.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

[FtpWebRequest] System.Security.Authentication.AuthenticationException: A call to SSPI failed

Posted By:      Posted Date: October 27, 2010    Points: 0   Category :.NET Framework

Hi All,

   I'm using FtpWebReuqest, SSL enabled, to connect and upload files to an FTP server.

   During testing of the module i'm developing, I've encountered an unhandled exception indicating,

   "System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The token supplied to the function is invalid"


Now before I decided to post this question here, I've searched the net and found several posts related to this. However, most them were not really helpful and not that clear. Hence, the post. :)

Additional info, I've already over ride the validation part of the SSL connection using the codes below:


ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(MyCertValidationCb);

public static bool MyCertValidationCb(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)


        return true;



What I can't really figure out is the root caus

View Complete Post

More Related Resource Links

A call to SSPI failed: The target principal name is incorrect - How to ignore this Security Check

I find that I am getting this error since I am using the netTCPBinding. I don't get this exception when the client and server are on the same machine, but when they are on different machines, this exception occurs. If I set the identity on the end point as mentioned in the article: http://blogs.msdn.com/b/drnick/archive/2007/11/08/setting-a-user-principal-on-the-endpoint.aspx it is working fine.   So my question is , should the service end point always have an identity when using netTcpBinging? I tried setting Security.Mode = None and still I got this identity exception. is there any way through which I can ask the service to ignore the SSPI details and accept client request?   Thanks!

WCF The Security Support Provider Interface (SSPI) negotiation failed


I am using a wcf service that I created, when both hosting machine and the client machine are on the same domain everything works just fine. When I publish the client app to the webserver in the DMZ I am getting the following error:

SOAP security negotiation with '' for   
'' failed. See inner exception  
for more details.The Security Support Provider Interface (SSPI) negotiation failed.

Here is my service main where I set up the service


 Uri baseAddress = new Uri("Http://");
      ServiceHost selfHost = new ServiceHost(typeof(QBService), baseAddress);


Could not load type 'System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtec

I have a windows service that runs on client machines and connects to a WCF service on a server.  This windows service seems to work fine on Windows XP, Vista and 7  machines, but when I try and run it on a Server 2008 R2 machine I get the following error: System.Configuration.ConfigurationErrorsException: An error occurred creating the configuration section handler for system.serviceModel/bindings: Could not load type 'System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement' from assembly 'System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089'. (C:\Program Files (x86)\MyFolder\MyApp\MyAppWinSVC.exe.Config line 4) ---> System.TypeLoadException: Could not load type 'System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement' from assembly 'System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089'.    at System.ServiceModel.Configuration.HttpTransportSecurityElement.get_Properties() I have the 3.5 sp1 feature installed. The only thing I have found online that is remotely similar is this MS hotfix: http://support.microsoft.com/kb/2262911 But when I try and apply it, it says that it isn't for my computer. Does anyone have any ideas how to resolve this issue?

WCF: security token could not be satisfied because authentication failed.



I am newbie to WCF.... Please bare me..I have WCF service and client on the same machine with certificates(trusted root authority). Please find Client and server config below.

Below exception resulted when client tries to call service.

NOTE: This exception resulted when revocationMode= Online. But this is working fine when revocationMode= NoCheck.

<authentication certificateValidationMode="ChainTrust" revocationMode="Online"/>

But this should work in Online revocation mode for me.


Server Error in '/WCFClient' Application.

The request for security token could not be satisfied because authentication failed.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed.

Source Error:

Line 58:     }
Line 59:
Line 60:     public string Ping(string inParam) { return base.Channel.Ping(inParam);

What are the required Security permissions to call SAM accountmanagement over the wire, using System



I need to perform remote management on the local SAM database.  I am getting a security permission error, but can't figure out what the required permissions need to be.  My test harness works great as a locally authenticated user however the permission issue gets thrown when I am trying to connect to a remote host that isn't part of the domain.

The exception is getting thrown on the call to ValidateCredentials, which is found in the constructor for the LocalAccount class below, specifically you will see it  public LocalAccount(string Server, string User, string Password)

My test environment includes windows 7 machines that are working in a offline mode trying to connect to machines running XP, 2003 and Windows 7 that are not part of the domain.

Any and all help would be appreciated.


using System;
using System.Collections.Generic;
using System.DirectoryServices;
using System.DirectoryServices.AccountManagement;

namespace WindowsManagement
  class Program

Could not load type 'System.Security.Authentication.ExtendedProtection.ChannelBinding' ..


 I am running Windows Server 2008, ASP.NET 3.5, IIS7

i wonder if it's IIS7 problem, or .NET Framework or even security updates problem

suddenly all websites do not work, and from event viewer

there're two errors

Exception: System.TypeLoadException

Message: Could not load type 'System.Security.Authentication.ExtendedProtection.ChannelBinding' from assembly 'System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089'.

StackTrace:    at System.Web.Hosting.IIS7WorkerRequest.Dispose()
   at System.Web.Hosting.PipelineRuntime.DisposeHandlerPrivate(HttpContext context)
   at System.Web.HttpRuntime.FinishRequestNotification(IIS7WorkerRequest wr, HttpContext context, RequestNotificationStatus& status)
   at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)
   at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr managedHttpContext, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
   at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr managedHttpContext, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)

 Faulting application w3wp.exe, version 7.0.6002.18005, time stamp

2 WCFs and "A call to SSPI failed, see inner exception"


I have 2 WCFs. One is hosted on my local IIS, and another is self-hosted on a Windows service. It was all running great, until I made some modifications. Of course, probably my first problem is that I don't know how to "see the inner exception". But I'm betting it's in one of my app.config files. Here they are:

Client web.config:





<binding name="NetTcpBinding_IService1" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="524288" maxBufferSize="565536" maxConnections="10" maxReceivedMessageSize="565536"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="516384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />




hello i have the following problem

i have upload my content to hosting server but i get the following error

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[SecurityException: Request for the permission of typ

System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPerm


Good Day all,

Having an issue with an outside user accessing my IIS7 box. I do not have this problem when running the website from my host machine. I found this post: Http://forums.asp.net/t/1371394.aspx. I assure you that this is not a solution because I am not storing any of my files on a network share. 

What do you think my approach should be. 

I already have read rights to IIS user to my BIN folder. 

Thanks for the help. 

helped needed: ASP LDAP authentication failed in IE 8


I use the following code to do the user authentication through Active Directory using LDAP.

entry = new DirectoryEntry("LDAP://" + server, user_name, password);
if (!string.IsNullOrEmpty(entry.Name))
EmployeeNetId = entry.Username.Substring(0, 3);

// Retrieve EmployeeId, and Employee Full Name
EmployeeId = -1;

It works for Chrome, Firefox with no problem. But with IE 8, it works sometimes, and failed on some computers. When it failed, I figured that I need to check SSL 2.0 in IE 8 Internet Options.  It's weird because in those computers that IE 8 works, SSL 2.0 is also unchecked.

Am I using some deprecated method? Or How do I specifiy the SSL version options in the LDAP connection?

Security negotiation failed because the remote party did not send back a reply in a timely manner. T



Dear All i have created one simple service

like this

namespace WcfService2
        public class Service1 : IService1
        public string ShowEmpName(string strFirstName, string strLastName)
            return strFirstName + strLastName;

after executing in .net command promt i got 2 files

service.cs & output.config

after that i create one class file like this

namespace WcfService2
    public class clientcs

        static void Main(string[] args)
            Service1Client client = new Service1Client();
            string strResult = client.ShowEmpName("Pradeep", "Deokar");

Security: Safer Authentication with a One-Time Password Solution


One-time passwords offer solutions to dictionary attacks, phishing, interception, and lots of other security breaches. Here's how it all works.

Dan Griffin

MSDN Magazine May 2008

Windows Server 2003: Discover Improved System Info, New Kernel, Debugging, Security, and UI APIs


There's a lot to say about Windows Server 2003. First of all, it's the first operating system with built-in .NET Framework support, and it's the first 64-bit OS from Microsoft. But wait, there's more! There are lots of new features and APIs in this version as well. For instance, Windows Server 2003 features Hot Add Memory and a number of other arcane new tidbits. There are new APIs for handling threads, directories, and files, and new features like the low fragmentation heap for managing memory and system information. There's vectored exception handling and new UI APIs as well.OS internals expert Matt Pietrek takes a look at the additions he finds most interesting and useful so you'll have a good place to start when you dive into Windows Server 2003.

Matt Pietrek

MSDN Magazine June 2003

Web Security: Part 2: Introducing the Web Application Manager, Client Authentication Options, and Pr


This article, the second of two parts, continues coverage of Web security for Windows. It introduces the Web Application Manager in IIS that allows Web processes to be isolated, decreasing the security risk associated with running in a logon session. The article then picks up where Part One left off-it discusses authentication methods such as basic authentication, digest authentication, integrated Windows authentication, and anonymous logons, and the benefits and drawbacks of each.

Keith Brown

MSDN Magazine July 2000

System.Data.SqlClient.SqlException: Login failed for user . Reason: The account is disable


Hi All,

Thank you for advance.

I created a widows service for mail schedule with c#.net and sql server 2005 and it is working fine for past one year.

now sometimes i am getting the "System.Data.SqlClient.SqlException: Login failed for user '<UserName>'. Reason: The account is disabled." error.

then i restarted the windows service manually and working.

what is the problem in my sql server connection and how to fix that issue?

System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlCli

I have created a windows library control that accesses a local sql database I tried the following strings for connecting Dim connectionString As String = "Data Source=localhost\SQLEXPRESS;Initial Catalog=TimeSheet;Trusted_Connection = true" Dim connectionString As String = "Data Source=localhost\SQLEXPRESS;Initial Catalog=TimeSheet;Integrated Security=SSPI"   I am not running the webpage in a virtual directory but in C:\Inetpub\wwwroot\usercontrol and I have a simple index.html that tries to read from an sql db but throws the error System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.   at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)   at System.Security.PermissionSet.Demand()   at System.Data.Common.DbConnectionOptions.DemandPermission()   at System.Data.SqlClient.SqlConnection.PermissionDemand()   at System.Data.SqlClient.SqlConnectionFactory.PermissionDemand(DbConnection outerConnection)   at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, etc etc  The action that failed was:DemandThe type of the first permission that failed was:System.Data.SqlClient.SqlClientPermissionThe Zone of the assembly that fa
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend