1

I've just changed a webservice reference from using a local network IP to a domain and started receiveing the following:

Error: System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate oX[long continued string of characters]Q=='

The binding is configured as

<binding name="My_Binding" maxReceivedMessageSize="10485760">
    <security mode="Transport">
        <transport clientCredentialType="Windows" />
    </security>
</binding>

The client is being created with the following:

myService = new Client.Webservice.MyWebservice_PortClient();
myService.ClientCredentials.Windows.ClientCredential = new NetworkCredential(username, password, domain);

I can log into the webservice in a browser using username and password, but for some reason I get the above error within my application.

I noticed an answer on similar issue, The HTTP request is unauthorized with client authentication scheme Negotiate. The authentication header received from the server was Negotiate oX...Q=, but this appears to discuss solving the problem when the webservice being referenced is on the same server, not merely the same network. What could be causing the header to come back so strangely? This isn't an issue with another environment with the same configuration. I'm guessing something must be different on the configuration of the endpoint that hasn't mattered until now?

El_Shaddai
  • 23
  • 1
  • 7

1 Answers1

0

Here are some solutions you can take a look:

  1. Site -> Properties -> Directory Security -> Authentication Methods: Select both Anonymous Access and Integrated Windows Authentication.

  2. Configure the WCF client Config file. Three position: security mode,behaviorConfiguration of endpoint and Behaviors.

for example:

<system.serviceModel>
    <bindings>
        <basicHttpBinding>
            <binding …>

                <readerQuotas … />             
                <security mode="TransportCredentialOnly">
                    <transport clientCredentialType="Windows" proxyCredentialType="Windows" realm="" />
                    <message clientCredentialType="UserName" algorithmSuite="Default" />
                </security>
            </binding>
        </basicHttpBinding>
    </bindings>

    <client>
        <endpoint ... behaviorConfiguration="ImpersonationBehavior"/>
    </client>

    <behaviors>
        <endpointBehaviors>
            <behavior name="ImpersonationBehavior">
                <clientCredentials>
                    <windows allowedImpersonationLevel="Impersonation"/>
                </clientCredentials>
            </behavior>
        </endpointBehaviors>
    </behaviors>

</system.serviceModel>
Jiayao
  • 510
  • 3
  • 7