2

this is maybe my last chance to make it work... We are developing an integration with MS Navision at a customer site and therefore we got some webservices. I have added them as service reference and need to use NTLM (there is no other possibility) auth with username and password.

in app.config i have:

<binding name="IncomingDoc_Binding">
                  <security mode="Transport" >
                    <transport clientCredentialType="Ntlm" proxyCredentialType="Ntlm" realm="" />
                    <message clientCredentialType="UserName" algorithmSuite="Default" />
                  </security>
                </binding>
                <binding name="IncomingDoc_Binding1" />

in code i have this:

 ServiceReference1.IncomingDoc_PortClient port = new ServiceReference1.IncomingDoc_PortClient();
port.ChannelFactory.Credentials.Windows.ClientCredential.UserName = "user@domain";
port.ChannelFactory.Credentials.Windows.ClientCredential.Password = "password";
port.ChannelFactory.Credentials.Windows.AllowNtlm = true;
            port.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;

                  port.Create(ref doc);

this is working on my local machine but not when i transfer it to the customer server which is in domain. On my side it started working with AllowNtlm=true. But even VS says it is deprecated.

Most solutions on web include setting something on the server side, that is no chance for me, the NAV team have zero knowledge about it and were just able to activate the webservice, even with a totally stupid self signed certificate which includes only an alias. That is why i have decided to go with c# application, the evironment which we have there uses strange hybrid of javascript and java and we were not able to ignore the certificate errors and with all tests we are getting 400 Bad request. The only tool able to work with that well in customer's environment is SOAP UI. Http requests with headers and xml copied from there however return Bad request as well. Connected service is the only better way which is working but only from my machine outside the domain.

Is it somehow possible to allow NTLM from policy? Or a workaround in c#? Thanks! Honza

Lemings
  • 21
  • 1
  • When changing the security mode to TransportCredentialOnly, the error changes to : 'The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via' – Lemings Jan 15 '22 at 12:00

0 Answers0