• RELEVANCY SCORE 3.79

    DB:3.79:Java Client + Basic Authentication Iis - Problem... ck




    Hi,

    I try to connect to IIS 5 and I've set the checkbox 'Integrated WIndows authentication'

    In my client I use:
    String credentials=new String("tester:tester");
    String auth=new String(credentials.getBytes());
    sconnection.setRequestProperty("Authorization", "Basic "
    + auth);

    Generally in the webrowser there is a window asking for user and apssword and using tester, tester works.

    The client can't be authenticated - ERROR|main | HttpsConnectionJavaClientTest - Response: '401: Unauthorized' for url: 'https://

  • RELEVANCY SCORE 3.79

    DB:3.79:Java Client + Basic Authentication Iis - Problem... fj




    Hi,

    I try to connect to IIS 5 and I've set the checkbox 'Integrated WIndows authentication'

    In my client I use:
    String credentials=new String("tester:tester");
    String auth=new String(credentials.getBytes());
    sconnection.setRequestProperty("Authorization", "Basic "
    + auth);

    Generally in the webrowser there is a window asking for user and apssword and using tester, tester works.

    The client can't be authenticated - ERROR|main | HttpsConnectionJavaClientTest - Response: '401: Unauthorized' for url: 'https://

    DB:3.79:Java Client + Basic Authentication Iis - Problem... fj

    I remember the Basic authentication uses BASE64 encoding, read RFC 2617.

    Anyway, I still suggest you using the Authenticator object.

  • RELEVANCY SCORE 3.56

    DB:3.56:Java Http Authentication Security Context a1




    I'm trying to access a file over http from my java program. The file is hosted on IIS server and anonymous and basic authentications are turned off. The only authentication available is "Integrated windows authentication". I'm not able to get the file using this setup. But if I allow anonymous authentication on the IIS server, I can obtain the file.
    Does anyone know how to pass the current security context from a java program and any other workaround? Please help!!!!!!!!!!!!!

    DB:3.56:Java Http Authentication Security Context a1

    You have web servers like JRun which can get the security information transferred from IIS. For instance, configure IIS to send files with extensions .jsp, .jpg... to an external server like JRun. This way, the security information gets transferred to JRun.

  • RELEVANCY SCORE 3.50

    DB:3.50:Securing Individual Resources Through A Web Service 99


    I created a web service for a client that allows them to call PowerShell scripts from their Java tool. The site accepts Basic authentication with SSL. I had secured it through the permission on the site itself. (IIS 7.0)
    Now the client has decided that they want to secure individual scripts. Is it possible, with just IIS and NTFS permissions, to secure individual scripts or will I have to implement some sort of authentication and authorization with the web service?
    (I'm hoping to not have to recode the service, of course.)
    Thoughts? Ideas?
    Thanks.
    Jhttp://digitalcamel.blogspot.com - .Net, ILM, SQL and Anything Else That Falls Out Of My Brain

    DB:3.50:Securing Individual Resources Through A Web Service 99

    The problem ended up being with the way IIS is initially configured. This articel solved the problem.
    http://www.leastprivilege.com/WhatIsAspnetconfig.aspxhttp://digitalcamel.blogspot.com - .Net, ILM, SQL and Anything Else That Falls Out Of My Brain

  • RELEVANCY SCORE 3.33

    DB:3.33:Pageflow Portlets And Basic Authentication xs


    Has anyone used Basic Authentication with WebLogic Server 9.2 pageflows?

    The portal reports a WWW-Authentication error before it ever hits the "begin" method of my pageflow controller. Since I'm not authenticating within the portlet (but need access to the username/password for other services) I'm unsure what to set within WebLogic Server's security settings to make this work.

    Of course, this isn't an issue with IIS, but we're not using IIS.

    Thanks,

    Chris

    DB:3.33:Pageflow Portlets And Basic Authentication xs

    Has anyone used Basic Authentication with WebLogic Server 9.2 pageflows?

    The portal reports a WWW-Authentication error before it ever hits the "begin" method of my pageflow controller. Since I'm not authenticating within the portlet (but need access to the username/password for other services) I'm unsure what to set within WebLogic Server's security settings to make this work.

    Of course, this isn't an issue with IIS, but we're not using IIS.

    Thanks,

    Chris

  • RELEVANCY SCORE 3.32

    DB:3.32:Tunneling Over Tcp/Ip With Ntlm Authentication 79



    We have problems implementing NTLM authentication for tunneling in a TCP connection across a proxy server. Please find our scenario explained below.
    We need to establish a TCP connection from our c# .net windows application through a proxy server, where our client is behind proxy or firewall as the client network denies the TCP connection to outside world. It just allows only HTTP connection.we use HTTP Tunneling to connect from our windows client application to the outside world.
    This is how we achieve it currently:
    1. Create an unsecure Socket and establish a connection with the Proxy Ip address and Proxy Port.
    2. Construct the request String as shown below

    requestString = GET http:// +

     

     

    serverDnsName + : + serversocketPort + /cgi/win?req= + requestByteArray + HTTP/1.0\r\nProxy-authorization: Basic + strpasswrdarray + \r\nUser-Agent: XXXXX\r\nHost: + serverDnsName + \r\nPragma: No-Cache\r\n\r\n;

    3. We convert this string to a byte stream and send it across the network through socket.
    Our application has always been using Basic authentication irrespective of the mechanisms supported by the client's proxies for all our TCP communication.
    This set up seemed to work fine for everyone until we had a client whose proxy server refused to support Basic authentication. This Client's IIS server supports only NTLM Authentication.
    How to achieve the same tunneling when the proxy doesnot support Basic? Or how do we change the above set up to support Integrated Windows authentication?

    DB:3.32:Tunneling Over Tcp/Ip With Ntlm Authentication 79

    Actually, on reading your post again, I think what you are doing is: 1) Your client application needs to connect to some server on the internet. 2) You have to make the connection through an authenticating proxy server, that requires NTLM authentication. If you, you can use HttpWebRequest directly  - it supports proxy authentication using NTLM, and a bunch of other methods, like Digest, Kerberos, Basic. Would that work for you? feroze. Visit my blogs: http://ferozedaud.blogspot.com http://blogs.msdn.com/feroze_daud

  • RELEVANCY SCORE 3.28

    DB:3.28:Silverlight Ria Services Deploy Error On Godaddy Shared Hosting 87


    Server Error in '/cp' Application.

    IIS specified authentication schemes 'Basic, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that
    only a single authentication scheme is used.
    Description:
    An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.InvalidOperationException: IIS specified authentication schemes 'Basic, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM,
    Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used.

    DB:3.28:Silverlight Ria Services Deploy Error On Godaddy Shared Hosting 87

    Turn off Basic authentication. I remembered that when I had trouble it was because my hoster had Windows Authentication enabled.

  • RELEVANCY SCORE 3.23

    DB:3.23:How To Set Basic Authentication Paramters While Calling Java Web Service Sap?? 1a



    I'm protecting the webservice using basic authentication. I got the SAP documentation how to set the basic parameters(user/password) in nwa/WSadmin but instead of setting it over there ! i want to set the the paramters in the WS client before calling the Web Service.

    Please help me regarding this !

    DB:3.23:How To Set Basic Authentication Paramters While Calling Java Web Service Sap?? 1a


    check this

    http://help.sap.com/saphelp_nwce10/helpdata/en/45/113a1221337249e10000000a155369/content.htm

  • RELEVANCY SCORE 3.22

    DB:3.22:Integrated Windows Authentication-Dynamicentity? 9c


     
    Hi All
     
    Is there any known issue with reference to Integrated Windows Authentication when using DynamicEntity?  If using an entity object and create command, I am getting the account created, whereas if I use dynamic entity, I am unable to create a record and exception is returned.  My IIS version 6.0, and the security setting - IWA is enabled and am using Java for my development.
     
    The same works fine if IWA / Basic authentication both are enabled.  I have issue when only IWA is enabled.  Any help please.
     
    Regards,
     
    Yuva
     
     
     
    Please note the following:

    Code Snippet

    DB:3.22:Integrated Windows Authentication-Dynamicentity? 9c

    To ensure this is NOT an authentication problem, you should try to set a user as the system administrator and run your application again. 
     
    In your authenticationToken, set your CallerIdto the Administrator GUID and then run the application again.  If it still fails, it is possible that it's the SOAP request call from websphere... or something else.
     
    Here is how you set the UserId
     

    Code Snippet

  • RELEVANCY SCORE 3.20

    DB:3.20:Client-Cert Authentication In Wl7 8j


    Hi,
    I'm trying to enforce two-way authentication for clients (java ones)
    accessing a web service running on WL7.
    Web service is configured to accept requests over https only. With BASIC
    authentication it works. When I switch it to use CLIENT-CERT
    authentication I cannot connect to the web service. I've set the
    "javax.net.debug" directive to "ssl" and noticed that during the handshake
    procedure the server doesn't produce client certificate request. May it be
    the cause of the problem? If so, how can I make the server to generate
    client cert request during handshake?

    --
    Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/

    DB:3.20:Client-Cert Authentication In Wl7 8j

    Hi,
    I'm trying to enforce two-way authentication for clients (java ones)
    accessing a web service running on WL7.
    Web service is configured to accept requests over https only. With BASIC
    authentication it works. When I switch it to use CLIENT-CERT
    authentication I cannot connect to the web service. I've set the
    "javax.net.debug" directive to "ssl" and noticed that during the handshake
    procedure the server doesn't produce client certificate request. May it be
    the cause of the problem? If so, how can I make the server to generate
    client cert request during handshake?

    --
    Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/

  • RELEVANCY SCORE 3.15

    DB:3.15:Http Basic Authentication Header In Soap Message? 87


    I have a .Net client that is trying to talk to a Java Metro 1.2 SOAP Service. The service uses standard HTTP Basic Authentication....in the HTTP Headers of the SOAP request message:Authorization: BASIC sdjfkjsdfsdHow in the world are you suppose to go about setting of this type of authentication? At the very least, how can I add this header to a SOAP request?ThanksJoey

    DB:3.15:Http Basic Authentication Header In Soap Message? 87

    The .NET proxy you create has Credentials and UseDefaultCredentials properties you can use to specify the credentials, and then it should set up the correct message to service.http://msdn.microsoft.com/en-us/library/system.web.services.protocols.webclientprotocol.credentials.aspxhttp://msdn.microsoft.com/en-us/library/system.web.services.protocols.webclientprotocol.usedefaultcredentials.aspxThanks.

  • RELEVANCY SCORE 3.15

    DB:3.15:Usernametoken On Ssl On Iis For Wcf Service 3c


    A WCF Service with UserNameToken on SSL on IIS
     
    I have basicHttpBindings with this configuration
     
     
    binding name=basicHttpBinding_Get

    security mode=Transport

    transport clientCredentialType=Basic/
    /security
    /binding
     
     
     
    I am able to call this service with Add Web Reference and then setting
     
    NetworkCredential myCred = new NetworkCredential(someusername, pwd, domain);
    proxy.Credentials = myCred;
     
     
    How to achieve this using a WCF Client. code snippet will do. I have tried
     
    NetworkCredential myCred = new NetworkCredential(someusername, pwd, domain);
    proxy.ClientCredentials.Windows.ClientCredential = myCred;
     
    proxy.ClientCredentials.UserName.UserName = someusername;
    proxy.ClientCredentials.UserName.Password = pwd;
     
    But it doesn't work error is
    The HTTP request is unauthorized with client authentication scheme 'Basic'. The authentication header received from the server was 'Basic realm=doamin'.

    DB:3.15:Usernametoken On Ssl On Iis For Wcf Service 3c

     
    The problem is with WCF client, with ASP.NET Client it works...
     
    yes i have set bindingConfiguration on endpoint..
     
    My question is what all we have do from a WCF client to consume a WCF service with SSL and basic authentication on IIS.
    I tested and it can  be consumed from simple add web reference but not from add service..
     
     
    Amit

  • RELEVANCY SCORE 3.15

    DB:3.15:How To Pass Credentialcache.Defaultcredential From Client To Webapplication And Webapplication To Webservice? km


    This is the scenario. We want to pass original credential from Client to WebService by using CredentialCache.DefaultCredential. I tried to pass as parameter for WebService but it throws exception about DefaultCredential cannot be serialized System.Net.SystemNetworkCredential is inaccessible due to its protection level. Only public types can be processed..
    Client - WebApplication - WebService
    Web.config for WebApplication and WebService
    - Set to identity impersonate=true /
    IIS for WebApplication and WebService
    - Set to Integrated Windows Authentication
    After I read the article about How to: Use Impersonation and Delegation in ASP.NET 2.0, these are the solutions.
    1. Use Kerberos authentication and delegation. (It use Kerberos authentication for Client - WebApplication and WebApplication - WebService.)
    2. Call LogonUser and request an Interactive logon session. (Just work for single hop)
    3. Use protocol transition. (It use any authentication (eg. form authentication) for Client - WebApplication and Kerberos authentication for WebApplication -- WebService.)
    4. Use basic authentication and impersonation. (We cannot apply this solution because we want to set WebApplication and WebService on IIS Servers to Integrated Windows Authentication)
    Are there another solutions than above solutions? Because Kerberos authentication is difficult to setting. There are many steps to configure for Kerberos authentication for following entities 1. Client 2. WebApplication(IIS) 3. WebService(IIS) 4. Domain Controller.
    Could you please suggest me the better solution than above solutions?
    Thanks,
    Sanguanchai

    DB:3.15:How To Pass Credentialcache.Defaultcredential From Client To Webapplication And Webapplication To Webservice? km

    This is the scenario. We want to pass original credential from Client to WebService by using CredentialCache.DefaultCredential. I tried to pass as parameter for WebService but it throws exception about DefaultCredential cannot be serialized System.Net.SystemNetworkCredential is inaccessible due to its protection level. Only public types can be processed..
    Client - WebApplication - WebService
    Web.config for WebApplication and WebService
    - Set to identity impersonate=true /
    IIS for WebApplication and WebService
    - Set to Integrated Windows Authentication
    After I read the article about How to: Use Impersonation and Delegation in ASP.NET 2.0, these are the solutions.
    1. Use Kerberos authentication and delegation. (It use Kerberos authentication for Client - WebApplication and WebApplication - WebService.)
    2. Call LogonUser and request an Interactive logon session. (Just work for single hop)
    3. Use protocol transition. (It use any authentication (eg. form authentication) for Client - WebApplication and Kerberos authentication for WebApplication -- WebService.)
    4. Use basic authentication and impersonation. (We cannot apply this solution because we want to set WebApplication and WebService on IIS Servers to Integrated Windows Authentication)
    Are there another solutions than above solutions? Because Kerberos authentication is difficult to setting. There are many steps to configure for Kerberos authentication for following entities 1. Client 2. WebApplication(IIS) 3. WebService(IIS) 4. Domain Controller.
    Could you please suggest me the better solution than above solutions?
    Thanks,
    Sanguanchai

  • RELEVANCY SCORE 3.15

    DB:3.15:Authenticating A Java Web Client To A Iis/Active Directory cx


    hello.

    i'm going a little crazy here. i've downloaded tool after tool and configured my java application/web server hundreds of times now.

    i was asked to build a .NET web service running on a windows 2003 server machine and to only allow users to enter via Integrated windows authentication (IWA). i build the webservice and tested it with a .NET client and everything works fine. my problem now is with Java. i have 2 versions of the website one over http with no authentication (for testing) and one over http with authentication (for testing) and our target goal of https with authentication.

    again i've run down hundreds of paths such as setting up kerberos on the windows server and on the client. and i have java code that can query my active directory from a kerberos ticket. i've looked into apache axis and apache axis2 and something called http client.

    my java application can query the http unauthenticated so i know the soap/web service call is working. however when i try to move to the http with authentication i get 401 authorized. i setup ethereal and watched the traffic and noticed that the java client wants to use "basic authentication" from a username i hard coded into the application. since i'm trying to get IWA working i know i need either "NTLM" or "windows" authentication however i cant seem to get the client to use these.

    also as i said im currently hard coding the username/password with "basic authentication" my ultimate goal would be to query the AD for the username/password or to not see it at all. .NET does this very easily (as you would expect windows to windows to work very easily) by adding one line.

    proxy.Credentials = CredentialCache.DefaultCredentials;

    i'm not expecting it to be this easy in java however i can't seem to get it to work at all.

    if anyone could assist i would be very appreciative. even if you could just reply "yes i personnally have gotten it to work don't give up" i would appreciate that.

    thanks

    DB:3.15:Authenticating A Java Web Client To A Iis/Active Directory cx

    Hi,

    I am also having the same problem.

    Axis and Axis2 use CommonsHTTPSender which can talk NTLM . So if I hard code the domain, user and password, I can see the webservice and talk to it. Look at the following Url to assist you:

    http://people.etango.com/~markm/archives/2005/11/21/using_apache_axis_with_integrated_windows_security.html

    But further this problem, how do you get hold off current user's credentials and send it through Axis generates stubs. Here I am also trying to find answers. I was able to get current domain and user name but password is a problem. NTSystem class can give these details but no password.

    Also sun 1.4.2 can use the user credentials who is logged on but apache common http client does not get hold of the user credentials. So I am trying to find answer to this?

    If anyone have solved this problem earlier, then please help me.

    Thanks.
    Regards,
    Sanjay Munjal

  • RELEVANCY SCORE 3.15

    DB:3.15:Consumimg Web Service With Http Basic Authentication In Java 9d


    We want to consume secured Web Service in Java. The Web Service is protected with basic authentication. Provider has shared a WSDL file. We have created the client side proxy for the same using wsiimport command. But when we tried access the webmethod getting below mentioned error. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Is there anyway to hardcode the credentials along the request.

    DB:3.15:Consumimg Web Service With Http Basic Authentication In Java 9d

    We want to consume secured Web Service in Java. The Web Service is protected with basic authentication. Provider has shared a WSDL file. We have created the client side proxy for the same using wsiimport command. But when we tried access the webmethod getting below mentioned error. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Is there anyway to hardcode the credentials along the request.

  • RELEVANCY SCORE 3.14

    DB:3.14:Authenticating With Client Certificates For On-Premise Crm 2011 ks


    Hi,
    We have a Java-based application running on JBoss that we wish to connect to an on-premise instance of CRM 2011 using the published SOAP interface.
    All connections from the Java application to CRM will be under a single CRM user.
    We would like to use mutual (2-way) SSL authentication between the JBoss and IIS/CRM server to provide encryption and authentication.
    IIS supports the mapping of a client certificate to a Windows domain account (http://www.iis.net/ConfigReference/system.webServer/security/authentication/iisClientCertificateMappingAuthentication).
    My question is, will CRM successfully perform the requested actions under the user credentials IIS has mapped? I couldn't find anything to explicitly confirm this out there on www.
    Thanks,
    DJ

    DB:3.14:Authenticating With Client Certificates For On-Premise Crm 2011 ks

    I know this isn't that helpful, but I'm very interested in what you find.
    I /suspect/ that if you are on-premise, using Active Directory authentication only (NOT claims-based or IFD) you /may/ be able to get this to work. With IFD/claims, though, I haven't had any luck connecting to the web services without configuring and encrypting
    a user/pw due to the way the credentials are established.
    We have implemented something similarwith 2-way TLS for server-server communications between weblogic/apache and CRMbut did /not/ use the certificate mapping functionality to try to generate the credentials.

  • RELEVANCY SCORE 3.14

    DB:3.14:Basic Authentication In Rest Wcf 3p


    I have developed one REST WCF and would like to client will use it with basic Authentication, I have hosted this service in IIS 7.0 and disabled all authentication except Basic Authentication.

    Now problem is that when call this service from any other application (in my case i am calling this from ruby command prompt) with Header Basic bXlhZGRvbjpDcFplcUc5MzlHdDZQMEtD although i was not able to authenticate this service.

    Make it more simple , when i will access this service (.svc) from browser due to basic Authentication

    it will prompt to enter username password , so which residential i need to pass here and to which credential i need to compare (weather i need to set in web.config or IIS)??

    Thanks in Advance
    Arun.Software Engineer :: DotNET | SQL Server |Silverlight| Directshow

    DB:3.14:Basic Authentication In Rest Wcf 3p

    Ok I will post there , Thanks for your suggestion.Software Engineer :: DotNET

  • RELEVANCY SCORE 3.10

    DB:3.10:Forms Authentication Using Iis To Validate The Credentials j3


    Hi Guys!
    How can I do a custom login page using the iis basic authentication?
    I need to validate the user credentials using the basic authentication but I need too use a custom login page in my project.
    Help me, please!
    Thanks!
    Victor Magno

    DB:3.10:Forms Authentication Using Iis To Validate The Credentials j3

    I've found the answer in this blog:
    http://www.christowles.com/2011/04/aspnet-forms-based-authentication-with.html

  • RELEVANCY SCORE 3.09

    DB:3.09:Backend Ex2003 Default Virtual Directory Authentication p8


    All
    We have exchange clustered backed servers (4 node, 3A, 1 P). in backend servers IIS default virtual directory is enabled with basic authentication. Would it be any issue if we uncheck basic authentication and allow integrated authentication only...

    all front end servers are configured with integrated authentication only in IIS?

    DB:3.09:Backend Ex2003 Default Virtual Directory Authentication p8

    Hi,

    Regarding to the authentication on Front End Server and Back End Server, it is based on the detail Server environment. Usually, dual authentication is used with front-end
    and back-end servers. Both front-end and back-end servers
    are configured to authenticate users. You can select different methods on front-end and back-end servers to authenticate the users.

    For more information about Authentication methods, I would like to share you the following article:

    Authentication Mechanisms for HTTP

    Thanks,
    NovakPlease remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”

  • RELEVANCY SCORE 3.08

    DB:3.08:Java Web Service / Abap Client Proxy ... Username Password x9



    I have some ABAP function modules that need to use some Java web services. For this, I have created a client proxy that is utilized by the ABAP function module and the client proxy in turn communicates with the Java web service.

    The web service does BASIC (USERNAME/PASSWORD) HTTP AUTHENTICATION. When I execute the ABAP function module in test mode, I am prompted with a username/password. How can I pass this username and password to the Java web service programmatically.

    DB:3.08:Java Web Service / Abap Client Proxy ... Username Password x9


    Hi

    See this Help

    http://help.sap.com/saphelp_nw2004s/helpdata/en/6a/14e13d8ee4535ee10000000a114084/frameset.htm

    Kind Regards

    Mukesh

  • RELEVANCY SCORE 3.07

    DB:3.07:Setting Iis Basic Authentication Credentials Base64 Encoded With Soap Adapter zd


    I have a requirement to call a web service that is set up to use basic authentication. The UserName and Password need to be Base64 encoded. I can do this ok from .net code but how do I do this from within an Orchestration/Send Port SOAP configuration?
     
    I understand that on the Send Port I have an option to use Basic Authentication but it is not Base64 encoded - it is sent in clear text.
     
    Thanks in advance
     
     
    OK I found out I can do something like this
    MsgRequest(HTTP.UserHttpHeaders) = Authorization: Basic c29hcHRlc3Q6cGFzc3dvcmQ=;
     
    But I still get a 401 I think somewhere I need to set the PreAuthenticate property (as I do in a .net client)

    DB:3.07:Setting Iis Basic Authentication Credentials Base64 Encoded With Soap Adapter zd

    So you are using the HTTP adapter context properties. Here is an article that describes more about the PreAuthenticate situation: http://www.sabratech.co.uk/blogs/yossidahan/archive/2007_09_01_archive.html.
     
    Another approach would be to use the WCF-BasicHttp adapter. In the adapter properties you can configure transport security and then specify that the transport client credential type be Basic. Here is a post topic that demonstrates more of this: http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1709163SiteID=1 in your situation. Look at one of the last posts which mentions someone who did this. You could also look at using the BizTalk WCF custom adapter for further WCF customization.
     
    Thanks,  
     

  • RELEVANCY SCORE 3.07

    DB:3.07:Ntlmn Authentication sm


    Hi,

    Thank you for reading my post and any replies would be helpful.

    Lately I've developed an applet on a server (IIS) which needs NTLM authentication, this has proved to be quite a waste of time. The Ntlm authentication seems to work only on windows plattforms and only if the user is logged in with the same credentials.

    The problem is although the authentication works for the browser, ie gaining acesss to the html and managing to fire up the java plugin, the java plugin inits another dialog box requesting credentials. This is extremely annoying yet what is worse is that the authentication fails; on windows plattforms it fails with a classnotfounderror, on ubuntu it gives more descriptive error message:

    Java Plug-in 1.6.0_10
    Using JRE version 1.6.0_10 Java HotSpot(TM) Client VM
    User home directory = /home/****

    network: Loading user-defined proxy configuration ...
    network: Done.
    network: Loading proxy configuration from Netscape Navigator ...
    network: Error reading registry file: /home/renani/.mozilla/appreg
    network: Done.
    network: Loading browser proxy configuration ...
    network: Done.
    network: Proxy Configuration: Browser Proxy Configuration

    basic: New window ID: 3201379
    basic: Value of xembed: 1
    basic: Referencing classloader: sun.plugin.ClassLoaderInfo@136228, refcount=1
    basic: setWindow: call before applet exists:3201379
    basic: Added progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@13f5d07
    basic: Loading applet ...
    basic: Initializing applet ...
    basic: Starting applet ...
    basic: completed perf rollup
    network: Cache entry not found [url: http://ilder.hn-ikt.no/ilder/ilderApplet.jar, version: null]
    network: Connecting http://ilder.hn-ikt.no/ilder/ilderApplet.jar with proxy=DIRECT
    network: Connecting socket://ilder.hn-ikt.no:80 with proxy=DIRECT
    network: Connecting http://ilder.hn-ikt.no/ilder/ilderApplet.jar with cookie " "
    network: Firewall authentication: site=ilder.hn-ikt.no/172.29.2.14:80, protocol=http, prompt=, scheme=ntlm
    network: Connecting http://ilder.hn-ikt.no/ilder/ilderApplet.jar with cookie " "
    network: Cache entry not found [url: http://ilder.hn-ikt.no/ilder/ilderApplet.jar, version: null]
    network: Connecting http://ilder.hn-ikt.no/ilder/ilderApplet.jar with proxy=DIRECT
    network: Connecting socket://ilder.hn-ikt.no:80 with proxy=DIRECT
    java.lang.NullPointerException
    at sun.net.www.protocol.http.NTLMAuthentication.calcLMHash(NTLMAuthentication.java:297)
    at sun.net.www.protocol.http.NTLMAuthentication.buildType3Msg(NTLMAuthentication.java:382)
    at sun.net.www.protocol.http.NTLMAuthentication.setHeaders(NTLMAuthentication.java:213)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1148)
    at sun.plugin.PluginURLJarFileCallBack.downloadJAR(PluginURLJarFileCallBack.java:74)
    at sun.plugin.PluginURLJarFileCallBack.access$000(PluginURLJarFileCallBack.java:48)
    at sun.plugin.PluginURLJarFileCallBack$2.run(PluginURLJarFileCallBack.java:133)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin.PluginURLJarFileCallBack.retrieve(PluginURLJarFileCallBack.java:120)
    at sun.net.www.protocol.jar.URLJarFile.retrieve(URLJarFile.java:186)
    ....
    at java.lang.Thread.run(Thread.java:619)
    basic: Exception: java.lang.NullPointerException
    Ignored exception: java.lang.NullPointerException
    basic: New window ID: 0
    basic: Stopping applet ...
    basic: Removed progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@13f5d07
    basic: Destroying applet ...
    basic: Disposing applet ...
    basic: Joining applet thread ...
    basic: Joined applet thread ...
    basic: Finding information ...
    basic: Releasing classloader: sun.plugin.ClassLoaderInfo@136228, refcount=0
    basic: Caching classloader: sun.plugin.ClassLoaderInfo@136228
    basic: Current classloader cache size: 1
    basic: Done ...
    basic: Quiting applet ...
    basic: New window ID: 3201c61
    basic: Value of xembed: 1
    basic: Referencing classloader: sun.plugin.ClassLoaderInfo@7976c1, refcount=1
    basic: setWindow: call before applet exists:3201c61
    basic: Added progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@1493102
    basic: Loading applet ...
    basic: Initializing applet ...
    basic: Starting applet ...
    basic: completed perf rollup
    network: Cache entry not found [url: http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar, version: null]
    network: Connecting http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar with proxy=DIRECT
    network: Connecting socket://ilder.hn-ikt.no:80 with proxy=DIRECT
    network: Connecting http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar with cookie " "
    network: Firewall authentication: site=ilder.hn-ikt.no/172.29.2.14:80, protocol=http, prompt=, scheme=ntlm
    network: Connecting http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar with cookie " "
    network: Cache entry not found [url: http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar, version: null]
    network: Connecting http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar with proxy=DIRECT
    network: Connecting socket://ilder.hn-ikt.no:80 with proxy=DIRECT
    java.lang.NullPointerException
    at sun.net.www.protocol.http.NTLMAuthentication.calcLMHash(NTLMAuthentication.java:297)
    at sun.net.www.protocol.http.NTLMAuthentication.buildType3Msg(NTLMAuthentication.java:382)
    at sun.net.www.protocol.http.NTLMAuthentication.setHeaders(NTLMAuthentication.java:213)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1148)
    at sun.plugin.PluginURLJarFileCallBack.downloadJAR(PluginURLJarFileCallBack.java:74)
    at sun.plugin.PluginURLJarFileCallBack.access$000(PluginURLJarFileCallBack.java:48)
    at sun.plugin.PluginURLJarFileCallBack$2.run(PluginURLJarFileCallBack.java:133)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin.PluginURLJarFileCallBack.retrieve(PluginURLJarFileCallBack.java:120)
    ...
    at java.lang.Thread.run(Thread.java:619)
    basic: Exception: java.lang.NullPointerException
    Ignored exception: java.lang.NullPointerException
    security: Accessing keys and certificate in Mozilla user profile: nullI am not sure what to conclude from this other than that the NTLMN authentication is not correctly implemented by SUN. After reading on forums and amongst other these articles: [http://java.sun.com/javase/6/docs/technotes/guides/net/http-auth.html] , [http://java.sun.com/developer/technicalArticles/javase/newapplets/ ] I tried something that did not work:

    applet code="theclassfile" archive="theJarfile"
    parameter java_arguments="-Dhttp.auth.preference=HTTPBasic"/
    /applet
    The intention is to use basic if available and I made sure it was.

    1. Why isn't the authentication from the browser pass-thru (transparent)?
    2. Is it possible to set authentication preferanses as I tried with my example?

    DB:3.07:Ntlmn Authentication sm

    Hi,

    Thank you for reading my post and any replies would be helpful.

    Lately I've developed an applet on a server (IIS) which needs NTLM authentication, this has proved to be quite a waste of time. The Ntlm authentication seems to work only on windows plattforms and only if the user is logged in with the same credentials.

    The problem is although the authentication works for the browser, ie gaining acesss to the html and managing to fire up the java plugin, the java plugin inits another dialog box requesting credentials. This is extremely annoying yet what is worse is that the authentication fails; on windows plattforms it fails with a classnotfounderror, on ubuntu it gives more descriptive error message:

    Java Plug-in 1.6.0_10
    Using JRE version 1.6.0_10 Java HotSpot(TM) Client VM
    User home directory = /home/****

    network: Loading user-defined proxy configuration ...
    network: Done.
    network: Loading proxy configuration from Netscape Navigator ...
    network: Error reading registry file: /home/renani/.mozilla/appreg
    network: Done.
    network: Loading browser proxy configuration ...
    network: Done.
    network: Proxy Configuration: Browser Proxy Configuration

    basic: New window ID: 3201379
    basic: Value of xembed: 1
    basic: Referencing classloader: sun.plugin.ClassLoaderInfo@136228, refcount=1
    basic: setWindow: call before applet exists:3201379
    basic: Added progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@13f5d07
    basic: Loading applet ...
    basic: Initializing applet ...
    basic: Starting applet ...
    basic: completed perf rollup
    network: Cache entry not found [url: http://ilder.hn-ikt.no/ilder/ilderApplet.jar, version: null]
    network: Connecting http://ilder.hn-ikt.no/ilder/ilderApplet.jar with proxy=DIRECT
    network: Connecting socket://ilder.hn-ikt.no:80 with proxy=DIRECT
    network: Connecting http://ilder.hn-ikt.no/ilder/ilderApplet.jar with cookie " "
    network: Firewall authentication: site=ilder.hn-ikt.no/172.29.2.14:80, protocol=http, prompt=, scheme=ntlm
    network: Connecting http://ilder.hn-ikt.no/ilder/ilderApplet.jar with cookie " "
    network: Cache entry not found [url: http://ilder.hn-ikt.no/ilder/ilderApplet.jar, version: null]
    network: Connecting http://ilder.hn-ikt.no/ilder/ilderApplet.jar with proxy=DIRECT
    network: Connecting socket://ilder.hn-ikt.no:80 with proxy=DIRECT
    java.lang.NullPointerException
    at sun.net.www.protocol.http.NTLMAuthentication.calcLMHash(NTLMAuthentication.java:297)
    at sun.net.www.protocol.http.NTLMAuthentication.buildType3Msg(NTLMAuthentication.java:382)
    at sun.net.www.protocol.http.NTLMAuthentication.setHeaders(NTLMAuthentication.java:213)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1148)
    at sun.plugin.PluginURLJarFileCallBack.downloadJAR(PluginURLJarFileCallBack.java:74)
    at sun.plugin.PluginURLJarFileCallBack.access$000(PluginURLJarFileCallBack.java:48)
    at sun.plugin.PluginURLJarFileCallBack$2.run(PluginURLJarFileCallBack.java:133)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin.PluginURLJarFileCallBack.retrieve(PluginURLJarFileCallBack.java:120)
    at sun.net.www.protocol.jar.URLJarFile.retrieve(URLJarFile.java:186)
    ....
    at java.lang.Thread.run(Thread.java:619)
    basic: Exception: java.lang.NullPointerException
    Ignored exception: java.lang.NullPointerException
    basic: New window ID: 0
    basic: Stopping applet ...
    basic: Removed progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@13f5d07
    basic: Destroying applet ...
    basic: Disposing applet ...
    basic: Joining applet thread ...
    basic: Joined applet thread ...
    basic: Finding information ...
    basic: Releasing classloader: sun.plugin.ClassLoaderInfo@136228, refcount=0
    basic: Caching classloader: sun.plugin.ClassLoaderInfo@136228
    basic: Current classloader cache size: 1
    basic: Done ...
    basic: Quiting applet ...
    basic: New window ID: 3201c61
    basic: Value of xembed: 1
    basic: Referencing classloader: sun.plugin.ClassLoaderInfo@7976c1, refcount=1
    basic: setWindow: call before applet exists:3201c61
    basic: Added progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@1493102
    basic: Loading applet ...
    basic: Initializing applet ...
    basic: Starting applet ...
    basic: completed perf rollup
    network: Cache entry not found [url: http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar, version: null]
    network: Connecting http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar with proxy=DIRECT
    network: Connecting socket://ilder.hn-ikt.no:80 with proxy=DIRECT
    network: Connecting http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar with cookie " "
    network: Firewall authentication: site=ilder.hn-ikt.no/172.29.2.14:80, protocol=http, prompt=, scheme=ntlm
    network: Connecting http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar with cookie " "
    network: Cache entry not found [url: http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar, version: null]
    network: Connecting http://ilder.hn-ikt.no/testing/ilder/ilderApplet.jar with proxy=DIRECT
    network: Connecting socket://ilder.hn-ikt.no:80 with proxy=DIRECT
    java.lang.NullPointerException
    at sun.net.www.protocol.http.NTLMAuthentication.calcLMHash(NTLMAuthentication.java:297)
    at sun.net.www.protocol.http.NTLMAuthentication.buildType3Msg(NTLMAuthentication.java:382)
    at sun.net.www.protocol.http.NTLMAuthentication.setHeaders(NTLMAuthentication.java:213)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1148)
    at sun.plugin.PluginURLJarFileCallBack.downloadJAR(PluginURLJarFileCallBack.java:74)
    at sun.plugin.PluginURLJarFileCallBack.access$000(PluginURLJarFileCallBack.java:48)
    at sun.plugin.PluginURLJarFileCallBack$2.run(PluginURLJarFileCallBack.java:133)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin.PluginURLJarFileCallBack.retrieve(PluginURLJarFileCallBack.java:120)
    ...
    at java.lang.Thread.run(Thread.java:619)
    basic: Exception: java.lang.NullPointerException
    Ignored exception: java.lang.NullPointerException
    security: Accessing keys and certificate in Mozilla user profile: nullI am not sure what to conclude from this other than that the NTLMN authentication is not correctly implemented by SUN. After reading on forums and amongst other these articles: [http://java.sun.com/javase/6/docs/technotes/guides/net/http-auth.html] , [http://java.sun.com/developer/technicalArticles/javase/newapplets/ ] I tried something that did not work:

    applet code="theclassfile" archive="theJarfile"
    parameter java_arguments="-Dhttp.auth.preference=HTTPBasic"/
    /applet
    The intention is to use basic if available and I made sure it was.

    1. Why isn't the authentication from the browser pass-thru (transparent)?
    2. Is it possible to set authentication preferanses as I tried with my example?

  • RELEVANCY SCORE 3.06

    DB:3.06:Basic Authentication From Client Javascript ps


    I'd like to set header fields on a browser request. This would allow me to satisfy basic authentication requirements (user-pass). This can be done from DotNet and from Java clients easily, but I'd like to avoid a download.

    Does client-side JavaScript offer access to the request header?

    DB:3.06:Basic Authentication From Client Javascript ps

    I'm sure it's not possible since technologies like Java have low-level access to connection and request, but Javascript is insulated from that. If it exists, it would have to be in the link or URL object, not in document. By the time you have a document in Javascript, the header has already been sent.

  • RELEVANCY SCORE 3.06

    DB:3.06:Java Service + Windows Authentication With External Iis Webservice 8x



    Hi All,

    We have web client plugin that has a UI an java dataproviders. These data providers are written to get data from a C# REST api hosted in IIS. That API is using windows authentication to authenticate users.

    Here is how we call the api in java code

    final URL url = new URL(path);

    final HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();

    connection.setSSLSocketFactory(ClientCertificateHelper.getSSLSocketFactory());

    connection.setHostnameVerifier(ClientCertificateHelper.getHostnameVerifier());

    connection.setRequestMethod("GET");

    connection.setUseCaches(false);

    connection.setDoOutput(true);

    connection.setInstanceFollowRedirects(true);

    final String response = getResponse(connection);

    As you can see we are not explicitly setting any user for this request. What we have seen in the past is that when java data providers making calls to the C# api, it passes the domain machine account (domainname\machinename$ )as the user. (The vCenter web client service runs as "local system"). And that was working fine.

    However, there is one environment that this is failing. We are getting following error when calling the external API.

    [2013-12-13 00:17:38.719] ERROR [ERROR] data-service-pool-506 System.err java.io.IOException: Authentication failure

    [2013-12-13 00:17:38.719] ERROR [ERROR] data-service-pool-506 System.err at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)

    [2013-12-13 00:17:38.719] ERROR [ERROR] data-service-pool-506 System.err at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)

    According to IIS logs the incoming username is empty. Which means its doing anonymous requests. (Or the the authentication negotiation fails. The authentication providers order in IIS is Negotiate,NTLM ).

    Could someone please give some directions to resolve this issue?

    Is there a way to make this call as the logged in user for the web client?

    Any help on this is really appreciated as we are stuck with this error.

    -Thanks

    DB:3.06:Java Service + Windows Authentication With External Iis Webservice 8x


    I don't know of any such documentation, you may try other forums.

  • RELEVANCY SCORE 3.04

    DB:3.04:.Net Basic Authentication - Non Iis Server p3


    Can someone tell me if ASP.NET is meant to authenticate against non-IIS servers?
    Basic authentication is an RFC standard but it seems to me that ASP.NET only performs authentication against IIS.
    When I try to authenticate against tomcat server, it fails. My research seems to indicate that ASP.NET only perform basic auth against IIS.
    I want to conenct to a java based server using Basic Auth and then pull data from it.
    Can someone shed some light on this?
    Thanks

    DB:3.04:.Net Basic Authentication - Non Iis Server p3

    Hi
    For ASP.NET questions, please use forums.asp.net for better answer.
    Thanks.Figo Fei

    MSDN Subscriber Support
    in Forum

    If you have any feedback on our support, please contact
    msdnmg@microsoft.com

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

  • RELEVANCY SCORE 3.04

    DB:3.04:Outlook Anywhere Password Prompt With Basic Authentication p8


    Hello
    Is there any way to prevent constant password prompt in Outlook 2003 or 2007 configured with RCP over HTTPS.
    In Outlook client basic authentication is enabled. RPC over HTTPS is published by Forefront server that has also Basic authentication enabled.
    Outlook 2010 dont have this problem. All needed directories in CAS iis support Basic authentication.
    Thank You for help in advance

    DB:3.04:Outlook Anywhere Password Prompt With Basic Authentication p8

    Hi Ikariux,

    It is because Outlook 2010 use Negotiate Authentication as default.
    If you use Kerberos Password Authentication, I think Outlook 2010will be same as Outlook 2003 and
    Outlook 2007.

    Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread

  • RELEVANCY SCORE 3.04

    DB:3.04:How Do I Do Basic Authentication In A Web Services Client dz


    At Linfield College we do network account management in real time via servlets running in GlassFish. Since email accounts are hosted on Exchange, I need too be able to access Exchange to setup account, do email forwarding and also implement privacy in compliance with FERPA (a federal standard that affects to students). The code to do all that is written in C# as an ASP.NET web service hosted in IIS. I use Eclipse Kepler for Java EE development that includes the Web Tools Platform. To create the client, a start by creating a Java Project and add a classfile. Then I highlight the classfile and select new - other - web services. I add the WSDL and under configuration I click client project and then finish. That gives me a proxy stub that I can use to access all the published web methods, but what it doesn't give me is any way to implement authentication. I want to implement basic authentication, what am I missing? Thanks,Rob TannerLinfield College

    DB:3.04:How Do I Do Basic Authentication In A Web Services Client dz

    At Linfield College we do network account management in real time via servlets running in GlassFish. Since email accounts are hosted on Exchange, I need too be able to access Exchange to setup account, do email forwarding and also implement privacy in compliance with FERPA (a federal standard that affects to students). The code to do all that is written in C# as an ASP.NET web service hosted in IIS. I use Eclipse Kepler for Java EE development that includes the Web Tools Platform. To create the client, a start by creating a Java Project and add a classfile. Then I highlight the classfile and select new - other - web services. I add the WSDL and under configuration I click client project and then finish. That gives me a proxy stub that I can use to access all the published web methods, but what it doesn't give me is any way to implement authentication. I want to implement basic authentication, what am I missing? Thanks,Rob TannerLinfield College

  • RELEVANCY SCORE 3.03

    DB:3.03:Questions About Ssl And Authentication On Exchange 2010 Sp1 Virtual Directories mj


    So I just installed Exchange 2010 SP1, and have a couple questions regarding the security and authentication on the virtual directories.
    1) So I unchecked the require SSL option on the default website to get my http redirect working for OWA. This seemed to fix the problem, however I realized it propogated this change down through all the exchange virtual directories. I want pretty
    much everything to require SSL, but I'm not sure if all of these directories should have this set. I know I can probably go through and require SSL on OWA, Active Sync, etc, but not sure about some of the other directories. So bottom line, what should the
    SSL settings be on the all exchange virtual directories for best security practices.
    2) I'd also like to use forms based authentication with username only for OWA. I set this in EMC by going to server config-client access-owa (default website) properties-authentication tab, however when I go into IIS and click on the OWA virtual
    directory authentication settings, it shows basic authentication enabled and forms authentication disabled. But then I log in to owa using a web browser, and it seems to be using the forms based with username settings I had specified. If I enable forms authentication
    in IIS and disable the basic authentication, when I try to log in with my credentials I get directed to https://mail.mydomain.com/owa/auth.owa and get a http 400 error. Do I need to edit the forms authentication properties in IIS, or just put it back to basic?
    Can somebody explain this to me please and what the best settings are for what I'm trying to do? I just want to make sure everything is secure as possible.
    Thanks!

    DB:3.03:Questions About Ssl And Authentication On Exchange 2010 Sp1 Virtual Directories mj

    1) Here are the default auth and SSL settings for the virtual directories:
    http://technet.microsoft.com/en-us/library/gg247612.aspx
    2) Don't configure Exchange virtual directory authentication via IIS manager. Use Exchange management tools only. Be mindful that some changes to the authentication settings require an IIS reset. You'll see a warning popup when those scenarios
    apply. Make the change via Exchange tools, reset IIS if it tells you to,test it, if it works then it was successful.Paul Cunningham (MCITP) Get more Exchange tips and tutorials at: http://exchangeserverpro.com and the Exchange Server 2003 to 2010 Migration Guide: http://exchangeserverpro.com/exchange-2003-2010-migration-guide

  • RELEVANCY SCORE 3.01

    DB:3.01:Basic Authentication In 7940 + Iis Web Server pa



    hi,

    I've problem with basic authentication with 7940 series when 7940 try to browse to URL that have virtual directory security set to basic authentication

    the 7940 display the 'authentication required' screen with 'user name' and 'password' input field and 'select' 'exit' softkey

    when I've filled 'user name' and 'password' input field, I can't submit those info to web server by click 'select' or 'exit' softkey

    question : how to do a basic authentication on 7940 ? any workaround ?

    thanks in advance

    rudi

    DB:3.01:Basic Authentication In 7940 + Iis Web Server pa


    I'm not sure if this will help, but when I was having authentication problems, I fired up ethereal on the services box, set the filter to http and had a look at what was really going on.

    Other than that, the obvious workaround would be to have the script first return a menu, where the user enters login password, and which is submitted to the server. That will put the authentication into your script, so you have to be careful that users don't trick the script.

  • RELEVANCY SCORE 3.01

    DB:3.01:How To Config Secured Client For C#, .Net So On j3


    Hi, Experts
    I developed web service on oracle service bus. I configured http basic authentication for osb proxy service and secured by OWSM pre defined policy. my proxy service secured by Message Level Security and Transport Level Security.
    I could create secured client for java based to use client keystore, server keystore and http basic authentication.
    For now, I want to config client for .NET , C#. so How to create secured client for .NET, C#, PHP, DELPHI so on.
    Is it possible? Is it different to call web service between java bean class and java application.

    Thanks
    juddi

    DB:3.01:How To Config Secured Client For C#, .Net So On j3

    Hi, Experts
    I developed web service on oracle service bus. I configured http basic authentication for osb proxy service and secured by OWSM pre defined policy. my proxy service secured by Message Level Security and Transport Level Security.
    I could create secured client for java based to use client keystore, server keystore and http basic authentication.
    For now, I want to config client for .NET , C#. so How to create secured client for .NET, C#, PHP, DELPHI so on.
    Is it possible? Is it different to call web service between java bean class and java application.

    Thanks
    juddi

  • RELEVANCY SCORE 3.00

    DB:3.00:How To Troubleshoot Remoting Security Problem 97


    I have a remoting server hosted in IIS on my development machine (localhost),
    which is a member of a domain.
    IIS Directory Security is configured to disable anonymous access and to use
    digest authentication.

    1. If I configure my client to use default credentials using channel ...
    useDefaultCredentials=true in the app configuration file, everything works.

    2. If I configure my client to use default credentials in code as follows,
    everything works:
    object service = Activator.GetObject(...);
    IDictionary channelSinkProperties =
    ChannelServices.GetChannelSinkProperties(service);
    channelSinkProperties[credentials] = CredentialCache.DefaultCredentials;

    3. If I configure my client to use explicit credentials as follows:
    object service = Activator.GetObject(...);
    IDictionary channelSinkProperties =
    ChannelServices.GetChannelSinkProperties(service);
    channelSinkProperties[credentials] = New NetworkCredential(username,
    password, domain);

    then I get a WebException The remote server returned an error: (401)
    Unauthorized and the Event Log Security tab contains a Failure Audit event:

    Logon Failure:
    Reason: Unknown user name or bad password
    User Name: myUserName
    Domain: MyDomain
    Logon Type: 3
    Logon Process: IIS   
    Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
    Workstation Name: MyWorkstation

    4. If I configure my client to use explicit credentials as in (3) above, and
    configure IIS to enable basic authentication and disable digest
    authentication, then everything works.

    How can I troubleshoot the problem (3) above, i.e. how can I use explicit credentials with digest authentication?

    DB:3.00:How To Troubleshoot Remoting Security Problem 97

    Joe, nothing jumps out at me as incorrrect in your solution 3), though you'll probably want to switch to using a credential cache object to force Digest auth.  Try the sample code in the .NET Security Guide [1], including enabling pre-auth, and see if that does it for you.
    [1] http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetch11.asp
    Cheers,
    JJustice [MSFT]

  • RELEVANCY SCORE 2.99

    DB:2.99:How To Implement Basic Authentication With Active Directory? fj


    I have a non-windows client that passes the credentials using basic authentication but we need it to authenticate agains AD. On my IIS directory security I have both Basic authentication and Integrated  Windows authentication checked. What should I put in binding cofiguration to make it work?thanksVadim

    DB:2.99:How To Implement Basic Authentication With Active Directory? fj

    Hi,On a computer that Active Directory domain accounts have been given permissions to log on to that computer for IIS purposes.  Those AD accounts are still stored in AD.  IIS would pass on to the local Windows computer to authenticate, and then the Windows computer would query Active Directory to make sure the username and password matched.  This isn't exactly technically accurate, but should show you how AD fits into the whole picture.If your users are in Active Directory, consider using Windows, username, or Basic authentication. All of these authentication schemes can be mapped to users in Active Directory.Basic authentication. Basic authentication maps to users in Active Directory. Transport security will be required in order to protect user credentials. Basic authentication can cross firewall boundaries. For how to configure your wcf service to use transport level basic authentication, see the link below:http://msdn.microsoft.com/en-us/library/ms733775.aspxThanksBinze

    Please remember to mark the replies as answers if they help and unmark them if they provide no help. Welcome to the All-In-One Code Framework! If you have any feedback, please tell us.

  • RELEVANCY SCORE 2.99

    DB:2.99:Disadvantages Of Basic Authentication In Calendar Dot Net Application. 7k


    Hi,
    Can some one pleaselet me knowthe disadvantages ofbasic authentication in calendar application in asp .net 2.0 with IIS?
    Thanks Somya

    DB:2.99:Disadvantages Of Basic Authentication In Calendar Dot Net Application. 7k

    Probably nobody here, as this forum is for .NET Framework installation questions.
    If you ask in a topical ASP.NET forum, you'll get good suggestions:
    http://forums.asp.net/

  • RELEVANCY SCORE 2.98

    DB:2.98:Basic Authentication And Ssl Produce Error 404 k3


    We have set up java administration pages for our website. We would like theses pages secured from the general public for obvious reasons. We have set iis to use basic authentication, which works with no problem.

    The problem comes in when we try to enable ssl protection. Following the same link does not bring up a login box and displays 404:File Not Found.

    Win NT 4.0 SP6
    IE 5.5

    DB:2.98:Basic Authentication And Ssl Produce Error 404 k3

    https is what starts the link and I do use the fully qualified path.
    I think the java version is JRE 1.2 if that helps.

  • RELEVANCY SCORE 2.94

    DB:2.94:Integrated Windows Authentication 8k


    I have developed a client, using SAAJ, to consume a Web Service which is published on IIS with the Integrated Windows Authentication option checked.

    Every time I run the client I get an Access Denied error.

    In .Net there is a way to pass on the credentials of the client to overcome this when sending the SOAP message, is there a way to do this in Java?

    Has anyone else tried something similar and experienced the same problem?

    Thanks,

    Lee

    DB:2.94:Integrated Windows Authentication 8k

    I also have a similar (or maybe the same) problem.

    I'd like to be able to set the username and password in the client SOAPConnection, for http basic authentication, using the SAAJ API.

    Haven't found out how yet, any help appreciated.

    Ian

  • RELEVANCY SCORE 2.94

    DB:2.94:Iis + Tomcat Basic Authentication. Retrieve User Information ! f8


    Hi all,

    I am building a system with java servlet on Tomcat. To implement Windows Integrated Authentication and Basic Authentication I have to use IIS with ISAPI connector.

    In the first case, when Windows Integrated Authentication is done, the user information is retrieved by decoding (Base64 - NTLM) the req.getHeader("Authorization").

    But in Basic Authentication case, I can not decode the req.getHeader("Authorization") to get the user 's information (I do not know the format of this information - perhap it is not Base64 or NTLM).

    Any idea ?

    Thanks in advanced !

    DB:2.94:Iis + Tomcat Basic Authentication. Retrieve User Information ! f8

    I have found the solution. No need to decode the Negotiate data, just use getRemoteUser() function. Before it, please set the tomcatAuthentication="false" in your jk2.properties file.
    http://www.junlu.com/msg/154619.html for more detail !
    Thanks !

  • RELEVANCY SCORE 2.93

    DB:2.93:Oledb Olap Provider, Http And Basic Authentication p9


    I am using OLAP OleDB provider (or ADOMD.NET - doesn't make difference) to connect to SSAS through HTTP. IIS is configured to accept on Basic Authentication.
    The thing works, but there is a problem. Every request issued by OleDB provider first tries anonymous authentication and only when it is rejected it goes with basic authentication. So it works, but every request is composed of at least two roundtrips.
    Any idea how to persuade OleDB client to use basic authentication from start?

    Miha Markic [MVP C#] http://blog.rthand.com

    DB:2.93:Oledb Olap Provider, Http And Basic Authentication p9

    I used ADOMD.NET and got it working with the following settings.
    On IIS only turn on Windows authentication on your OLAP provider
    Within ADOMD.NET use a connection string like
    Data Source=http://Servername/OLAP/msmdpump.dll; Initial Catalog=SSASCube; User ID=UsernameWithoutDomain; Password=Password
    As you can see I skipped the Integrated security part in my connection string, if I add that section then I get all the errors mentioned below.
    Hope this helps

  • RELEVANCY SCORE 2.93

    DB:2.93:Question About Java Gss-Kerberos Authentication c8


    Hi,

    I am new to GSS API. I have a client requirement to use Java GSS Kerberos Authentication instead of using IIS for Integrated Windows Authentication. In IWA, the IE browser automatically picks up the logged-in windows user credentials and passes it to IIS, which authenticates you against Active Directory and returns SUCCESS.

    We are planning to write a Servlet/JSP code on Apache Tomcat on Solaris 10, which uses Java GSS API to do Kerberos Authentication and return SUCCESS to the user. When I look at the examples:
    http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/tutorials/AcnOnly.html#RunAc
    it says:
    "You will be prompted for your Kerberos user name and password, and the underlying Kerberos authentication mechanism specified in the login configuration file will log you into Kerberos. If your login is successful, you will see the following message: Authentication succeeded!"
    Does this mean that in Kerberos Authentication using Java GSS API, the user will have to enter his windows credentials for authentication? Is there a way for the credentials to be passed from Windows automatically to the API, without user intervention?

    Any links detailing the procedure would be of great help.

    Thanks,
    shetty2k

    DB:2.93:Question About Java Gss-Kerberos Authentication c8

    We are having a similar requirement from our end. To make situation worst I do not even have an idea about an approach.

    What are the ways that we can use windows credentials to authenticate against IIS with tomcat?

    any help is greatly appreciated.

    R.

  • RELEVANCY SCORE 2.92

    DB:2.92:Odd Error With Foreach Loop - Missing Statement Body In Foreach Loop. fc


    I have an array

    $array_ServerManager_WebOptions = @(
    #Web-Server, #[ ] Web Server (IIS)
    Web-WebServer, # [ ] Web Server
    Web-Common-Http, # [ ] Common HTTP Features
    Web-Static-Content, # [ ] Static Content
    Web-Default-Doc, # [ ] Default Document
    Web-Dir-Browsing, # [ ] Directory Browsing
    Web-Http-Errors, # [ ] HTTP Errors
    Web-Http-Redirect, # [ ] HTTP Redirection
    Web-DAV-Publishing, # [ ] WebDAV Publishing
    Web-App-Dev, # [ ] Application Development
    Web-Asp-Net, # [ ] ASP.NET
    Web-Net-Ext, # [ ] .NET Extensibility
    Web-ASP, # [ ] ASP
    Web-CGI, # [ ] CGI
    Web-ISAPI-Ext, # [ ] ISAPI Extensions
    Web-ISAPI-Filter, # [ ] ISAPI Filters
    Web-Includes, # [ ] Server Side Includes
    Web-Health, # [ ] Health and Diagnostics
    Web-Http-Logging, # [ ] HTTP Logging
    Web-Log-Libraries, # [ ] Logging Tools
    Web-Request-Monitor, # [ ] Request Monitor
    Web-Http-Tracing, # [ ] Tracing
    Web-Custom-Logging, # [ ] Custom Logging
    Web-ODBC-Logging, # [ ] ODBC Logging
    Web-Security, # [ ] Security
    Web-Basic-Auth, # [ ] Basic Authentication
    Web-Windows-Auth, # [ ] Windows Authentication
    Web-Digest-Auth, # [ ] Digest Authentication
    Web-Client-Auth, # [ ] Client Certificate Mapping Authentic...
    Web-Cert-Auth, # [ ] IIS Client Certificate Mapping Authe...
    Web-Url-Auth, # [ ] URL Authorization
    Web-Filtering, # [ ] Request Filtering
    Web-IP-Security, # [ ] IP and Domain Restrictions
    Web-Performance, # [ ] Performance
    Web-Stat-Compression, # [ ] Static Content Compression
    Web-Dyn-Compression, # [ ] Dynamic Content Compression
    Web-Mgmt-Tools, # [ ] Management Tools
    Web-Mgmt-Console, # [ ] IIS Management Console
    Web-Scripting-Tools, # [ ] IIS Management Scripts and Tools
    Web-Mgmt-Service, # [ ] Management Service
    Web-Mgmt-Compat, # [ ] IIS 6 Management Compatibility
    Web-Metabase, # [ ] IIS 6 Metabase Compatibility
    Web-WMI, # [ ] IIS 6 WMI Compatibility
    Web-Lgcy-Scripting, # [ ] IIS 6 Scripting Tools
    Web-Lgcy-Mgmt-Console, # [ ] IIS 6 Management Console
    Web-Ftp-Server, # [ ] FTP Server
    Web-Ftp-Service, # [ ] FTP Service
    Web-Ftp-Ext, # [ ] FTP Extensibility
    Web-WHC, # [ ] IIS Hostable Web Core
    #
    $null # $null to terminate array but leave comma pattern
    );

    DB:2.92:Odd Error With Foreach Loop - Missing Statement Body In Foreach Loop. fc

    Yeah, I was trying to neutralize the array for testing purposes. Didn't think it would have quite that effect.

  • RELEVANCY SCORE 2.92

    DB:2.92:Configuring Basic Authentication With Username And Password On Biztalk Schema Service jk


    Hi,
    I have published my schema as a webservice with WCF-BASICHTTP adapter in IIS 8.0.
    I wanted to have a Basic Authentication(User name and password restriction).
    I made the Receive location with Security mode as Transport and Transport Client Crediential Type asBasic.
    I also set the Service in IIS with Basic Authentication only enabled.
    But I don't know how to provide a UserName and Password Authentication.
    Please provide your suggestions

    Regards, Vignesh S

    DB:2.92:Configuring Basic Authentication With Username And Password On Biztalk Schema Service jk

    This sample is I think what you're looking for:
    http://www.codeproject.com/Articles/96028/WCF-Service-with-custom-username-password-authenti

    The important thing to keep in mind is the WCF configuration is essentially the same for IIS or BizTalk In-Process, just different .config files.

  • RELEVANCY SCORE 2.91

    DB:2.91:Authentication And Authorization Problems In Monitoring Server (Anonymous Logon) dz


    I have a problem regarding authentication and authorization. Please consider my scenario.
    There are three servers with details as follows:
    1.       Database Server
    a.       SQL 2008
    b.      Database Engine
    c.       IIS 7.0
    2.       Monitoring Server
    a.       SQL 2008
    b.      SQL 2005 Reporting Service for installing Monitoring Server
    c.       IIS 7.0
    d.      Performance Point Monitoring 2007
    3.       Planning Server
    a.       SQL 2008 for Analysis Service
    b.      Performance Point Planning 2007
    c.       IIS
    What I did is…
    1.       Create a data source in my client machine which connects to the server using Windows Authentication (my user ID). I was able to access the cube.
    2.       Create a report using the data source created in (1). I wasn’t able to access the cube because it seems to use Anonymous Logon. I got the following error message.
     
    The Performance Point Server could not connect to the specified data source.
    Verify that either the current user or application pool user has Read permissions to the data source, depending on your security configuration.
    Also verify that all required connection information is provided and correct.
    Contact the administrator for more details.
    My question is I don’t want to give authorization to Anonymous User to access the cube. How could I make a report to connect to the cube as defined in the data source using my user ID.
     
    For additional information, the followings are settings of authentication in IIS of Monitoring Server.

    Authentication

    Active Directory Client Certificate Authentication

    Disabled

    HTTP 401 Challenge

    Anonymous Authentication

    Disabled

    ASP.NET Impersonation

    Enabled

    Basic Authentication

    Enabled

    HTTP 401 Challenge

    Digest Authentication

    Enabled

    HTTP 401 Challenge

    Forms Authentication

    Disabled

    HTTP 302 Login/Redirect

    Windows Authentication

    Enabled

    HTTP 401 ChallengeThanks you

    DB:2.91:Authentication And Authorization Problems In Monitoring Server (Anonymous Logon) dz

    Hi, I'm having the same error message: The
    Performance Point Server could not connect to the specified data source...when I try to access a dashboard on the Preview Site.
    I read Nick Barclay's post but my problem is slightly different.
    I ran the profiler and the Audit event shows ANONYMOUS LOGON instead of the account configured in PPSMonitioringPreview app pool.
    I gave the account the rights on SSAS server.
    Any clue?
    Thanks

  • RELEVANCY SCORE 2.91

    DB:2.91:Using Ntlm Authentication On Outlook Anywhere On Exchange 2007 Sp3 With Outlook 2007, Getting Continous Credential Prompts k8


    Server: Exchange 2007 SP3 UR3 on Windows 2008
    Client: 32-bit Outlook 2007 on Windows 7 32-bit
    Same network (not trying to connect from Internet yet), have Outlook configured to use Outlook Anywhere on Fast and Slow networks.
    I am currently configured for Basic authentication for both IIS and Client and this works as expected. I switched over to NTLM and verified the Outlook settings, and now all I get is continuous prompts from Outlook for username/password.
    What am I missing?

  • RELEVANCY SCORE 2.91

    DB:2.91:Sharepoint Web Services, Basic Authentication, And Http 401 Errors jc


    Hi.  I have a non-Windows app that needs to act as a client to a custom SharePoint web service that we wrote.  The web service works fine with a .NET client, but I'm now trying to use basic authentication from my new client.  My service is in the ISAPI folder so I went into IIS and turned on basic authentication for the _vti_bin virtual directory.  My client sends an http header containing this entry:Authorization: Basic cHB1c2VyOnBwdXNlcjEThis is the base64 encoded name and password for my test user that I'm trying to use.  I can successfully log into my sharepoint sites with this user, and he's also a machine administrator.  IIS always returns a 401 error here.  I looked in the IIS logs and see that it's a 401.2 error, which I believe says that the authentication mode is unaccepted.  My understanding of http authentication is that the WWW-Authenticate header sent back by the server will list acceptable authentication types when it returns a 401.  This header in the server's response is:WWW-Authenticate: NTLMI even turned off all other authentication options besides basic, but it always seems to ask for NTLM here.  How can I successfully allow my web services to be consumed by a basic authentication client?thanks,Chris

    DB:2.91:Sharepoint Web Services, Basic Authentication, And Http 401 Errors jc

    Being a SharePoint novice, I didn't think to look in central admin for additional sharepoint auth options.  A colleague pointed me to this article:http://technet2.microsoft.com/windowsserver/WSS/en/library/87b77b96-3589-4ede-9aa6-b913e804caa41033.mspx?mfr=truewhich directed me to the right place in central admin to affect the authentication settings for my web application.  I can now successfully access the service via basic authentication.  It also explains why IIS was always asking for NTLM.The one downer is that it seems to want to affect the authentication model for the entire app, when I would prefer to just offer basic auth on the _vti_bin folder.  Is there a way to be more granular here?thanks,Chris

  • RELEVANCY SCORE 2.90

    DB:2.90:Tfs Iis Authentication Methods kf


    Are there any negative impacts to allowing Basic Authentication for the TFS IIS container?
     

    DB:2.90:Tfs Iis Authentication Methods kf

    Ahh, I actually know about this issue all too well.  In my day job I work for Teamprise and was the dev lead responsible for the Build integration piece ;-)
     
    Assuming that you don't want to go down the route we did and code our own NTLMv2 implementation (which is now easier than it used to be because Microsoft now have published the protocol), then you have a few options other than allowing basic auth:
     
    1)  The supported solution would be to write a wrapper web service in .NET that used the Microsoft API's to talk to Team Build.  Your web service would be written so that it makes it easy for your Java application to call it and would be protected by a supported auth scheme.  You could make this as simple or as secure as you wanted then and know that your TFS server would never have any trouble when having service packs applied or other upgrades/patches.  In your circumstances this would actually be my preferred solution as it would simplify both your Java code and your TFS server installation.  TFS is a complicated enough beast, and anything you can do to keep your TFS installation a standard one will help you in the long run.
     
    2) You might also want to consider allowing NTLMv1 authentication on the TFS server.  Depending on your set up this might be controlled by group or local policies so might not be suitable.  If yiou want more information, take a look at the following KB article I wrote before we had implemented NTLMv2 auth (http://kb.teamprise.com/article/view/16).  Note that NTLMv1 has many risks associated with it - however it is more secure than basic auth.  The downside is that it is a server level switch - not just a application level one...
     
    Hope that helps, if you have any more questions feel free to drop me a line off-list at martin AT teamprise.com.
     
    Cheers,
     
    Martin Woodward.

  • RELEVANCY SCORE 2.90

    DB:2.90:Wcf Hosted On Windows Service - Basic Authentication 87


    Hey

    I want to understand how the authentication mechanism works. If an application is hosted on IIS and set to windows or basic IIS will authenticate against the windows accounts.
    when basic it will use the user name/ password that comes with the request where as windows integrated will use the token this is my understanding if I am wrong please do point it out.
    when a WCF service is hosted on windows service, where the authentication is happening? If I use basic authentication what happens when I request a method??
    I wanted to propose a solution but I want to understand this before I suggest. Do I have to use custom authentication provider or I am seeing a sampleapplicationmy team has the client makes a call to a ping method that has response as pong. but
    the client uses it to figure out the user is authorized user or not.
    I thought they might use some custom provider but in the code I dont see any. but the authentication is happening. so I wanted to understand what is exactly happening when a request that comes to WCF method that is hosted on windows service with basicauthentication.

    Thanks

    Chamy07

    DB:2.90:Wcf Hosted On Windows Service - Basic Authentication 87

    Hi Chamy07,
    I think what you are doing or going to do is called self-hosting transport layer security in WCF programming. Self-hosting means we use console, winform, or windows service or custom .NET app to host WCF service. And tranport layer security means
    we're using those transport or OS layer provided security authentication features like windows auth, basic auth , HTTPS/SSL. They are supported in self-hosting scenario just like supported in IIS hosting scenario. Actually, when you host WCF in IIS, it is
    the underlying HTTP.sys kernel mode subsystem of windows OS to handle the HTTP requests and security related stuffs (then forward to IIS for further processing). And when you use self-hosting, the WCF runtime directly work with the underlying HTTP.sys subsystem
    of the OS. Here are some articles describing the entire structure of IIS hosting (not only apply to WCF but also other IIS hosted web apps):

    #Introduction to IIS Architecture
    http://www.iis.net/learn/get-started/introduction-to-iis/introduction-to-iis-architecture
    #Understanding Kernel mode authentication in IIS 7
    http://blogs.msdn.com/b/amol/archive/2010/10/29/understanding-kernel-mode-authentication-in-iis-7.aspx

    And to get more details about how windows auth or basic auth is handled by the underlying HTTP.sys subsystem, you will need to find some reference about the Windows OS (probably kernel mode programming).Please remember to mark the replies as answers if they help and unmark them if they provide no help.

  • RELEVANCY SCORE 2.90

    DB:2.90:Keyusage Does Not Allow Digital Signatures 1m


    Hello,

    I'm getting the security: KeyUsage does not allow digital signatures error (in java log) when trying to authenticate our web-based java app using a smart card (CAC). The smart card authentication works fine on one test system, but not the other. Both are using the same 'certificate' (we believe). Both have the same IIS 6.0 settings, and same java setting...as well as IE browser settings.

    Visually, the symptom presents itself via the sun java login prompt when clicking the link to load the java app. We have an asp client that works fine. Only our java app is asking for re-authentication. If we manually type the credentials of a system admin, it loads the applet fine. What I can't figure out is, "Why are we getting prompted for a log-in to begin?"

    Note: We have verified that IIS (via IIS logs) that authentication is successful, yet still prompted.

    Here is a snippet of the java log: ----------------------------------

    security: Checking if SSL certificate is in Deployment permanent certificate store
    security: KeyUsage does not allow digital signatures
    Exception in thread "HandshakeCompletedNotify-Thread" java.util.ConcurrentModificationException
    at java.util.HashMap$HashIterator.nextEntry(Unknown Source)
    at java.util.HashMap$EntryIterator.next(Unknown Source)
    at java.util.HashMap$EntryIterator.next(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl$NotifyHandshakeThread.run(Unknown Source)
    network: Firewall authentication: site=sditap10086.afsac.wpafb.af.mil/134.136.33.21:443, protocol=https, prompt=, scheme=ntlm
    java.io.IOException: Server returned HTTP response code: 401 for URL: https://sditap10086.afsac.wpafb.af.mil/report.web/ASP/insight-inpage.jar
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)

    Any clues?

    DB:2.90:Keyusage Does Not Allow Digital Signatures 1m

    One of the KeyUsage extension bits is DIGITAL_SIGNATURE which in your case has most likely not been enabled so try getting a certificate signed with the DIGITAL_SIGNATURE bit enabled. It would be a good idea to actual have a look at your certificate to see which KeyUsage bits are enabled and whether the KeyUsage extension is set as critical or not. If the extension is defined as critical, then all the bits have to be followed, whereas if it is not critical, then the bits can be ignored and it depends on the API used on whether they enforce what the bits say.

  • RELEVANCY SCORE 2.90

    DB:2.90:Cba, Csom, Iis Settings, Error 401 f9


    Create a Claims Based Authentication web application with Windows integrated authentication only (NTLM).

    IIS authenticationsettings are the following:
    Anonymous, Forms, Windowsenabled.
    To define user credentials in the client object model use the code:
    clientContext.Credentials = new NetworkCredentials(name, password, domain)
    It works fine.
    Change Anonymous OR! Forms authentication to disabled in the IIS setting. Now we get error 401. Why? Are these IIS settingsnecessary?

    Thanks,
    Alex

    DB:2.90:Cba, Csom, Iis Settings, Error 401 f9

    Hi.
    Thanks for answer. I don't need anonymous users. I need a domain user. If I allow the anonymous authentication in IIS setting (this settings is default) SharePoint differs authenticated users.
    If I define an erroneous credential an error “401 (unauthorized)” occurs. But if I deny the anonymous authentication in IIS setting a connection to SharePoint from CSOM finishes with the same error for the right credential. Could you explain please
    why the correct credential using fails? Why “Anonymous authentication enabled” IIS settings is made as default?

    Alex

  • RELEVANCY SCORE 2.90

    DB:2.90:Https Client Authentication 7j


    i'm posting the data using HttpsURLConnection to IIS 5.0 web server. The code is working fine for server authentication. Now i want to enable the client authentication option in IIS. How do i send the client certificate from the Java program to the IIS web server

    DB:2.90:Https Client Authentication 7j

    Hi guys

    Here is the link which can help you

    http://vip.cs.utsa.edu/classes/cs5523s2002/lectures/JavaSecurity/SSLSocketClientWithClientAuth.java

    Thanks
    Venkata Rajkumar
    Sierra Atlantic Inc.

  • RELEVANCY SCORE 2.89

    DB:2.89:Lync Common Area Phone Login Fail jc


    Hi,
    i set up a test common area phone with the guide from jeff schertz (http://blog.schertz.name/2011/04/common-area-phone-configuration-in-lync/).
    but when i make start a test login with Test-CsPhoneBootstrap -PhoneOrExt 7521 -PIN 1234 i get the following error:
    TargetUri : https://lyncpool.intdomain.local:443/CertProv/CertProvisioningService.svc
    TargetFqdn : lyncpool.intdomain.local
    Result : Failure
    Latency : 00:00:02.5211487
    Error : ERROR - No response received for Web-Ticket service.
    Inner Exception:The HTTP request is unauthorized with client authentication scheme 'Basic'. The authentica
    tion header received from the server was 'Basic realm =LYNCServer01'.
    Inner Exception:The remote server returned an error: (401) Unauthorized.

    Diagnosis :
    Basic Auth Feature is installed in IIS WebServer Role and /CertProv IIS WebSiteDirectory is als activated for Basic Auth with DefaultDomain: intdomain and Realm: intdomain.
    Thanks in advance for help!Kind regards Joerg

    DB:2.89:Lync Common Area Phone Login Fail jc

    sometimes the simplest things are the best ;-)
    reset if the pin works, now the
    Test-CsPhoneBootstrap was successfully!
    TargetUri : https://lyncpool.indomain.local:443/CertProv/CertProvisioningService.svc
    TargetFqdn : lyncpool.intdomain.local
    Result : Success
    Latency : 00:00:13.8159090
    Error :
    Thanks Jeff!Kind regards Joerg

  • RELEVANCY SCORE 2.89

    DB:2.89:Central Administration Site Opens Only When Basic Authentication Is Enabled c1


    Installed sharepoint 2010 on Windows server 2008 r2 standard.
    Central administration site opens only when basic authentication is enabled in IIS.
    How to make it work with Windows authentication?
    Thanks,
    Abhilash

    DB:2.89:Central Administration Site Opens Only When Basic Authentication Is Enabled c1

    This is a true example of host name resolution issue.
    - First check if the binding is correctly configure in Alternate Access mapping on Central administration (as asked before by Paul)
    - Same binding should be provided under IIS for the web application

    If this doesn't resolve the issue then, for testing create a host entry for central admin hostheader url.
    To do this follow below mentioned steps:
    Go to Start - Run - Type drivers
    open HOSTS file in a notepad
    type IP address of the APP server and beside that with a tab key type URL of the site
    Save the file and try to browse the site in a fresh new browser after closing all the browser.

    Where SharePoint.com is my Host Header URL and IP address is the server IP where the site is hosted (APP Server generally)
    Thank You, Pallav S. Srivastav ----- If this helped you resolve your issue, please mark it Answered.

  • RELEVANCY SCORE 2.89

    DB:2.89:How Do I Add A Service Reference When Basic Authentication Has Been Enabled 9f


    I am trying to enable Basic Authenticaion for my WCF service, whicn requires disabling anonomous athentication and enabling basic authenticaion in IIS. Now I am unable to add the service reference, which is requiring authentication to complete and getting
    the following error:
    Metadata contains a reference that cannot be resolved: 'https://l01billm/wcf4test/Service1.svc'.
    The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was ''.
    The remote server returned an error: (401) Unauthorized.
    If the service is defined in the current solution, try building the solution and adding the service reference again.

    DB:2.89:How Do I Add A Service Reference When Basic Authentication Has Been Enabled 9f

    The first option is to disable basic authentication, at least just on the metadata, and then return it after adding the web reference.
    The harder option is to open the wsdl in IE, save it locally (including any referenced file, as the one mentioned above), resolve the references to the saved files, and import from disk. The tricky part is to resolve the referenced - you need to open each
    file with a text editor and change import tags to point to local disk.http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog

  • RELEVANCY SCORE 2.89

    DB:2.89:Digest Authentication Against Iis 71


    Hi All,

    I have created a .net web service and deployed it on IIS.
    I am calling it from java. In java I have written following code snippet to pass the creadentials:
    Stub stub = createProxy();
    stub._setProperty(javax.xml.rpc.Stub.ENDPOINT_ADDRESS_PROPERTY,"http://servername/_vti_bin/CreateUser.asmx");
    stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY, "domain\\username");
    stub._setProperty(javax.xml.rpc.Stub.PASSWORD_PROPERTY, "password");It's workng fine when I enable "Basic Authentication" and "Integrated Windows Authentication" on IIS but it gives me unuthorization error when I enable only " Integrated Authentication" or combination of "Integrated Windows Authentication" and "Digest Authentication".

    Do I need to write some another code for "Digest Authentication"?

    Thanks
    Gaurav

    DB:2.89:Digest Authentication Against Iis 71

    Hi All,

    I have created a .net web service and deployed it on IIS.
    I am calling it from java. In java I have written following code snippet to pass the creadentials:
    Stub stub = createProxy();
    stub._setProperty(javax.xml.rpc.Stub.ENDPOINT_ADDRESS_PROPERTY,"http://servername/_vti_bin/CreateUser.asmx");
    stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY, "domain\\username");
    stub._setProperty(javax.xml.rpc.Stub.PASSWORD_PROPERTY, "password");It's workng fine when I enable "Basic Authentication" and "Integrated Windows Authentication" on IIS but it gives me unuthorization error when I enable only " Integrated Authentication" or combination of "Integrated Windows Authentication" and "Digest Authentication".

    Do I need to write some another code for "Digest Authentication"?

    Thanks
    Gaurav

  • RELEVANCY SCORE 2.89

    DB:2.89:Owa Authentication Issue 7x


    an external contractor made few IIS changes when installing 3rd party archiving solution components on CAS and now when I browse to https://cas/owa I get a popup asking me for user names and password opposed to landing on the usual page for OWA where the credentials are entered...
     
    In EMC/server configuration/client access owa's authentication is sert to forms with domain\username logon format, but this does not match in IIS or should it? IIS owa virtual folder has only basic enabled.
     
    Where can I find what the default permissions should be?
    I came accross few applets to re-create virtual folders, but it may disable the stuff the guy did yesterday therefore prefer not to pay again for the archiving installation... ican build another cas to see, but guess trying to save some time
     

    DB:2.89:Owa Authentication Issue 7x

     
    what does https://localhost/Owa get you?
    Could you provide iis logs, is the request hitting iis at all?
    If Forms authentication is enabled in EMC, then owa should not prompt you but should give a form for typing credentials.
    look for any corresponding events

  • RELEVANCY SCORE 2.89

    DB:2.89:Exchange 2010 Sp1 Outlook 2007 Parola Sorunu cf



    server configuration client access altındaki exchange 2010 default gelen tm sertifikaları kaldırdım.Ca kurdum burdan internal isimleri falan tek tek doldurdum.outlook 2007 daki bu sertifika sorusu problemi ortadan kalktı fakat outlook 2007 clientlar
    srekli aılışta kullanıcı adı parola sorma ekranı getiriyo kaydetip parola anımsa diyorum.yine ıkıyor. rpc client access server start problem yok. clientların işletim sistemi bazıları xp bazıları win7
    iis autodiscover authentication altında
    anonymous authentication enabled.
    asp.net impersonation disabled
    basic authentication enabled
    digest authentication disabled
    forms authentication disabled
    windows authentication enabled.
    şeklindedir burda problem varmıdır acaba...
    clientları domainden ıkarıp tekrar join ettim değişiklik yok...

    DB:2.89:Exchange 2010 Sp1 Outlook 2007 Parola Sorunu cf

    merhabalar
    profilin silinip yeniden oluşturulması bazen çözüm olabiliyor. yada control panelde credential manager altında kayıtlı credentials varsa onları temizleyip deneyin.
    Mumin CICEK | www.cozumpark.com

  • RELEVANCY SCORE 2.89

    DB:2.89:Java Client Imitating Ie6 Behavior: Obtain Kerberos Ticket, Then Spnego ds


    Hi,

    Our ogranization has a working Microsoft IIS server with Kerberos authentication.
    Usually, it serves web pages to IE6 clients, which naturally know how to obtain a kerberos ticket - based on windows logon - and send them to IIS using the SPNEGO protocol.

    Now, I need to write my own Java client, which behaves like IE6.
    This is a thick java client, required to run on Windows, and act like a browser:
    - Open an HTTP connection to IIS (with Kerberos authentication)
    - Send a GET request, obtain the result HTML page, and show it in a Swing text area.

    Could anyone please direct me to a working example of such a "Java HTTP client with Kerberos authentication"?
    The client needs 2 functions:

    1. Assuming client runs on a Windows machine, it should be able to obtain Kerberos tickets,
    based on Windows logon (so that user doesn't need to type user/password!)

    2. Open an HTTP connection using the SPNEGO protocol.

    Is there any product/example that supports both those features?
    I've seen various mentions of JAAS, "com.sun.security.auth.module.Krb5LoginModule", but never a simple working example which puts it all together.
    Such an example would be very-very appreciated :)

    Thanks very much.

    DB:2.89:Java Client Imitating Ie6 Behavior: Obtain Kerberos Ticket, Then Spnego ds

    http://java.sun.com/javase/6/docs/technotes/guides/net/http-auth.html

    Don't you read the standard Java documentation?

  • RELEVANCY SCORE 2.88

    DB:2.88:Wcf Service - Basic, Windows Authentication For A Same Service - Is This Possible? f1


    Is it possible to have a same WCF Service in IIS with Basic, Windows Authentication enabled?

    Scenario: We have a WCF service hosted in IIS with Basic Authentication, being used by non-microsoft clients. When this service is invoked by a .NET client,ithas to pass thedomain credentials explicitly thro code. They don't want to do
    that, so we want to enable Windows Authentication for those clients for the same service.

    Please advice if there is any best solution for this scenario. Thanks in advance!!!Thanks

    DB:2.88:Wcf Service - Basic, Windows Authentication For A Same Service - Is This Possible? f1

    Is it possible to have a same WCF Service in IIS with Basic, Windows Authentication enabled?

    Scenario: We have a WCF service hosted in IIS with Basic Authentication, being used by non-microsoft clients. When this service is invoked by a .NET client,ithas to pass thedomain credentials explicitly thro code. They don't want to do
    that, so we want to enable Windows Authentication for those clients for the same service.

    Please advice if there is any best solution for this scenario. Thanks in advance!!!Thanks

  • RELEVANCY SCORE 2.88

    DB:2.88:Share Point Webservice Not Getting Called From Java Client 87


    Hi
    i need to call a sharepoint webservice from Java Client.
    Calling the webservice from SOAP UI works fine but when called from Java client it gives error -
    403-Forbidden - server denied specified URL. Contact Administrator
    i am using Basic Authentication and the same is enabled on IIS server
    The request sent through SOAP UI is

    POST https://techdev.cognizant.com/_vti_bin/Lists.asmx HTTP/1.0
    Accept-Encoding: gzip,deflate
    User-Agent: Axis/1.4
    Content-Type: text/xml;charset=UTF-8
    SOAPAction: http://schemas.microsoft.com/sharepoint/soap/GetListItems
    soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/ xmlns:soap=http://schemas.microsoft.com/sharepoint/soap/
    soapenv:Header/
    soapenv:Body
    soap:GetListItems
    !--Optional:--
    soap:listNameE28F36CA-087E-4290-B0B1-4677227795F1/soap:listName
    !--Optional:--
    soap:viewName03787BB1-7CC3-4ED3-8320-91A3BC34E9DD/soap:viewName
    soap:rowLimit0/soap:rowLimit
    /soap:GetListItems
    /soapenv:Body
    /soapenv:Envelope

    and the request sent through Java client is (using TCPmon)
    POST /_vti_bin/Lists.asmx HTTP/1.0
    Content-Type: text/xml; charset=utf-8
    Accept: application/soapxml, application/dime, multipart/related, text/*
    User-Agent: Axis/1.4
    Host: localhost:8083
    Cache-Control: no-cache
    Pragma: no-cache
    SOAPAction: http://schemas.microsoft.com/sharepoint/soap/GetListItems
    Content-Length: 516
    Authorization: Basic Y3RzXDIzNTg5NjpqdW5fMTk4NQ==
    ?xml version=1.0 encoding=UTF-8?
    soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/ xmlns:xsd=http://www.w3.org/2001/XMLSchema
    xmlns:xsi=http://www.w3.org/2001/XMLSchema-instancesoapenv:BodyGetListItems xmlns=http://schemas.microsoft.com/sharepoint/soap/
    listName9A97BAEB-79B7-44CB-9A1A-6ED8D35AE57B/listNameviewName30286AF3-C42E-4AB6-9B99-0FC37A9AC9A3/viewNamequery/viewFields/
    rowLimit0/rowLimitqueryOptions//GetListItems/soapenv:Body/soapenv:Envelope

    A major difference between two is 'Authorization: Basic Y3RzXDIzNTg5NjpqdW5fMTk4NQ==' which is being passed from java client and not from SOAP UI.

    i am passing authentication credentials via SOAP UI as well.
    also, if i check attribute 'Add authentication information to outgoing request' in SOAP UI preference, it adds 'Authorization:Basic **==' in the request. and this particular request then is giving error.
    from client code, if i remove username/password settings, it does not add Authorization in request (as with SOAP UI) but still giving the same error.
    what can be the possible solution for this ??
    Thanks in Advance

    DB:2.88:Share Point Webservice Not Getting Called From Java Client 87

    Hi
    i need to call a sharepoint webservice from Java Client.
    Calling the webservice from SOAP UI works fine but when called from Java client it gives error -
    403-Forbidden - server denied specified URL. Contact Administrator
    i am using Basic Authentication and the same is enabled on IIS server
    The request sent through SOAP UI is

    POST https://techdev.cognizant.com/_vti_bin/Lists.asmx HTTP/1.0
    Accept-Encoding: gzip,deflate
    User-Agent: Axis/1.4
    Content-Type: text/xml;charset=UTF-8
    SOAPAction: http://schemas.microsoft.com/sharepoint/soap/GetListItems
    soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/ xmlns:soap=http://schemas.microsoft.com/sharepoint/soap/
    soapenv:Header/
    soapenv:Body
    soap:GetListItems
    !--Optional:--
    soap:listNameE28F36CA-087E-4290-B0B1-4677227795F1/soap:listName
    !--Optional:--
    soap:viewName03787BB1-7CC3-4ED3-8320-91A3BC34E9DD/soap:viewName
    soap:rowLimit0/soap:rowLimit
    /soap:GetListItems
    /soapenv:Body
    /soapenv:Envelope

    and the request sent through Java client is (using TCPmon)
    POST /_vti_bin/Lists.asmx HTTP/1.0
    Content-Type: text/xml; charset=utf-8
    Accept: application/soapxml, application/dime, multipart/related, text/*
    User-Agent: Axis/1.4
    Host: localhost:8083
    Cache-Control: no-cache
    Pragma: no-cache
    SOAPAction: http://schemas.microsoft.com/sharepoint/soap/GetListItems
    Content-Length: 516
    Authorization: Basic Y3RzXDIzNTg5NjpqdW5fMTk4NQ==
    ?xml version=1.0 encoding=UTF-8?
    soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/ xmlns:xsd=http://www.w3.org/2001/XMLSchema
    xmlns:xsi=http://www.w3.org/2001/XMLSchema-instancesoapenv:BodyGetListItems xmlns=http://schemas.microsoft.com/sharepoint/soap/
    listName9A97BAEB-79B7-44CB-9A1A-6ED8D35AE57B/listNameviewName30286AF3-C42E-4AB6-9B99-0FC37A9AC9A3/viewNamequery/viewFields/
    rowLimit0/rowLimitqueryOptions//GetListItems/soapenv:Body/soapenv:Envelope

    A major difference between two is 'Authorization: Basic Y3RzXDIzNTg5NjpqdW5fMTk4NQ==' which is being passed from java client and not from SOAP UI.

    i am passing authentication credentials via SOAP UI as well.
    also, if i check attribute 'Add authentication information to outgoing request' in SOAP UI preference, it adds 'Authorization:Basic **==' in the request. and this particular request then is giving error.
    from client code, if i remove username/password settings, it does not add Authorization in request (as with SOAP UI) but still giving the same error.
    what can be the possible solution for this ??
    Thanks in Advance

  • RELEVANCY SCORE 2.88

    DB:2.88:Dynamic Proxy Client And Authentication? 7x


    Hi,

    I've protected my Webservice with Basic Authentication.

    My Static Stub Client get access with - stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY ...
    My DII Client get access with - call.setProperty(Call.USERNAME_PROPERTY ...
    But I can't get acces with a Dynamic Proxy Client.

    I already tried
    System.setProperty("http.basicAuthUserName",username);
    and
    http://myuserid:mypwd@MYHOST:80/mywebapproot/mywebservice?WSDL"

    But I always get

    [java] javax.xml.rpc.ServiceException: modeler error: failed to parse document at "http://myuserid:mypwd@MYHOST:80/mywebapproot/mywebservice?WSDL": java.io.IOException: Server returned HTTP response code: 401 for URL: http://myuserid:mypwd@MYHOST:80/mywebapproot/mywebservice?WSDL

    Another problem is that the ant task wscompile in build.xml doesn't get anymore access to WSDL for creation of Stubs after I setup the Basic Authentication.

    How is it possible to read the WSDL with wscompile and/or a Dynamic Proxy Client after setting up Basic Authentication?

    Thanks for your help

    DB:2.88:Dynamic Proxy Client And Authentication? 7x

    To NX-01: actually Kathy gave me in another thread or mailing list the helpful hint with casting the proxy to the stub. :-)

    But the question is still: is it ok to protected the POST method only and leave the GET method unauthenticated or could in this way any SOAP actions been invoked???
    Merten

  • RELEVANCY SCORE 2.88

    DB:2.88:Ical Not Working With Iis? 8j


    I'm serving an iCal file (.ics) from IIS on windows but iCal can't subscribe to it using anything other than basic authentication.

    If I configure IIS to use digest or integrated windows authentication iCal says "access denied." Safari is able to download the file using these other authentication mechanisms...why can't iCal?

    DB:2.88:Ical Not Working With Iis? 8j

    I'm serving an iCal file (.ics) from IIS on windows but iCal can't subscribe to it using anything other than basic authentication.

    If I configure IIS to use digest or integrated windows authentication iCal says "access denied." Safari is able to download the file using these other authentication mechanisms...why can't iCal?

  • RELEVANCY SCORE 2.87

    DB:2.87:Problem With Digest Authentication On Iis 5.1 dm


    Hi!
    I have WCF service on IIS 5.1 with active digest authentication (service and client are in windows domain).Realm in IIS config window is set to: mydomain.siteConfig file from service:

    transport clientCredentialType=Digest proxyCredentialType=None realm=mydomain.site /

    DB:2.87:Problem With Digest Authentication On Iis 5.1 dm

    ok so maybe something is wrong with domain server thanks for informations

  • RELEVANCY SCORE 2.87

    DB:2.87:Calling Sps 2003 Webservice Using Java 7k


    Hi All,I am using SPS 2003 and created a web service to create  a user profile in SPS.I am calling it from java. In java I have written following code snippet to pass the creadentials:                        Stub stub = createProxy();            stub._setProperty(javax.xml.rpc.Stub.ENDPOINT_ADDRESS_PROPERTY,http://servername/_vti_bin/CreateUser.asmx);                         stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY, domain\\username);            stub._setProperty(javax.xml.rpc.Stub.PASSWORD_PROPERTY, password);It's workng fine when I enable Basic Authentication and Integrated Windows Authentication on IIS but it gives ne unuthorozation error when I enable Only Integrated Authentication or combination of Integrated Windows Authentication and Digest Authentication.Do I need to write some another code for Digest Authentication?ThanksGaurav

    DB:2.87:Calling Sps 2003 Webservice Using Java 7k

    A solution in java is to use Axis 2.0 (free) for web srevice ntlm authentication Serge Luca Serge Luca; blog: http://www.redwood.be

  • RELEVANCY SCORE 2.87

    DB:2.87:Jbossws Client Not Sending Basic Authentication jm



    Hi, I have a web service client that is trying to call a webservice secured with basic authentication. I had this working with JAVA 6 but not with JAVA 5.I am setting the username and password correctly as seen below but I am still getting a 401 error code back. When I used tcpmon to inspect the request\response, I can see that the username and password is not being passed to the client.

    Map requestContext = ((BindingProvider) manager).getRequestContext();
    requestContext.put(BindingProvider.USERNAME_PROPERTY, username);
    requestContext.put(BindingProvider.PASSWORD_PROPERTY, password);

    DB:2.87:Jbossws Client Not Sending Basic Authentication jm


    Which version of JBossWS are you using? Given the current lib configuration, you're using the different jax-ws implementation when switching from JDK 1.5 to 1.6 (more specifically you use the Sun's one with JDK6 as you don't have jbossws specific jars in endorsed dir).Perhaps you might want to try with more recent jbossws version?

  • RELEVANCY SCORE 2.87

    DB:2.87:Iis 6 And Basic Authentication zz


    Is there some way to set a time-out period for user access when using IIS 6 and Basic Authentication ?  TIA ...

    DB:2.87:Iis 6 And Basic Authentication zz

    This is perfect, thanks !e.p.s. I was actually looking for the IIS forum first, but could not find it under the new (upgraded?) site layout.

  • RELEVANCY SCORE 2.86

    DB:2.86:How To Install Iis Features Programmatically 1f


    Hi,
    I want to install some rolesin the IIS programmatically.
    Samples for the roles:
    MetabaseCompatibility, StaticContent, IIS Basic Authentication, IIS Windows Authentication.
    Does anybody knows how to do this on Windows Server 2008 R2 x64?
    Thanks
    Christian

  • RELEVANCY SCORE 2.86

    DB:2.86:Wcf Security Mode And Iis Security Settings? pa


    Hi,I have published a BizTalk orchestration as WCF Web service. I have set Security mode on TransportCredentialOnly and Transport client credential type on Basic. In IIS I have set Authenticated access (located under the tab Directory Security -- Authentication and access control) to Basic. I have not secured with SSL yet, because it is a test environment.When I try to test the web service (by right click on SVC file and select Browse), then Windows requests for a user name and a password. After I enter the user name and password, then I get the following exception:Security settings for this service require 'Anonymous' Authentication but it
    is not enabled for the IIS application that hosts this service.Do I forget to set something else? Because if I turn on Enable anonymous access, then the web service runs correctly. 

    DB:2.86:Wcf Security Mode And Iis Security Settings? pa

    Hi Mark,You are right. IIS must be set to Anonymous access and WCF handles security. I have tested with a test client and it works as expected.BizTalk help documentation is somehow misleading with the following instruction:The Transport client credential type property must match the
    authentication scheme of the IIS virtual directory hosting this receive
    location. For example, if the property is set to Windows, you also need
    to enable Integrated Windows authentication for the virtual directory
    that hosts it. Similarly if the property is set to None, you must allow
    anonymous access to the virtual directory that hosts this receive location.Thanks for your confirmation.Best regards,Tuan

  • RELEVANCY SCORE 2.86

    DB:2.86:Wcf Authentication Vs Iis Authentication mj


    When you use WCF with wsHttpBinding and message security you need to set authentication in IIS to Anonymous (authentication is taken care of within WCF) if I have understand it correct.
    But say you want your service to be compatible with legacyclients which expects the service to behave lika an .asmx service and using basic authentication. Let forget about SSL for now and assume clear username/password is acceptable. If I understand
    it correctly then you need to set authentication in IIS to basic authentication (and usebasicbinding and TransportCredentialOnly) and not having anonymous authentication selected in IIS.
    But how can you have bothoptions available at the same time using different endpoints? For example one binding accessing the service using wshttpBinding and message security and another whichuse basic binding like the above? Is it possible?
    The client accessing the service might both be .NET clients or a client in any other development tool using Soap 1.1.
    Or is there any other options which are possible to use?

    DB:2.86:Wcf Authentication Vs Iis Authentication mj

    Hi magnusb999,
    I think the problem you mentioned does be a limitation when using IIS as the hosting environment for WCF service as it use .svc file(document) as the service activation point. And IIS level authentication setting can only be set a single and unique value
    for a given document/extension. So for your case(that you will need a WCF service require both IIS authentication enabled and disabled), the most straightfoward means is to create two separate services and each of them have the corresponding endpoint(one use
    transport security , the other use message level security).

    And for basic authentication, an alternative is to use username authentication(or custom authentication via SOAP Header) to replace it (for legacy client) so that you can also let legacy client inject soap header for authentication(keep IIS authentication disabled).Please remember to mark the replies as answers if they help and unmark them if they provide no help.

  • RELEVANCY SCORE 2.86

    DB:2.86:Client-Cert Authentication In Wl7 xx



    Hi,
    I'm trying to enforce two-way authentication for clients (java applications) accessing
    a web service running on WL7.
    Web service is configured to accept requests over https only. With BASIC authentication
    it works. When I
    switch it to use CLIENT-CERT authentication I cannot connect to the web service.
    I've set the
    "javax.net.debug" directive to "ssl" and noticed that during the handshake procedure
    the server doesn't
    produce client certificate request. May it be the cause of the problem? If so,
    how can I make the server to
    generate client cert request?

    DB:2.86:Client-Cert Authentication In Wl7 xx

    Exactly, it was the reason. Thanks.

    Marcin

    On 14 Nov 2003 10:29:39 -0700, Pavel PavelS@no.spam wrote:

    You must have been accessing the server over one-way SSL. Make sure the
    two-way
    ssl server attribute is set to: Client Certificate Enforced, or Client
    Certificate
    Requested But Not Enforced.
    This should be all that is needed to make the server send the
    certificate request.
    With Client Certificate Enforced option you should be getting ssl
    handshake failure
    unless the client sends its certificate.

    Pavel.

    yazzva marcina@rodan.pl wrote:
    Yes, I have. If I had not done it, I couldn't have accessed the service

    via https using basic authentication, and of course ssl debugging
    information and server configuration show that ssl is configured
    properly.

    The problem is that WL7 doesn't generate client cert request. Thanks
    for
    an attempt to help.

    Have you configured the server for two way ssl?
    See
    http://e-docs.bea.com/wls/docs70/security/SSL_client.html#1029705
    http://e-docs.bea.com/wls/docs70/secmanage/ssl.html#1168174
    for information on this.

    Pavel.

    "yazzva" marcina@rodan.pl wrote:
    Hi,
    I'm trying to enforce two-way authentication for clients (java
    applications)
    accessing
    a web service running on WL7.
    Web service is configured to accept requests over https only. WithBASIC
    authentication
    it works. When I
    switch it to use CLIENT-CERT authentication I cannot connect to theweb
    service.
    I've set the
    "javax.net.debug" directive to "ssl" and noticed that during the
    handshake
    procedure
    the server doesn't
    produce client certificate request. May it be the cause of the
    problem?
    If so,
    how can I make the server to
    generate client cert request?--
    Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/

  • RELEVANCY SCORE 2.85

    DB:2.85:Problem With Using Http Basic Authentication To Access Web Service cm


    Hello guys, I published a webservice (ws) on my IIS and applied Basic Authentication. I can browse the ws by typing in username and password from browser. However, I can not call it by code. My client code is like:...            ServiceReference.Service1SoapClient wsc = new TestOverall.ServiceReference.Service1SoapClient();                        wsc.ClientCredentials.UserName.UserName = username;            wsc.ClientCredentials.UserName.Password = pwd;            wsc.Open();            string result = wsc.HelloWorld();//got exception here...The exception I got is :The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm=localhost'.I am thinking maybe I miss settings or some pieces of code?Please feel free to advise me.Thanks a lot,ELton

    DB:2.85:Problem With Using Http Basic Authentication To Access Web Service cm

    If you've used basic authentication, then you need to go to your iis, to the properties of the virtual directory, and in the security tab remove the check from the allow anonymous access and check the windows integrated authentication checkbox

  • RELEVANCY SCORE 2.85

    DB:2.85:Force Ie To Use Basic Authentication Instead-Of Ntlm^ 3f


    Hi,I want to force my IE to always used the Basic authentication protocol, even when the user go to a site setup for NTLM.I can't change my IIS servers to allow only basic authentication, so the setup MUST be on the desktop side.what can I do?how to change the order of the protocols used to make the basic authentication first?thanks.

    DB:2.85:Force Ie To Use Basic Authentication Instead-Of Ntlm^ 3f

    Hi,Based on my research, I would like to share you the following article:Authentication Uses NTLM instead of KerberosThanks,Novak

  • RELEVANCY SCORE 2.85

    DB:2.85:The Http Request Is Unauthorised With Client Authentication Scheme Negotiate While Deploying The Solution Using Vsewss 1.3 dz


    Hi Guys, I am looking for the help configuring the VseWss1.3 on my Window 7 64 bit laptop. please find the details below. I have installed MOSS 2007 64 bit with IIS 7.5 on my laptop using WssOnVista helper utility from Bamboo Solution. issue is that when i deploy the webpart through vsewss tool in visual studio, getting following error. Error - The HTTP request is unauthorised with client authentication scheme 'Negotiate'. The authentication header received from the server was Then i enable the Basic Authentication. After enabling this it is giving me following error. Error - The HTTP request is unauthorised with client authentication scheme 'Negotiate'. The authentication header received from the server was'Basic realm=127.0.0.1' Guys help me to find out the resolution for the above mentioned error. Regards, Abhishek Verma

    DB:2.85:The Http Request Is Unauthorised With Client Authentication Scheme Negotiate While Deploying The Solution Using Vsewss 1.3 dz

    VSeWSS 1.3's reuqirement is:

    Supported Operating Systems: Windows Server 2003; Windows Server 2008

    Visual Studio 2008
    either Windows SharePoint Services 3.0 or Microsoft Office SharePoint Server 2007

  • RELEVANCY SCORE 2.85

    DB:2.85:Basic Authentication Using Security Mode Transportcredentialonly px


    i am trying to achieve username/password authentication using Basic as security mode in my config file. i have a requirement to make my service available on HTTP so HTTPS is not an option. The other requirement that i have is that the client should be authenticated
    (from a database so Windows authentication is not an option) using username and password that he will provide.
    following is the code:
    A class added in the service project:
    public class ServiceValidator : UserNamePasswordValidator
    {
    public override void Validate(string userName, string password)
    {
    // This isn't secure, though!
    if ((userName != mohsin) || (password != mohsin))
    {
    throw new SecurityTokenException(Validation Failed!);
    }
    }
    }
    my service.config looks like this
    bindings
    basicHttpBinding
    binding
    ...
    security mode=TransportCredentialOnly
    transport clientCredentialType=Basic /
    /security
    /binding
    /basicHttpBinding
    /bindings
    behaviors
    serviceBehaviors
    behavior
    serviceCredentials
    userNameAuthentication userNamePasswordValidationMode=Custom customUserNamePasswordValidatorType=ServiceLayer.ServiceValidator, ServiceLayer/
    /serviceCredentials
    /behavior
    /serviceBehaviors
    /behaviors
    and the client config:
    system.serviceModel
    bindings
    basicHttpBinding
    binding
    security mode=TransportCredentialOnly
    transport clientCredentialType=Basic proxyCredentialType=None
    realm=
    extendedProtectionPolicy policyEnforcement=Never /
    /transport
    /security
    /binding
    /basicHttpBinding
    /bindings
    client
    ...
    /client
    /system.serviceModel
    The client code that i use to access the service is:
    MyServiceClient loClient = null;
    try
    {
    loClient = new MyServiceClient();
    loClient.Credentials.UserName.UserName = mohsin;
    loClient.Credentials.UserName.Password = mohsin;

    return loClient.GetAllOrders();
    }
    the exception that i receive is:
    The HTTP request is unauthorized with client authentication scheme 'Basic'. The authentication header received from the server was 'Basic realm=mohsin.abc.com'.
    where mohsin.abc.com is my fill computer name (abc.com is the domain of my computer and mohsin is the name of my system)

    i have disabled all other authentication in my IIS for the service except Basic.
    i have been googling this for hours now and cannot find a solution to this ... i cannot figure out what is going wrong .. any help is highly appreciated

    DB:2.85:Basic Authentication Using Security Mode Transportcredentialonly px

    Your link was helpful in getting some more information on how to tackle Basic authentication but I could not get the exact solution for my scenario.
    I have a WCF 4.0 service which is part of a ASP.NET Web application and hosted in IIS 7. I have Basic Authentication turned on for the Virtual directory. My config on the service side looks like this :
    wsHttpBinding binding name=wsBinding security mode=Transporttransport clientCredentialType=Basic / /security /binding /wsHttpBinding
    service name=bb.Interface behaviorConfiguration=bb_Behavior endpoint address= binding=wsHttpBinding bindingConfiguration=basicBinding name=BasicEndpoint contract=RIHandshake.IRIHandshakeHandler/endpoint
    /service behavior name=RIHandshake_Behavior serviceMetadata httpsGetEnabled=true / /behavior
    I am trying to consume this service from a ASP.NET Web application which is also hosted no the same IIS 7 instance and secured by BASIC authentication. For some reason I am not able to get it to work. At the client end I have the following config.
    wsHttpBinding
    binding name=BasicEndpoint
    security mode=Transport
    transport clientCredentialType=Basic proxyCredentialType=None
    realm= /
    /security
    /binding
    /wsHttpBinding
    /bindings
    client
    endpoint address=https://host1.com/Interface.svc
    binding=wsHttpBinding bindingConfiguration=BasicEndpoint
    contract=bb.Handler name=BasicEndpoint /
    /client
    I started without Basic authentication and was able to access the service from the ASP.NET client without any issues over https (i.e. with a slightly modified config settings from what is shown above. But now I am trying to make it work with Basic authentication
    and am not able to.
    Can you suggest what I might be doing wrong or point me to any samples that you may have with similar implementation?
    Thanks in advance.
    Raj

  • RELEVANCY SCORE 2.85

    DB:2.85:Using Jwsdp 1.6 To Connect To Iis With Basic And Mutual Authentication 1k


    Is this possible? It seems that if you specify both basic and mutual authentication, the mutual authentication request (coming from IIS) is ignored and the client (built on jwsdp 1.6) does not send the certificate to the server. IIS can be configured to accept client certificates in combination with basic authentication and this works when using MS web service client.

    DB:2.85:Using Jwsdp 1.6 To Connect To Iis With Basic And Mutual Authentication 1k

    Is this possible? It seems that if you specify both basic and mutual authentication, the mutual authentication request (coming from IIS) is ignored and the client (built on jwsdp 1.6) does not send the certificate to the server. IIS can be configured to accept client certificates in combination with basic authentication and this works when using MS web service client.

  • RELEVANCY SCORE 2.85

    DB:2.85:Installing Sharepoint 2010 On Windows 8 - Windows Authentication 9p


    Hi All,
    I have just managed to install SharePoint 2010 foundation on my Windows 8(Basic) machine.
    It has IIS 8.
    Everything seems to work fine except for windows authentication.
    I don't get Windows authentication option under IIS- Authentication. Windows Authentication do exists as a module in IIS.

    I even don't get windows Authentication as add/remove features under IIS configuration.
    At present I am using Basic authentication to access my site. SharePoint Designer 2010 does not allow me to open SharePoint site in basic authentication mode.
    How do I enable Windows Authentication ?
    Please help!

    DB:2.85:Installing Sharepoint 2010 On Windows 8 - Windows Authentication 9p

    I have the same issue, I followed this articlehttp://social.technet.microsoft.com/wiki/contents/articles/8586.installing-sharepoint-server-2010-on-windows-8-using-server-farm-installation-type-without-a-domain-controller.aspx please if you found
    something let us know!!

  • RELEVANCY SCORE 2.84

    DB:2.84:Exchange Web Services With Client Certificate (One-To-One Mapping) zx


    Hi.Iam having a java client which has proxy classes generated with jax-ws to use the EWS. This proxy only supports SOAP11.WhatIneed is to configureexchange servers with CAS role to (additionally to the default authentication) map onecertificate to one windows accout. Until now I:
    imported the servers certificate and enabled it(import-ExchangeCertificate -fileData ([Byte[]]$(get-content -pathcertpath -encoding byte -readCount 0)) -password:security-string pwd| enable-ExchangeCertificate -services IIS)
    created a client certificate mapping in IIS 7
    and here is whereIgot stuck

    What doI have to changein the ...\V14\ClientAccess\exchweb\ews\web.config to get this scenario work?I guessI need a new endpoint with a different customBinding but for testing purposeIreplaced thecurrent EWSBinding to use the client certificate mapping configured in IIS - and failed. I triedbasicHttpBinding and several customBindings,I can't use wsHttpBinding because it uses SOAP12.any advice?thx,stefan

    DB:2.84:Exchange Web Services With Client Certificate (One-To-One Mapping) zx

    I think this question isnt what the build-in features will do in the exchange 2010 natively, and the improper changes can make potential risk on the running of exchange server. You may ask this question in the Development forum where the experts on the programming might offer certain valuable suggestions
    However, I would suggest you to contact Microsoft Customer Support Service (CSS) for assistance as the task might require the change of the inside of the exchange product, so that this problem can be resolved efficiently and safely
    Phone list [US, outside of US]James Luo TechNet Subscriber Support (http://technet.microsoft.com/en-us/subscriptions/ms788697.aspx) If you have any feedback on our support, please contact tngfb@microsoft.com

  • RELEVANCY SCORE 2.84

    DB:2.84:Webdav Setup s3


    I have been trying to setup WebDAV for a day or two now.
    I keep getting a java error.
    oracle.apps.xdo.servlet.scheduler.ProcessingException: java.lang.StringIndexOutOfBoundsException: String index out of range: -1
    at oracle.apps.xdo.servlet.scheduler.XDOJob.deliver(XDOJob.java:1621)
    at oracle.apps.xdo.servlet.scheduler.XDOJob.execute(XDOJob.java:478)
    at org.quartz.core.JobRunShell.run(JobRunShell.java:195)

    My WebDAV drive is
    http://myserver/webdav/
    So my host name in Publisher is set to
    http://myserver/webdav/

    I have turned on the following in IIS
    Basic and Digest authentication.

    Any tips?

    DB:2.84:Webdav Setup s3

    for the Host take out 'http://' as BI Publisher automatically assumes the 'http://'.

  • RELEVANCY SCORE 2.84

    DB:2.84:Restful Wcf And Basic Authentication Via Fiddler kj


    I have created a WCF rest web service. However the client has requested the service be locked down with Basic Authentication but allow them to present the authorization token on first response rather than a challenge. Unfortunately I only have IIS 6 on my
    test machine
    I only really need to simulate Basic Authentication so I doing this over anonymous and throwing an error if the Authorisation token is incorrect. However auth token is not available to the WCF

    http://localhost/test.svc/get/token/

    Content-Type: application/x-www-form-urlencoded
    Authorization: Basic Base64Value
    If I remove anonymous and add basic in IIS. All's I get is a 401. Which I guess in IIS doing the authentication before the WCF.
    Ideally I'd just like anoymous access and be able to access the authorization header. How can I get the auth header

    DB:2.84:Restful Wcf And Basic Authentication Via Fiddler kj

    Hi Bobby,
    As you mentioned, you have enabled anonymous in IIS for the WCF hosting application(virtual directory), then the IIS will not ask client for credentials and will not perform authentication by default. For WCF side, it will also think the transport layer
    hasn't enabled authentication and will not populate credentials.

    If you do want to keep anonymous access enabled and also be able to let WCF service code get the Basic authentication token the client send manually(not rquired by the IIS server), you can consider programmtically accesing the HTTP headers(for basic authentication)
    and extract the authentication credentials out. Here are some reference about accessing http headers in WCF service:

    #Setting HTTP Headers in WCF (.NET 3.5)
    http://blogs.msdn.com/b/justinjsmith/archive/2007/08/22/setting-http-headers-in-wcf-net-3-5.aspx#Message
    Inspectors
    http://msdn.microsoft.com/en-us/library/aa717047.aspx
    In addition, you canadd custom HTTP headers in WCF service request for your own authentication/validation code logic.
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

  • RELEVANCY SCORE 2.84

    DB:2.84:Windows Features Fail To Install During Deployment cc


    I moved this from
    here .

    So, like
    this guy, I'm using WDS and MDT. I've been using this for quite some time. I've deployed the OS with apps just fine but this one has me stumped.
    I've created Applications in MDT to install various Windows Features. Running the command on a newly loaded PC yields the results I'm looking for, however, running them during the deployment fails....but never says so. When the deployment
    finishes, it says it finished successfully but when I look at the check-boxes, they aren't checked. Again, if I manually run the following commands they work just fine....

    pkgmgr /l:%temp%\pkgmgr-iis.log /iu:IIS-WebServerRole;IIS-ApplicationDevelopment;IIS-NetFxExtensibility;IIS-ASP;IIS-ASPNET;IIS-CGI;IIS-ISAPIExtensions;IIS-ISAPIFilter;IIS-ServerSideIncludes;IIS-HttpRedirect;IIS-IIS6ManagementCompatibility;IIS-LegacyScripts;IIS-WMICompatibility;IIS-Metabase;IIS-LegacySnapIn;IIS-HealthAndDiagnostics;IIS-CustomLogging;IIS-HttpLogging;IIS-LoggingLibraries;IIS-RequestMonitor;IIS-HttpTracing;IIS-Performance;IIS-HttpCompressionDynamic;IIS-HttpCompressionStatic;IIS-Security;IIS-BasicAuthentication;IIS-DigestAuthentication;IIS-RequestFiltering;IIS-URLAuthorization;IIS-WindowsAuthentication

    pkgmgr /l:%temp%\pkgmgr-msmq.log /iu:MSMQ-Container;MSMQ-Server;MSMQ-HTTP;MSMQ-Trigger

    pkgmgr /l:%temp%\pkgmgr-indexing.log /iu:Indexing-Service-Package
    pkgmgr /l:%temp%\pkgmgr-telnet.log /iu:TelnetClient
    pkgmgr /l:%temp%\pkgmgr-was.log /iu:WAS-WindowsActivationService;WAS-NetFxEnvironment;WAS-ConfigurationAPI;WAS-ProcessModel

    The following packages end up NOT being checked when I go to verify the end result:

    IIS-CustomLogging (Custom Logging)
    IIS-LoggingLibraries (Logging Tools)
    IIS-HttpTracing (Tracing)
    IIS-HttpCompressionDynamic (Dynamic Content Compression)
    IIS-BasicAuthentication (Basic Authentication)
    IIS-DigestAuthentication (Digest Authentication)
    IIS-URLAuthorization (URL Authorization)
    IIS-WindowsAuthentication (Windows Authentication)
    MSMQ-HTTP (MSMQ HTTP Support)
    MSMQ-Triggers (MSMQ Triggers)

    By the way, adding cmd /c start /w to the commands doesn't produce any different results.

    DB:2.84:Windows Features Fail To Install During Deployment cc

    Hi,
    Thank you for sharing the information here. Your time and efforts are appreciated.
    You can submit the feedback and suggestions to the Product Feedback Team :
    http://mymfe.microsoft.com/Windows%20%207/Feedback.aspx?formID=195
    Regards,Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”

  • RELEVANCY SCORE 2.84

    DB:2.84:Wcf Reading Http Header Authorization For Basic Authentication d3


    Hi,
    I have a self hosted WCF service that uses basicHttpBinding and custom UserNamePassword authentication. The UserNamePasswordValidator is used here.
    Everything works file until recently we moved the WCF service to IIS 6.0. The UserNamePasswordValidator is not working on IIS 6.0. I did some research and the answer I got is UserNamePasswordValidator is not supported on IIS 6.0 (please
    correct me if I am wrong and that is going to be a good news for me).
    Therefore I have to customize the authentication without using UserNamePasswordValidator. I have to use the current client code as it is already integrated in production. The current client code is providing UserName and Password which
    becomes the Authorization line of the HTTP Headers. For example:
    Authorization: Basic nwVks32bbda3dsdflkajncld==
    My question is how I can read the Authorization HTTP header from WCF service?
    The plann is if I can read the value nwVks32bbda3dsdflkajncld== from WCF I can decode it and do my own authentication.
    I am using Visual Studio 2010, .Net 4.0, IIS 6.0.
    Any help is highly appreciated.
    Thanks.

    DB:2.84:Wcf Reading Http Header Authorization For Basic Authentication d3

    Peter,
    I found the way to get the HTTP Authorization header.
    OperationContext
    currentContext = OperationContext.Current;
    HttpRequestMessageProperty
    reqMsg = currentContext.IncomingMessageProperties[httpRequest]
    as
    HttpRequestMessageProperty

    ;

    string
    authToken = reqMsg.Headers[Authorization];
    But I thinkyour custom message inspector is a better solution for this scenario if it is going to work. I will try to implement it and will let you know how it goes.
    Thanks a lot,
    Guoyong

  • RELEVANCY SCORE 2.84

    DB:2.84:Mutual Authentication Ssl Blade Proxying To An Iis Web Server 7d



    I am trying to get mutual authentication working between an SSL Blade and IIS Web Server and was wondering is there a debug command for showing which cert is being sent from the proxy client service to the web server when a client cert is connected.

    DB:2.84:Mutual Authentication Ssl Blade Proxying To An Iis Web Server 7d


    I am trying to get mutual authentication working between an SSL Blade and IIS Web Server and was wondering is there a debug command for showing which cert is being sent from the proxy client service to the web server when a client cert is connected.

  • RELEVANCY SCORE 2.84

    DB:2.84:Thread: Iis 5 And Authentication 1k


    I have been running WebAccess 7 on a Windows 2000 server using IIS 5.0. Users that have updated to IE 7 can no longer log in and receive a 401.4 Unauthorized: Authorization denied by Filter message. I have been using Basic and Digest Authentication on the IIS web site and it seems that IE 7 has problems with Digest Authentication.

    What level of authentication should I be running on IIS 5?

    Thanks

    DB:2.84:Thread: Iis 5 And Authentication 1k

    Okay I\'ll look for that thanks.

    Do I need to be running Digest Authentication? I am using SSL so could I just use Basic Authentication? It would be nice to bypass the domain login if possible and just have the users be prompted to log in to Groupwise.

    Thanks again.

  • RELEVANCY SCORE 2.84

    DB:2.84:Ssl Without Authentication jk


    This thread relates to the use of SSL transport for WCF without user authentication. Essentially the requirement is for information to be transmitted in secure format, but we do not care that the submitter of that information has proved their identity.
    I plan to detail the trials and tribulations here - such that anyone else with the same issue may benefit. So far many hours of work have gone into it.. if anyone else has input it'd be great.
    The following steps have been taken:
    - Created a root CA and used it to create a certificate
    - Set the webservice up to run through IIS with the cert
    - Configured the anonymous login in the IIS console, made anonymous the only auth method
    - Configured WCF service and client to use transport security with clientCredentialType=None
    The error message appearing is:
    The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was ''.
    If I set IIS to allow Windows pass-thru auth, this happens:
    The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'.
    In an attempt to humour it I set up clear text auth and specify a password from the client side (just testing - as in PROD we cannot use any auth):
    The HTTP request is unauthorized with client authentication scheme 'Basic'. The authentication header received from the server was 'Basic, Realm=abracadabra.com'.
    This last one was completely unexpected! Especially since the realm was specified in the app.config and it matched the server settings exactly. Can someone from Microsoft confirm that WCF even supports SSL without logging-in first?
    I can provide config files and more details if required.. Maybe even a small test harness if that will help?

    DB:2.84:Ssl Without Authentication jk

    Finally got it.. I had to change to a custom binding instead of HTTPS default. I do not know why this works, but it does:

    bindings
    customBinding
    binding name=bigButtBiscuitBinding
    httpsTransport /
    /binding
    /customBinding
    /bindings

  • RELEVANCY SCORE 2.83

    DB:2.83:Http Authentication (Iis 64-Bit) sz





    Im looking for a solution that will offer basic http authentication on a Windows server (2003) with Plesk 8.4 running IIS. This is a 64 bit server, so the options found (iispassword and Authentix) dont want to work very well.

    Are there any solutions that will work for this?

    Thanks in advance,

    -J

    DB:2.83:Http Authentication (Iis 64-Bit) sz




    Is the Plesk Protected URLs not that you are looking for?

    http://download1.swsoft.com/Plesk/Plesk8.4/Doc/en-US/plesk-8.4-win-clients-guide/25087.htm

  • RELEVANCY SCORE 2.83

    DB:2.83:Iis Integrated Windows Authn Vs. Java Gss Api Kerberos Authn pc


    Hi,

    I am new to Java GSS API. I have a client requirement to use Java GSS Kerberos Authentication instead of using IIS for Integrated Windows Authentication. In IWA, the IE browser automatically picks up the logged-in windows user credentials and passes it to IIS, which authenticates you against Active Directory and returns SUCCESS.

    We are planning to write a Servlet/JSP code on Apache Tomcat, using Java GSS API to do Kerberos Authentication and return SUCCESS to the user. When I look at the examples:
    http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/tutorials/AcnOnly.html#RunAc
    it says:
    "You will be prompted for your Kerberos user name and password, and the underlying Kerberos authentication mechanism specified in the login configuration file will log you into Kerberos. If your login is successful, you will see the following message: Authentication succeeded!"
    Does this mean that in Kerberos Authentication using Java GSS API, the user will have to enter his windows credentials for authentication? Is there a way for the credentials to be passed from Windows automatically to the API, without user intervention?

    Any links detailing the procedure would be of great help.

    Thanks,
    shetty2k

    DB:2.83:Iis Integrated Windows Authn Vs. Java Gss Api Kerberos Authn pc

    Hi,

    I am new to Java GSS API. I have a client requirement to use Java GSS Kerberos Authentication instead of using IIS for Integrated Windows Authentication. In IWA, the IE browser automatically picks up the logged-in windows user credentials and passes it to IIS, which authenticates you against Active Directory and returns SUCCESS.

    We are planning to write a Servlet/JSP code on Apache Tomcat, using Java GSS API to do Kerberos Authentication and return SUCCESS to the user. When I look at the examples:
    http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/tutorials/AcnOnly.html#RunAc
    it says:
    "You will be prompted for your Kerberos user name and password, and the underlying Kerberos authentication mechanism specified in the login configuration file will log you into Kerberos. If your login is successful, you will see the following message: Authentication succeeded!"
    Does this mean that in Kerberos Authentication using Java GSS API, the user will have to enter his windows credentials for authentication? Is there a way for the credentials to be passed from Windows automatically to the API, without user intervention?

    Any links detailing the procedure would be of great help.

    Thanks,
    shetty2k

  • RELEVANCY SCORE 2.83

    DB:2.83:Active Directory Client Certificate Authentication 1x


    Hi all,
    I'm currently trying to implement an Active Directory client certificate authentication for OWA but I'm experiencing troubles... the server is running a windows 2008 Server with IIS 7.0.
    I've configured the following:
    1. Enable AD Client Certificate authentication in IIS Manager - MyServer - Authentication
    2. Accept Client Certificate in IIS Manager - MyServer - Sites - owa - SSL Settings
    3. Enable ClientCertificateMappingAuthentication in IIS Manager - MyServer - Sites - owa - Configuration Editor

    This process works for only one user! Other must re-enter username and password...and for both Iexplorer Firefox.
    Has someone experienced the same issue?

    Thanks for your help,
    Alligat0r

    DB:2.83:Active Directory Client Certificate Authentication 1x

    Hi
    You can read this blog and check the process.
    Please not care for the title.
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

  • RELEVANCY SCORE 2.83

    DB:2.83:Problems Setting Up Ntlm Authentication For Outlook Anywhere cx


    Guys,
    I have tried to set up this authentication type by doing it in IIS and also EMC. I basically followed these instructions listed below and the outlook client would not connect to the server. Any ideas???? Also i have to try this during maintenace window as
    well since it may disrupt user connectivity when i apply the settings again right?
    1.
    On the CAS server in the EMC changed the authentication from Basic to NTLM and restarted the Microsoft Exchange Service Host service for it to replicate to IIS.
    2. Changed the Authentication for the RPC Virtual Directory to Windows Authentication
    3.
    On the Outlook client changed the authentication from Basic to NTLM and we were able to login to Outlook Anywhere using NTLM.
    3.
    You can follow the following KB to set the LMCompatibilty if you need to be able to login to Outlook without having to enter the credentials.

    Comments?

    DB:2.83:Problems Setting Up Ntlm Authentication For Outlook Anywhere cx


    Hi cwdgomez1,

    Any updates on this issue?

    Please use rpcping to do a test.

    How to use the RPC Ping utility to troubleshoot connectivity issues with the Exchange over the Internet feature in Outlook 2007 and in Outlook 2003

    http://support.microsoft.com/kb/831051

    I also suggest you check the event log on your CAS server, and paste the related information in your next post.

    Thanks,

    Evan
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

  • RELEVANCY SCORE 2.82

    DB:2.82:Windows Authentication Fails From Mac Browser When Lb Is In Between kc


    (1)A new instance of Windows server 2008 R2 is taken and IIS server is installed.
    On IIS server, Windows Authentication is enabled and all the other authentication (anonymous, basic) is disabled.
    (2)From Safari browser on Mac, a IIS resource (protected by Windows Authentication) is accessed by directly accessing IIS server. The resource access is successful.
    (3)Now a Load Balancer is configured in front of IIS server.
    (4)From Safari browser on Mac, a IIS resource (protected by Windows Authentication) is accessed by accessing load balancer. Here IIS server prompts for username and password.

    Seems that authentication negotiation is failing between Mac browser and IIS when LB is in between. Can somebody pls know the reason / resolution for this issue ?

    Thanks

    DB:2.82:Windows Authentication Fails From Mac Browser When Lb Is In Between kc

    (1)A new instance of Windows server 2008 R2 is taken and IIS server is installed.
    On IIS server, Windows Authentication is enabled and all the other authentication (anonymous, basic) is disabled.
    (2)From Safari browser on Mac, a IIS resource (protected by Windows Authentication) is accessed by directly accessing IIS server. The resource access is successful.
    (3)Now a Load Balancer is configured in front of IIS server.
    (4)From Safari browser on Mac, a IIS resource (protected by Windows Authentication) is accessed by accessing load balancer. Here IIS server prompts for username and password.

    Seems that authentication negotiation is failing between Mac browser and IIS when LB is in between. Can somebody pls know the reason / resolution for this issue ?

    Thanks

  • RELEVANCY SCORE 2.82

    DB:2.82:Http Basic Authentication With Iis Problem dd


    Hi, I'm having a problem with HTTP Basic authentication and IIS hosted WCF service. I want to have most basic scenario with validation of credentials against Windows accounts. Unfortunately I always get HTTP 401 response code. The application on IIS has both Anonymous access and Basic authentication modules enabled. My WCF config is:
    system.serviceModel
    serviceHostingEnvironment aspNetCompatibilityEnabled=true/
    bindings
    basicHttpBinding
    binding name=BasicHttpBindingConfiguration maxBufferSize=5242880 maxReceivedMessageSize=5242880 allowCookies=true
    readerQuotas maxStringContentLength=5242880 maxArrayLength=5242880 /
    security mode=TransportCredentialOnly
    transport clientCredentialType=Basic /
    /security
    /binding
    /basicHttpBinding
    /bindings
    services
    service behaviorConfiguration=MyServiceBehavior
    name=Service.MyService
    endpoint address= binding=basicHttpBinding bindingConfiguration=BasicHttpBindingConfiguration
    contract=Service.IMyService
    identity
    dns value=localhost /
    /identity
    /endpoint
    endpoint address=mex binding=mexHttpBinding contract=IMetadataExchange /
    /service
    /services
    behaviors
    serviceBehaviors
    behavior name=MyServiceBehavior
    serviceMetadata httpGetEnabled=true /
    serviceDebug includeExceptionDetailInFaults=true /

    /behavior
    /serviceBehaviors
    /behaviors
    /system.serviceModel

    The client is created using .NET Compact Framework by adding a web reference. The service invocation code is:
    MyService client = new MyService() { Url = configuration.MyServiceUrl };
    client.PreAuthenticate = true;
    client.Credentials = new NetworkCredential(user, password);
    client.Operation();

    Credentials are valid of course. The response has no body, just headers. If I provide wrong credentials, then there's body generated by authentication module. Can anyone help me with this one?

    DB:2.82:Http Basic Authentication With Iis Problem dd

    Hi, I'm having a problem with HTTP Basic authentication and IIS hosted WCF service. I want to have most basic scenario with validation of credentials against Windows accounts. Unfortunately I always get HTTP 401 response code. The application on IIS has both Anonymous access and Basic authentication modules enabled. My WCF config is:
    system.serviceModel
    serviceHostingEnvironment aspNetCompatibilityEnabled=true/
    bindings
    basicHttpBinding
    binding name=BasicHttpBindingConfiguration maxBufferSize=5242880 maxReceivedMessageSize=5242880 allowCookies=true
    readerQuotas maxStringContentLength=5242880 maxArrayLength=5242880 /
    security mode=TransportCredentialOnly
    transport clientCredentialType=Basic /
    /security
    /binding
    /basicHttpBinding
    /bindings
    services
    service behaviorConfiguration=MyServiceBehavior
    name=Service.MyService
    endpoint address= binding=basicHttpBinding bindingConfiguration=BasicHttpBindingConfiguration
    contract=Service.IMyService
    identity
    dns value=localhost /
    /identity
    /endpoint
    endpoint address=mex binding=mexHttpBinding contract=IMetadataExchange /
    /service
    /services
    behaviors
    serviceBehaviors
    behavior name=MyServiceBehavior
    serviceMetadata httpGetEnabled=true /
    serviceDebug includeExceptionDetailInFaults=true /

    /behavior
    /serviceBehaviors
    /behaviors
    /system.serviceModel

    The client is created using .NET Compact Framework by adding a web reference. The service invocation code is:
    MyService client = new MyService() { Url = configuration.MyServiceUrl };
    client.PreAuthenticate = true;
    client.Credentials = new NetworkCredential(user, password);
    client.Operation();

    Credentials are valid of course. The response has no body, just headers. If I provide wrong credentials, then there's body generated by authentication module. Can anyone help me with this one?

  • RELEVANCY SCORE 2.82

    DB:2.82:Exchange 2010 On Sbs2011 9s


    I uninstalled IIS in order to try to get WSUS reinstalled. But now I reinstaled IIS, EMC nor EMS are connecting to my Exchangeserver
    The error I'm getting is :
    [server01.building1.local] Connecting to remote server failed with the following error message : The WinRM client cannot p
    rocess the request. The WinRM client tried to use Kerberos authentication mechanism, but the destination computer (server01.building1.local:80)

    returned an 'access denied' error. Change the configuration to allow Kerberos authentication mech
    anism to be used or specify one of the authentication mechanisms supported by the server. To use Kerberos, specify the
    local computer name as the remote destination. Also verify that the client computer and the destination computer are jo
    ined to a domain. To use Basic, specify the local computer name as the remote destination, specify Basic authentication
    and provide user name and password. Possible authentication mechanisms reported by server: Basic Negotiate For more
    information, see the about_Remote_Troubleshooting Help topic.
    CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc
    eption
    FullyQualifiedErrorId : PSSessionOpenFailed
    Failed to connect to an Exchange server in the current site.
    Enter the server FQDN where you want to connect.:

    I have checked the kerbauth en wsman in IIS, they were in managed mode instead of native, but that is fixed now.

    DB:2.82:Exchange 2010 On Sbs2011 9s

    Toon Sillen, do you need any further help regarding the issue? If yes, please feel free to let us know, thanks.Sean Zhu
    TechNet Community Support

  • RELEVANCY SCORE 2.81

    DB:2.81:Connecting To Microsoft Dynamics Crm 2013 On-Premise Web Service With Java. kd


    Looking for the integration option for MSCRM(on-premises deployment) 2013 with JAVA.

    Are there any on-line resources which show the basic steps to access the Microsoft CRM on-premise web service with a client written in Java?
    I am facing issues with NTLM Authentication.

    Can we use any other Authentication process for on-premises solution?

  • RELEVANCY SCORE 2.80

    DB:2.80:Jax-Ws Web Service Authentication (Ntlm) Against A Ms Crm Se m8



    Hello everybody,I am currently developing a jboss web service client, which is supposed to connect to a web service on a Microsoft CRM Dynamics (I hope I've got the name right) instance, running on an Internet Information Server. The service itself and the relevant data types are defined in a what appears to be a standard CrmServiceWsdl.aspx file.I've generated the Java classes with the /bin/wsconsume.bat tool in the JBoss folder. We have many times used this tool successfully, when programming JBoss web services and clients for them. Everything seemed nice and well, the client easily connected (including HTTP BASIC authentication) and sent what looked like a correct request to a dummy JBoss web service which I wrote for testing purposes. The problems appeared when we tried the real thing, namely connecting to the MS CRM web service. The IIS Server has the "Windows Intergrated Security" authentication activated, which is supposed to be NTLM.First I have tried doing HTTP Basic, as the IIS was also supposed to support it:

    url = new java.net.URL(InfondsParameter.CRMWebServiceUrlCreateUpdateTask.get(em));

    CrmTaskServiceSoap port = (new CrmTaskService(url, new QName("http://schemas.microsoft.com/crm/2007/WebServices", "CrmService")))
    .getCrmTaskServiceSoap();
    ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "username");
    ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "password");

    DB:2.80:Jax-Ws Web Service Authentication (Ntlm) Against A Ms Crm Se m8


    Hi,i want to access the M$ CRM, too. I get the same 401 Unauthorized Execption.Using: JBossWS 3.2.0 (nativ)

    Exception in thread "main" com.sun.xml.ws.client.ClientTransportException: request requires HTTP authentication: Unauthorized
    at com.sun.xml.ws.transport.http.client.HttpClientTransport.checkResponseCode(HttpClientTransport.java:212)
    at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:149)
    at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:86)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436)
    at com.sun.xml.ws.client.Stub.process(Stub.java:248)
    at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:135)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
    at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:118)
    at $Proxy24.retrieveMultiple(Unknown Source)
    at test.JBossWS.main(JBossWS.java:189)

  • RELEVANCY SCORE 2.80

    DB:2.80:Silverlight + Wcf Service + Dynamic Proxy(Custom Binding) + Basic Authentication On Iis pk


    hi all,
    I am having an issue with how to get windows identity in silverlight project. Below is my scenario:
    the silverlight application need to get data from server via WCF service, i used the waythat built dynamic proxy at runtime and aslo used custombinding in this case. Now my application need to deploy on iis and chosen basic authentication as a authentication
    mode. Thus i have chosen authentication mode in WCF was securityauthenticationMode=UserNameOverTransport.
    At the client side where kind of project is silverlight that i need have to dynamic proxy with custombinding. My question is:

    In basic authentication how can i get windows identity to set to chanelfactory.Credentials:

    _channelFactory=newChannelFactoryTWebService(this._binding,newEndpointAddress(_endpointAddress));_channelFactory.Credentials.UserName=newUserNamePasswordClientCredential();_channelFactory.Credentials.UserName.UserName=username;_channelFactory.Credentials.UserName.Password=password;
    actually, i do not want to use Windows authentioncation in this case.
    Thank you very much for your help.
    scott

    DB:2.80:Silverlight + Wcf Service + Dynamic Proxy(Custom Binding) + Basic Authentication On Iis pk

    Ok, I did not know that. I guess you have to set the user/pass by yourself.
    I suggest you also ask in Silverlight forum if this is supported.http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog

  • RELEVANCY SCORE 2.80

    DB:2.80:Ntlm And Basic Authentication For Outlook Anywhere (Both) 3a


    In Exchange 2007 SP1, allowing
    both NTLM and Basic authentication on the /rpc virtual directory was deemed a
    security vulnerability.

    In Exchange 2010 you are given radial buttons to select NTLM OR Basic authentication, but not both. Listed
    here are the pros and cons of NTLM
    and Basic.

    At first glance one might think you can just go into IIS and set whatever you want. While this is true, IIS will read the Exchange data from AD every 15 minutes
    and reconfigure itself. This means a manual IIS setting will not stick. The configuration must be made in Exchange.

    I was looking around and found this unofficial article:

    http://cid-a19e3265de255fbb.spaces.live.com/blog/cns!A19E3265DE255FBB!2221.entry
    UPDATE - THE 2ND COMMAND IN THIS LINK DOES NOT WORK. SEE ANSWER HERE FOR EXPLINATION.

    http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/3e4bb79d-b31b-423a-b49d-628dd66db6a3

    It looks like, while the GUI only allows for one selection, you can use a comma to specify
    both NTLM and Basic authentication via this command:

    get-outlookanywhere | set-outlookanywhere -IISauthentication basic,Ntlm

    When you look at the
    official TechNet article on the get-outlookanywhere,
    you are not told commas are supported, however after running them, you can verify it accepted both values (get-outlookanywhere).

    I have the following questions:

    1.
    Is this supported?
    2.
    If both values are supplied (both above commands run), what authentication method does autodiscover populate the clients with?
    3.
    How is this supposed to be done. I dont want my users typing credentials each time they connect(Basic Auth), and Outlook 2003/7 requires
    extra client-side work to
    get it to remember passwords. But NTLM authentication re-prompts the login box over and over from some off-campus locations.

    Mike Crowley
    Check out My Blog!

    DB:2.80:Ntlm And Basic Authentication For Outlook Anywhere (Both) 3a

    Here are some TMG screenshots for this config:http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/431128e4-9abe-4680-a569-37e6282af9df
    Mike Crowley | MVP
    My Blog --
    Planet Technologies

  • RELEVANCY SCORE 2.80

    DB:2.80:Jass With Jboss 2.4.4 And Catalina 1m



    I am tryin to run the tutorial by Scott Stark with JBoss 2.4.4 with Catalina. The tutorial works well with basic authentication for invoking the SecureEJBServlet.But, with the EJB client authentication using both the UserRolesLoginModule and the DatabaseServerLoginModule I encounter problems that I have given below.Can anyone help me with these problems?For the UserRolesLoginModule:-The client code is able to create the LoginContext and also get the home of the session EJBs. But the home.create() gives the following error messages:On the client side:client-test0: [java] +++ Running SessionClient with username=scott, password=echoman, example=example1 [java] Created LoginContext [java] Found StatelessSessionHome [java] java.rmi.ServerException: RemoteException occurred in server thread; nested exception is: [java] java.rmi.RemoteException: checkSecurityAssociation; nested exception is: [java] java.lang.SecurityException: Authentication exception, principal=nullOn the server side:[ERROR,SecurityInterceptor] Authentication exception, principal=null[ERROR,SecurityInterceptor] Authentication exception, principal=null[ERROR,StatefulSession] TRANSACTION ROLLBACK EXCEPTION:javax.transaction.TransactionRolledbackException: checkSecurityAssociation; nested exception is: java.lang.SecurityException: Authentication exception, principal=null; nested exception is: java.rmi.RemoteException: checkSecurityAssociation; nested exception is: java.lang.SecurityException: Authentication exception, principal=nullFor the DatabaseServerLoginModule:-With this I get the message 'DefaultDS not bound'. But I can access 'java:/DefaultDS' through other programs.

    DB:2.80:Jass With Jboss 2.4.4 And Catalina 1m


    Sorry, it should have been JAAS in the original topic.

  • RELEVANCY SCORE 2.80

    DB:2.80:Basic Authentication With Ws-Security 9d


    Hi,
     
                    I have some services on a different Java based platform. But the problem is that they have Basic Authentication applied to all of their services. So for example
     
    Cases:
     
    1.       If the service has a WS-Security UserName/Password enabled it also requires Basic Authentication also.
    2.       If the service has Message Level security (For example Sign, SignEncrypt with X509 certificates) enabled still it also requires Basic Authentication also.
     
    Is it possible to do both at the same time from a WCF Client?
     
    For example take CASE 1: WS-Security UserName/Pwd + Basic Authentication, how can I pass both at the same time to the service?
     
    Thanks,
    Amit

    DB:2.80:Basic Authentication With Ws-Security 9d

     
    Thanks Pablo, I think the second option is better. We can add HttpHeaders to the outgoing message.
     
    http://msmvps.com/blogs/paulomorgado/archive/2007/04/27/wcf-building-an-http-user-agent-message-inspector.aspx
     
    Amit
    http://amit-rohilla.spaces.live.com

  • RELEVANCY SCORE 2.80

    DB:2.80:Wcf And Basic Authentication z9


    I have a web service, which is NOT WCF nor running on any flavor of IIS, that requires basic (clear text) authentication, this is an OK thing in my situation because it is all running on a Intranet.  My test client is a simply WCF client, what do I need to do to the basicHttpBinding to send the username and password to the web service?

    DB:2.80:Wcf And Basic Authentication z9

    Sory, but I cannot approve anything from messages, which you have posted above. Post above is ASCII :). This could also be an effect of using of the proxy monitoring tool?! To be sure, try web development helper. This tool does not hook between wcf and service.By the way, if your first issue above has been solved, please close the case above and we will try to solve this one.

  • RELEVANCY SCORE 2.80

    DB:2.80:Authenticationscheme=Basic, Keep Username And Password Data In Client App.Config? dp


    I have a client app which consumes web service written by Java, that requires Basic authentication. I wrote the following piece in source which works fine:
    var client = new WebService.ClientInterface();
    client.ClientCredentials.UserName.UserName = username;
    client.ClientCredentials.UserName.Password = password;
    var result = client.getVersion(...)
    The question is: How can I put the username and password data into client app.config?
    Environment: .Net Framwork 4.0
    Thanks!

    DB:2.80:Authenticationscheme=Basic, Keep Username And Password Data In Client App.Config? dp

    Hello, i dont think we can specify username and password in client app.config.
    Following post might help you
    http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/eb2fa7d1-8036-48b8-9230-370bd4480538/
    http://stackoverflow.com/questions/3725294/set-wcf-clientcredentials-in-app-config
    but there is one way we can do it is by creating custom behavior extension (details in second link)
    Regards

    please Mark as the Answer, If this answers your question. If this post is helpful, please vote as helpful.

  • RELEVANCY SCORE 2.80

    DB:2.80:Connection Problem In Soap Sender Channel 87


    Dear All,I have created two SOAP Sender channel with the following specification:Transport Protocol - HTTP Message Protocol - SOAP 1.1HTTP Security Level - HTTPBut while sending a message from a Java client, I am getting the following error :The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="XISOAPApps"'.Please suggest if you find any way out.Thanks and Regards,Rana Brata De

    DB:2.80:Connection Problem In Soap Sender Channel 87

    Hi RanaLooks like you have used authentication scheme as 'anonymous'. But you have chosen the option 'HTTP' in soap adapter.So you have to pass the user id and password during the call.Sample Code:ICalcCTCWebService calcCTCWebService = calcCTCWebServiceImplServiceLocator.getCalcCTCWebServiceImplPort();Stub stub = (Stub)calcCTCWebService;stub._setProperty(Stub.USERNAME_PROPERTY, "abc");stub._setProperty(Stub.PASSWORD_PROPERTY, "xyz");You can also test the WSDL from SOAP UI and provide user name and password in the header section in SOAP UI and see if the message goes to PI or not.You can also try the below option in the sender soap adapter and see if it works or not.

  • RELEVANCY SCORE 2.80

    DB:2.80:Iis 8 - Windows Server 2012 - Wcf Service Not Found d1


    Hi everybody
    I've a silverlight site in II8 on Windows Server 2012.
    Browsing the site is ok (ria service is correctly installed) but when I try to browse the WCFServices (.svc) (alsofrom IIS Manager), the browser says The webpage cannot be found.
    Any help??
    Thank you very much!!!!!!!!!!

    These are installed roles/features

    WEB01
    Web Server (IIS)
    Role
    Web Server (IIS)

    WEB01
    Windows Process Activation Service
    Feature
    Windows Process Activation Service

    WEB01
    Configuration APIs
    Feature
    Windows Process Activation Service\Configuration APIs

    WEB01
    .NET Environment 3.5
    Feature
    Windows Process Activation Service\.NET Environment 3.5

    WEB01
    Process Model
    Feature
    Windows Process Activation Service\Process Model

    WEB01
    Message Queuing
    Feature
    Message Queuing

    WEB01
    Message Queuing Services
    Feature
    Message Queuing\Message Queuing Services

    WEB01
    Message Queuing Server
    Feature
    Message Queuing\Message Queuing Services\Message Queuing Server

    WEB01
    Windows PowerShell
    Feature
    Windows PowerShell

    WEB01
    Windows PowerShell ISE
    Feature
    Windows PowerShell\Windows PowerShell ISE

    WEB01
    Windows PowerShell 2.0 Engine
    Feature
    Windows PowerShell\Windows PowerShell 2.0 Engine

    WEB01
    Windows PowerShell 4.0
    Feature
    Windows PowerShell\Windows PowerShell 4.0

    WEB01
    .NET Framework 4.5 Features
    Feature
    .NET Framework 4.5 Features

    WEB01
    .NET Framework 4.5
    Feature
    .NET Framework 4.5 Features\.NET Framework 4.5

    WEB01
    WCF Services
    Feature
    .NET Framework 4.5 Features\WCF Services

    WEB01
    WoW64 Support
    Feature
    WoW64 Support

    WEB01
    HTTP Activation
    Feature
    .NET Framework 4.5 Features\WCF Services\HTTP Activation

    WEB01
    Named Pipe Activation
    Feature
    .NET Framework 4.5 Features\WCF Services\Named Pipe Activation

    WEB01
    TCP Activation
    Feature
    .NET Framework 4.5 Features\WCF Services\TCP Activation

    WEB01
    TCP Port Sharing
    Feature
    .NET Framework 4.5 Features\WCF Services\TCP Port Sharing

    WEB01
    ASP.NET 4.5
    Feature
    .NET Framework 4.5 Features\ASP.NET 4.5

    WEB01
    .NET Framework 3.5 Features
    Feature
    .NET Framework 3.5 Features

    WEB01
    .NET Framework 3.5 (includes .NET 2.0 and 3.0)
    Feature
    .NET Framework 3.5 Features\.NET Framework 3.5 (includes .NET 2.0 and 3.0)

    WEB01
    HTTP Activation
    Feature
    .NET Framework 3.5 Features\HTTP Activation

    WEB01
    Non-HTTP Activation
    Feature
    .NET Framework 3.5 Features\Non-HTTP Activation

    WEB01
    User Interfaces and Infrastructure
    Feature
    User Interfaces and Infrastructure

    WEB01
    Server Graphical Shell
    Feature
    User Interfaces and Infrastructure\Server Graphical Shell

    WEB01
    Graphical Management Tools and Infrastructure
    Feature
    User Interfaces and Infrastructure\Graphical Management Tools and Infrastructure

    WEB01
    File and Storage Services
    Role
    File and Storage Services

    WEB01
    File and iSCSI Services
    Role Service
    File and Storage Services\File and iSCSI Services

    WEB01
    File Server
    Role Service
    File and Storage Services\File and iSCSI Services\File Server

    WEB01
    Message Queuing (MSMQ) Activation
    Feature
    .NET Framework 4.5 Features\WCF Services\Message Queuing (MSMQ) Activation

    WEB01
    IP and Domain Restrictions
    Role Service
    Web Server (IIS)\Web Server\Security\IP and Domain Restrictions

    WEB01
    Request Filtering
    Role Service
    Web Server (IIS)\Web Server\Security\Request Filtering

    WEB01
    URL Authorization
    Role Service
    Web Server (IIS)\Web Server\Security\URL Authorization

    WEB01
    Management Tools
    Role Service
    Web Server (IIS)\Management Tools

    WEB01
    IIS Management Console
    Role Service
    Web Server (IIS)\Management Tools\IIS Management Console

    WEB01
    IIS Management Scripts and Tools
    Role Service
    Web Server (IIS)\Management Tools\IIS Management Scripts and Tools

    WEB01
    Web Server
    Role Service
    Web Server (IIS)\Web Server

    WEB01
    Performance
    Role Service
    Web Server (IIS)\Web Server\Performance

    WEB01
    Static Content Compression
    Role Service
    Web Server (IIS)\Web Server\Performance\Static Content Compression

    WEB01
    Dynamic Content Compression
    Role Service
    Web Server (IIS)\Web Server\Performance\Dynamic Content Compression

    WEB01
    Common HTTP Features
    Role Service
    Web Server (IIS)\Web Server\Common HTTP Features

    WEB01
    Static Content
    Role Service
    Web Server (IIS)\Web Server\Common HTTP Features\Static Content

    WEB01
    Default Document
    Role Service
    Web Server (IIS)\Web Server\Common HTTP Features\Default Document

    WEB01
    Directory Browsing
    Role Service
    Web Server (IIS)\Web Server\Common HTTP Features\Directory Browsing

    WEB01
    HTTP Errors
    Role Service
    Web Server (IIS)\Web Server\Common HTTP Features\HTTP Errors

    WEB01
    HTTP Redirection
    Role Service
    Web Server (IIS)\Web Server\Common HTTP Features\HTTP Redirection

    WEB01
    Application Development
    Role Service
    Web Server (IIS)\Web Server\Application Development

    WEB01
    ASP.NET 4.5
    Role Service
    Web Server (IIS)\Web Server\Application Development\ASP.NET 4.5

    WEB01
    .NET Extensibility 4.5
    Role Service
    Web Server (IIS)\Web Server\Application Development\.NET Extensibility 4.5

    WEB01
    ASP.NET 3.5
    Role Service
    Web Server (IIS)\Web Server\Application Development\ASP.NET 3.5

    WEB01
    IIS Client Certificate Mapping Authentication
    Role Service
    Web Server (IIS)\Web Server\Security\IIS Client Certificate Mapping Authentication

    WEB01
    Client Certificate Mapping Authentication
    Role Service
    Web Server (IIS)\Web Server\Security\Client Certificate Mapping Authentication

    WEB01
    Digest Authentication
    Role Service
    Web Server (IIS)\Web Server\Security\Digest Authentication

    WEB01
    Windows Authentication
    Role Service
    Web Server (IIS)\Web Server\Security\Windows Authentication

    WEB01
    Basic Authentication
    Role Service
    Web Server (IIS)\Web Server\Security\Basic Authentication

    WEB01
    Security
    Role Service
    Web Server (IIS)\Web Server\Security

    WEB01
    Storage Services
    Role Service
    File and Storage Services\Storage Services

    WEB01
    Tracing
    Role Service
    Web Server (IIS)\Web Server\Health and Diagnostics\Tracing

    WEB01
    Logging Tools
    Role Service
    Web Server (IIS)\Web Server\Health and Diagnostics\Logging Tools

    WEB01
    HTTP Logging
    Role Service
    Web Server (IIS)\Web Server\Health and Diagnostics\HTTP Logging

    WEB01
    Health and Diagnostics
    Role Service
    Web Server (IIS)\Web Server\Health and Diagnostics

    WEB01
    ISAPI Filters
    Role Service
    Web Server (IIS)\Web Server\Application Development\ISAPI Filters

    WEB01
    ISAPI Extensions
    Role Service
    Web Server (IIS)\Web Server\Application Development\ISAPI Extensions

    WEB01
    .NET Extensibility 3.5
    Role Service
    Web Server (IIS)\Web Server\Application Development\.NET Extensibility 3.5

    WEB01
    Request Monitor
    Role Service
    Web Server (IIS)\Web Server\Health and Diagnostics\Request Monitor

    WEB01
    SMB 1.0/CIFS File Sharing Support
    Feature

    SMB 1.0/CIFS File Sharing Support

    DB:2.80:Iis 8 - Windows Server 2012 - Wcf Service Not Found d1

    I've solved my problem.. there was an error in web.config
    thank you very much!

  • RELEVANCY SCORE 2.79

    DB:2.79:Enable Kerberoes Authentication In Sharepoint 2010 Site sa



    We have enabled the Kerberos Authentication in SharePoint 2010 site, andentering the data in SharePoint from Java client via web service, initially Java client was using kerberos authentication so able to enter the data in SharePoint. But in Java client
    they changed the authentication from Kerberos to Basic after that unable to enter the data in SharePoint.
    My question is, can we enable Kerberos authentication along with Basic Authentication for a SharePoint site, will it work or not.
    Thanks,
    Fahad Khan

    DB:2.79:Enable Kerberoes Authentication In Sharepoint 2010 Site sa

    http://technet.microsoft.com/en-us/library/gg576953.aspx
    http://technet.microsoft.com/en-us/library/gg558567.aspx

  • RELEVANCY SCORE 2.79

    DB:2.79:Automating Login To Website With Iis Basic Authentication 3m


    Hello all,Cansomeonepointmeintthedirectionofwritingascripttoautomatelogintoawebapplicationthatusesbasicauthenticationinsteadofanormalpostloginfromaform?BasicallywhatIamtryingtodoismaketheauthenticationseemlesssotheuserdoesnotknowwhattheusernameandpasswordistologintothissite.IfpossibleIwanttousetheHttpWebRequest/Responseobjectstoinitiatethelogin.ThenoncetheserverapprovesmyusersloginIneedtopasswhateversecuritytokenitreturnstome(thispartIamnotsureabout)tomywebbrowsercontrolwithinmywindowsformapplication.ThiswaytheusercancontinuetobrowsethewebwithoutgettingtheloginpopupagainwhenIdirectthemtothisdomain.thanks!NC

  • RELEVANCY SCORE 2.79

    DB:2.79:Wcf-Basichttp Basic Authentication pm


    Hi all,
    I deployed a receive location with wcf-basichttp adapter in order to publish a schema as a SOAP service.
    This service is embedded in IIS 7.0.
    Now, I'd like to configure authentication in order to access to that service.So, I configured security mode with TransportCredientialOnly value and Basic as Transport Client Crediential Type property.
    Then, I enabled Basic authentication in IIS and disabled Anonymous authentication, but I don't know how to set login and password ? It seems to be Windows local or domain user. It doesn't work that way.
    What did I do bad ?
    Thanks.

    DB:2.79:Wcf-Basichttp Basic Authentication pm

    Hey Guys, I made a mistake here.
    I set the Security Mode options to Tranport instead of TransportCredentialOnly.
    Thank you.Espero ter ajudado
    Ruth Resende
    MVP, MCTS - Biztalk Server
    www.biztalkbrasil.com.br
    Twitter: @ruthresende

  • RELEVANCY SCORE 2.79

    DB:2.79:Saaj (Web Service Client) And Integrated Windows Authentication pa


    Hello
    I have build a web service client using SAAJ, the Web services is deployed on MS IIS. Every thing seems to work fine, The problem appears when I apply directory security on the Web Service Directory. When I apply Basic authentication SAAJ manages to send the user name and password and it goes fine, but when I apply Integrated Windows Authentication, I always get a response Access is Denied.
    I know we can authenticate the user credentials from NTLM from JAAS but here I am using a web services client.
    My Question is How can we pass the user credentials through a web service client to the IIS when the directory security is Windows Integrated Authentication?
    Any work around or the solution will be appreciated.
    Thanks :-)
    Syed Saulat

    DB:2.79:Saaj (Web Service Client) And Integrated Windows Authentication pa

    Hello
    I have build a web service client using SAAJ, the Web services is deployed on MS IIS. Every thing seems to work fine, The problem appears when I apply directory security on the Web Service Directory. When I apply Basic authentication SAAJ manages to send the user name and password and it goes fine, but when I apply Integrated Windows Authentication, I always get a response Access is Denied.
    I know we can authenticate the user credentials from NTLM from JAAS but here I am using a web services client.
    My Question is How can we pass the user credentials through a web service client to the IIS when the directory security is Windows Integrated Authentication?
    Any work around or the solution will be appreciated.
    Thanks :-)
    Syed Saulat