled and both client application and service not in same domain.


Any help will be apperciated.
Posted
Comments
thanosgr 29-Oct-11 4:58am
   
same issue here
Rate this:
Please Sign up or sign in to vote.

Solution 1

Are you using WsHttpBinding? If so, you'll have to bypass the built-in security for IIS and let WCF pick up the authorization. Enable anonymous authentication on your virtual directory and this should work.

Cheers.
   
Comments
Dylan Morley 2-Nov-11 6:22am
   
Comment from OP:

no, i am using basichttpbinding.
Rate this:
Please Sign up or sign in to vote.

Solution 3

In your client application config, make sure you've setup your binding along the following lines...

<bindings>
  <basicHttpBinding>
    <binding name="MyBinding" closeTimeout="00:01:00"

        openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"

        allowCookies="false" bypassProxyOnLocal="true" hostNameComparisonMode="StrongWildcard"

        maxBufferSize="1000000" maxBufferPoolSize="524288" maxReceivedMessageSize="1000000"

        messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"

        useDefaultWebProxy="true">
      <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"

          maxBytesPerRead="4096" maxNameTableCharCount="16384" />
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Windows" />
      </security>
    </binding>
  </basicHttpBinding>
</bindings>


Then you can specifiy your endpoints to use the binding config

<client>
  <endpoint address="http://SomeDomain/SomeApp/SomeService.svc"

      binding="basicHttpBinding" bindingConfiguration="MyBinding"

      contract="MyApp.Contracts.ISomeService" name="ISomeService_Endpoint" />

</client>


And endpoint behaviours...

<behaviors>
  <endpointBehaviors>
    <behavior name="clientEndpointCredential">
      <clientCredentials>
        <windows allowNtlm="true" allowedImpersonationLevel="None" />
      </clientCredentials>
    </behavior>
  </endpointBehaviors>
</behaviors>


In your WCF service client (ClientBase<t>) make sure you've initialised your credentials...I use a little wrapper class to help with this and communication faults.

public class WCFServiceClient<t> : ClientBase<t>,
        IDisposable where T : class
    {
        #region ctors
        public WCFServiceClient()
        {
            this.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
            this.ClientCredentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials;
        }

        public WCFServiceClient(string endpointConfigurationName) :
            base(endpointConfigurationName)
        {
        }

        public WCFServiceClient(string endpointConfigurationName, string remoteAddress) :
            base(endpointConfigurationName, remoteAddress)
        {
        }

        public WCFServiceClient(string endpointConfigurationName, System.ServiceModel.EndpointAddress remoteAddress) :
            base(endpointConfigurationName, remoteAddress)
        {
        }

        public WCFServiceClient(System.ServiceModel.Channels.Binding binding, System.ServiceModel.EndpointAddress remoteAddress) :
            base(binding, remoteAddress)
        {
        }
        #endregion ctors

        void IDisposable.Dispose()
        {
            if (State == CommunicationState.Faulted)
            {
                Abort();
            }
            else
            {
                try
                {
                    Close();
                }
                catch
                {
                    Abort();
                }
            }
        }

    }
</t></t>


Your client service classes can just inherit from this + implement whatever service interface you have defined

My srticle Visual Application Launcher[^] uses a similar approach to the above & has worked OK.
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100