.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Client authentication problems, NTLM

Posted By:      Posted Date: September 30, 2010    Points: 0   Category :WCF



Hope somebody can me with this. Have tried everything by now.


I have created a wcf service which I'm trying to access with my client. I get the following message:


The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'Negotiate,NTLM'. The remote server returned an error: (401) Unathorized.


I have enabled "Integrated Windows Authentication" on the Virtual Share on the IIS which is hosting my service.


Client config:


<security mode="TransportCredentialOnly">

<transport clientCredentialType="Ntlm"

View Complete Post

More Related Resource Links

WCf client request unauthorized with client authentication scheme 'Ntlm'. The authentication heade



I try to connect to a wcf service hosted in iis from a console application.

I have this message : The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'Negotiate,NTLM'. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized.

(By the way it works when my client is a silverlight application ...)

Web.config (iis 6.0 server configuration):

   <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />

     <binding name="basicHttpBinding">
      <security mode="TransportCredentialOnly">
       <transport clientCredentialType="Windows" />
       <behavior name="DefaultServiceBehavior">
        <serviceMetadata httpGetEnabled="true" />
        <serviceDebug includeExceptionDetailInFaults="true" />
      <service name="WebApplication1.Service1" behaviorConfigur

Problems with Forms Authentication in DD 4 site


Hello,  I am seeing a strange problem with Forms Authentication in my DD site.   A user logs into and can view/edit/delete data all day, but when they execute a Custom Filter against data (for example , a control DynamicData/Filters/CustomerLastNameSearch.ascx ) then the site auth fails, and redirects to the log in screen.

in web.config I have

     <authentication mode="Forms">
            <forms name=".Star" loginUrl="~/Login.aspx" protection="All" defaultUrl="~/Default.aspx" path="/" timeout="43200" cookieless="UseCookies" />     

Offhand, I am thinking two things : that DynamicData/Filters path requires some special handling for some reason, or the control extension ascx is causing auth to get confused.   Has anyone else experienced this or have any suggestions?  Thanks!

Web Security: Part 2: Introducing the Web Application Manager, Client Authentication Options, and Pr


This article, the second of two parts, continues coverage of Web security for Windows. It introduces the Web Application Manager in IIS that allows Web processes to be isolated, decreasing the security risk associated with running in a logon session. The article then picks up where Part One left off-it discusses authentication methods such as basic authentication, digest authentication, integrated Windows authentication, and anonymous logons, and the benefits and drawbacks of each.

Keith Brown

MSDN Magazine July 2000

Looking for a simple Service and Console Client REST sample implementing BASIC authentication


Does anyone know of a C# code sample demonstrating WCF REST services and console test client with OperationContracts (GET and POST) implementing mutiple paramaters using BASIC authentication? Also, perhaps, using Fiddler as a test client as well? I have searched high and low for something like this, but have not had any success.

Changing authentication from NTLM to Negotiate

We orginally configured our SharePoint environment to use NTLM and now have been told that in order to configure SSRS SharePoint Integrated services we will need to change to Negotiate (Kerberos).   Can anyone point me to the a best practice document for making this change? Thanks. Jim 

Client object model Authentication.

  Sorry for my bad english. With WPF, I can get authentication using below code             ClientContext clientContext = new ClientContext("URL");             clientContext.AuthenticationMode = ClientAuthenticationMode.Default;             NetworkCredential credential = new NetworkCredential("ID", "PASSWORD", "URL");             clientContext.Credentials = credential; But with silverlight, I can't find AuthenticationMode property with ClientContext.   I want to get authentication using client object model with silverlight. Can anybody help me?   thanks!!   

SharePoint - Report Server - Client Certificate authentication

Hi,I have a SharePoint site collection which requires client certificates. On the server I have configured Reporting Services in integration mode.I can call reports on other site collections which don't require client certificates but not on the site which does. On the site which requires client certificates the pages fail with the following error message:'An unexpected error occurred while connecting to the report server. Verify that the report server is available and configured for SharePoint integrated mode. --> The request failed with HTTP status 403: forbidden'The error message indicates that SharePoint doesn't call the web service with a client certificate. Does anyone know how I can configure SharePoint to use a client certificate?Any help is greatly appreciated.Adam

Client/Server Authentication

Dear All,   I have a client/server socket application that enables file transfer between the client and the server, however, i want the client to be authenticated with the server before a file is transferred. the client should prompt for a user name and password which is used for authentication with the server. The server should be configured with user name/password pairs so that it is able to authenticate client. I have been searching for related work for quite sometime now but haven't come across anything close to this yet. Please i want any1 to help me settle this issues, i would appreciate if i am directed to an article or any other resources that is helpful, or pasting sample code/ uploading sample application would be of greatest help..Thank you all in advance. Regards, Mbgreat.

The HTTP request is unauthorized with client authentication scheme 'Anonymous'

I am trying to do a soap request from a WebCTRL server. I went to add a service reference, entered the URL to my wsdl and (after prompting me for a username and password) it added the reference and I can create an instance of the service object and makes calls against it.   Dim eval As New WebCTRL_Eval.EvalClient eval.Open() Debug.Print(eval.getValue("#reception_40/lstat"))   I get this back from the server, on open and getvalue.   The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="SOAP Access"'.   I understand that it is the HTTP authentication that I need to setup or configure, but just dont understand how to do it.   I have tried eval.ClientCredentials.UserName.UserName = "myusername" eval.ClientCredentials.UserName.Password = "mypassword"   How do I change the client authentication scheme and provide my credentials to it?   Here is what is on my app.config file.   <system.serviceModel>  <bindings>   <wsHttpBinding>    <binding name="EvalSoapBinding"     bypassProxyOnLocal="false"     transactionFlow="false"     hostNameComparisonMode="StrongWildcard"     maxBufferPoolSize="524288"     maxReceivedMessageSize="65536"     messageEncoding="Text"

Client/Server Authentication with SSLStream

Hello, This is my first time using MSDN.  I have a client and server application which use SSLStream to communicate over port 80.  Both the client and the server are running as Windows Services.  Everything works in my test environment (my development computer, under the OS Windows 7 Ultimate). My problem is that when I go to deploy the client and server application to their deployment environments (the server being on Windows Server 2008, and the client being on Windows Server 2003) it does not work, and I get the error: "The client and server cannot communicate, because they do not possess a common algorithm" Please note that I have installed the same certificate using the makecert commands (listed in the "Firstly" section below) In addition, when I gave up on trying to get the client to authenticate under the Windows Server 2003 computer, I moved it to a completely new/different Windows Server 2008 computer.. and then got a new error along the lines of "credentials supplied to package not recognized." If you have any experience with this issue, please advise.  I have been working on this for the past 3 days and have burnt up over 20 hours of development time. Please remember, the problem keeps happening when the Server and Client attempt to authenticate. Firstly, I used the following commands via makece

WCF Membership Authentication and Winform Client Application Services

I am needing more validation of what I am doing versus solving a problem. I have a winforms application that uses Client Application Services to validate a user against a customer membership provider all over SSL.  This works fine.  My winforms application validates correctly. The winforms application uses WCF to call services that are installed on the same IIS server that is providing the membership services for the Client Application Services.  The WCF services use wsHTTP binding, transport security, username credentials, and validate against the same membership provider as the Client Application Services. It appears that although the service and Client Application Services are at the same URL, they do not share credentials between them.  Ideally, once I log into Client Application Services, any calls to a WCF service at that location would be automatically authenticated.  However, this is not true.  I have to pass the username and password into the credentials for the WCF service.  This works as expected where the username and password are validated prior to allowing a service call.  On subsequent services calls, it does not validate again since it has established the secure channel. So, does this sound like the best approach?  Is there a way to pass credentials from the Client Application Services to WCF automatically?  I

Problems with Windows Authentication

I have one webserver alone in the network and all the users authenticate in another server. I'm trying to implement windows authentication in a application in the webserver,  but every time that the page loads a login window appears exactly that the windows client was authenticated in the order server. Is It necessary both server stay in the same domain? Is there another way? Finally, I need to get the user id in the windows client, but webserver and domain server don't communicated between itself. []s Emerson Paz

Kerberos Authentication with WCF Client Fault Exception

Hello, I am using Kerberos as the Authentication mode for a WCF Client to interact with an ASMX Web Service. I am using customBinding in the WCF Client. I am getting the below mentioned Fault Exception when I invoke the HelloWorld Method by creating a Proxy using SVCUTIL.   System.Web.Services.Protocols.SoapHeaderException: Server unavailable, please try later ---> System.ApplicationException: WSE841: An error occured processing an outgoing fault response. ---> System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.InvalidOperationException: WSE914: This instance of derived key token does not support encryption, decryption, or key wrapping. It can only be used to sign or verify signature. Please make sure that the length of the derived key matches the length of the key required by the symmetric encryption algorithm configured for the derived key token manager.    at Microsoft.Web.Services3.Security.Tokens.DerivedKeyToken.Psha1SymmetricKeyAlgorithm.get_EncryptionFormatter()    at Microsoft.Web.Services3.Security.EncryptedData.ResolveDecryptionKey(String algorithmUri, KeyInfo keyInfo)    at Microsoft.Web.Services3.Security.EncryptedData.Decrypt(XmlElement encryptedElement)    at Microsoft.Web.Services3.Security.EncryptedData.Decrypt() &nbs

The HTTP request was forbidden with client authentication scheme 'Anonymous'

I am trying to build a proof of concept of a WCF service utilisting a
wsHttpBinding with Transport Certificate security. I am having problems
connecting to it with a console client - everytime I try to open the channel
I get the following error: The HTTP request was forbidden with client authentication scheme 'Anonymous'.

can any one help me?
Thanks a lot
Frank Xu Lei--????,????
Focus on Distributed Applications Development and EAI based on .NET
?????????????:Welcome to My Chinese Technical Blog
??????WCF??????:Welcome to Microsoft Chinese WCF Forum
??????WCF??????:Welcome to Microsoft English WCF Forum

The HTTP request is unauthorized with client authentication scheme 'Anonymous'.




I am receiving an error when i am callign the WCF service which is hosted in the IIS,


The HTTP request is unauthorized with client authentication scheme 'Anonymous'.The authentication header received from the server was 'Negotiate,NTLM' while calling service hosted in IIS.


Both check boxes are checkd in the properties->DirectorySecurity->Edit...

Anonymus and Integrated Windows.


Can anybody help me regarding thsi issue...






Problems with multiple calls from the same client


Hi all!

I have a service with the following binding configuration (identical on server and client), running under IIS (Win 7 x64):

 <binding name="Printec.TMS.DCS.WindowsTcpBinding" maxReceivedMessageSize="6553600" 
  maxConnections="2000" listenBacklog="2000" closeTimeout="00:10:00" 
  sendTimeout="00:10:00" receiveTimeout="00:10:00" openTimeout="00:10:00">
 <readerQuotas maxDepth="200" maxStringContentLength="6553600" maxArrayLength="6553600" />
 <reliableSession enabled="false" />
 <security mode="None" />

Here is the service behaviour:

<behavior name="ServiceBehavior">
 <dataContractSerializer maxItemsInObjectGraph="

ASP.net 3.5 Windows Authentication Problems


I'm new to ASP.net and trying to set up an Intranet site with Windows Authentication.   

I have configured the web.config as shown below.

<authentication mode="Windows">
<roleManager enabled="true" />

I wanted to do authorization by roles so

          <deny users ="?"/>
          <allow roles="D820\MySite_Developers, D820\MySite_Admins"/>

I'm in the D820\MySite_Developers group.

When I attempt to login, it wants my password.  I thought that with Windows Authentication it should not prompt for the password.

If is use <allow user="*"/> it does not.


1.  Is this the correct behavior?



ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend