.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Remoting Issue - Authentication Type changes from Kerberos to NTLM in Thread.CurrentPrincipal.Identi

Posted By:      Posted Date: May 22, 2011    Points: 0   Category :WPF

Am facing followingproblem, Authentication Type changes from Kerberos to NTLM in Thread.CurrentPrincipal.Identity where as the user name comes properly while calling the method of service2 through remoting from service1.

Actually the problem scenario is as follows, from client am making calls to service1 and from the service1 am making the call to another service2 where the problem occurs.

             Kerberos                              NTML
Client ----------------> Server1 -------------------------> another service2
         remoting call                      remoting call

But When I made the remoting call from the client directly to service2, am getting the security type as Kerberos properly.

Please advise.

Am running out of time, looking for you valuable comments...!!!



View Complete Post

More Related Resource Links

Re-authentication issue when openeing a MS Word Document


We have a SharePoint installation for one of our clients with external access enabled using https via ISA server. When accessing the portal internally within the intranet/domain its fine. In case of external access using https when users login to portal adn when they try to open a MS Word (or any Office) document they are prompted to to enter their username and password again. It happens for every MS Office document. We are using MOSS 2007, Office 2007. I know that the promp for re-authentication is is due to the fact that office try to open a new session but is there any work around to overcome this.

Any help will be highly appreciated.



Issue with List Definition of same base content type and deployed via same feature


I am trying to deploy two custom list definitions using only one single feature.  Below are the details of my issue.

  • Two custom list definitions
  • Each custom list definition has its own custom content type
  • Each custom content type inherits from the base content type Picture (Type = 109)
  • The custom list definitions are grouped together under one single feature
  • The custom content types are grouped together under a seperate single feature

When I deploy my solution in this configuration, the second list definition gets the first custom content type applied to it and the list schema from the first list definition is also applied to the second list definition.

What makes this more interesting, when I seperate both of the list definitions under two seperate features it all works fine.  Custom content types and list schemas get applied correctly.

Can anyone tell me why I can not deploy both list definitions under one single feature?

If you need me to post any of the origional code or XML to this post please let me know.



Issue with Forms Authentication


 I'm in the middle of converting an intranet application to use forms authentication. The authentication process works fine for the core application and all the nested classic asp pages. However, my nested asp.net applications do not work. I have mapped their web.configs to the correct login url. If I attempt to access them after logging in, I am automatically redirected to the homepage of the intranet application. If I try to access them directly, I am redirected to the login screen, as I should be, and then the intranet homepage after the login process, instead of the page I need to access.

At first, I thought there might be some remnant of the security processes in the nested applications, but it does it for applications that have no security processes other than the one for the core intranet.

Since this is my first crack at using forms authentication, I'm assuming I've missed some step. Any ideas?

Here is the section of my web.config:

<authentication mode="Forms">

      <forms loginUrl="~/folder/loginpage.aspx" name="Cookie Name"></forms>


      <deny users="?" />
      <allow users="*"/>

Windows authentication login form issue


Hi guys,

I have an application that requires windows authentication to login, the problem is that every time an user logs in under IE and win XP, the username is pre filled with the IP address of the server as instance and the username. I need to replace the server ip with  XXXX instance name instead of doing this manually.

Could anyone pleas help me out with this one?

Thanks in advance,


windows authentication issue with different domain

Webservice(frame work 2.0 & VB.NET) connecting to SQL Server 2008 in Windows Authentication mode and WS configured on App pool with domain\user id credentials and granted full access to temp folder still getting the following error. System.InvalidOperationException: Unable to generate a temporary class (result=1). error CS2001: Source file 'C:\WINDOWS\TEMP\ixymjcwh.0.cs' could not be found error CS2008: No inputs specified at System.Xml.Serialization.Compiler.Compile(Assembly parent, String ns, XmlSerializerCompilerParameters xmlParameters, Evidence evidence) at System.Xml.Serialization.TempAssembly.GenerateAssembly(XmlMapping[] xmlMappings, Type[] types, String defaultNamespace, Evidence evidence, XmlSerializerCompilerParameters parameters, Assembly assembly, Hashtable assemblies) at System.Xml.Serialization.TempAssembly..ctor(XmlMapping[] xmlMappings, Type[] types, String defaultNamespace, String location, Evidence evidence) at System.Xml.Serialization.XmlSerializer.FromMappings(XmlMapping[] mappings, Evidence evidence) at System.Web.Services.Protocols.XmlReturn.GetInitializers(LogicalMethodInfo[] methodInfos) at System.Web.Services.Protocols.XmlReturnWriter.GetInitializers(LogicalMethodInfo[] methodInfos) at System.Web.Services.Protocols.MimeFormatter.GetInitializers(Type type, LogicalMethodInfo[] methodInfos) at System.Web.Services.Protocols.H

Kerberos issue with SQL Reporting Services 2005 on Server 2003 R2

Hi Guys,apologies if this is the incorrect forum, so moderators, feel free to move it to SQL/IIS/SharePoint as appropriate... [Windows Server Security moderator pushed me this direction]I have a test environment that I'm trying to get SQL Reporting Services 2005 SP3 working in integrated mode with SharePoint 2007 SP2.The environment is all in VMWare, running Server 2003 R2 x86 and is layed out like this:SERVER A:AD/DNS/DHCPSERVER B:SQL 2005 SP3 CU8SERVER C:SharePoint 2007 SP2 Dec 09 CU- Central admin on port 9000- SSP on port 9001- MySite on port 81- Main Content on port 80SQL Reporting Services 2005 SP3 CU8- Reporting Service website on port 82SERVER D:SharePoint 2007 SP2 Dec 09 CU- Central admin on port 9000- SSP on port 9001- MySite on port 81- Main Content on port 80SQL Reporting Services 2005 SP3 CU8- Reporting Service website on port 82Through the use of DNS and (SharePoint) Alternate Access Names, SERVER D is used to deliver the Main Content in SharePoint and the Reporting Service website.  SERVER C is used to deliver the Central Admin, SSP and MySite.I've set up SPN's for the SharePoint App Pools, using the following: [main content] setspn -S HTTP/SERVERA DOMAIN\AppPoolUserA setspn -S HTTP/SERVERA.FQDN DOMAIN\AppPoolUserA setspn -S HTTP/SERVERB DOMAIN\AppPoolUserA setspn -S HTTP/SERVERB.FQDN DOMAIN\AppPoolUserA [repor

Changing authentication from NTLM to Negotiate

We orginally configured our SharePoint environment to use NTLM and now have been told that in order to configure SSRS SharePoint Integrated services we will need to change to Negotiate (Kerberos).   Can anyone point me to the a best practice document for making this change? Thanks. Jim 

WebServiceHost2Factory is forcing Thread.CurrentPrincipal to RoleProviderPrincipal instead of my cus

Hi gang, I've been working through various samples to try and piece together a solution for SAML token-based authentication for ASP.Net and WCF RESTful services...  some of the samples I've been referencing: http://custombasicauth.codeplex.com/Wikipage http://www.leastprivilege.com/SecuringWCFDataServicesUsingWIF.aspx http://weblogs.asp.net/cibrax/archive/2010/02/17/a-good-way-to-handle-claim-based-security-in-restful-services.aspx etc... I've been battling my way through each roadblock, and I'm so close I can taste it.  The latest block that's got me is this: If I use the regular WebServiceHostFactory, the custom authorization policies are applied and Thread.CurrentPrincipal ends up taking the value that my HttpModule set for HttpContext.Current.User...   but...  if I use the WebServiceHost2Factory (i.e. from the REST Starter Kit) to gain the auto help endpoint, etc...,  then the auth policies aren't applied, and the Thread.CurrentPrincipal ends up being an instance of RoleProviderPrincipal in no way related to the ClaimsPrincipal I set in the HttpModule..   :-( Any thoughts, ideas how to get the WebServiceHost2Factory to play nice with the custom / overridden principal? Thanks, Tyler  

Could not load type 'System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtec

I have a windows service that runs on client machines and connects to a WCF service on a server.  This windows service seems to work fine on Windows XP, Vista and 7  machines, but when I try and run it on a Server 2008 R2 machine I get the following error: System.Configuration.ConfigurationErrorsException: An error occurred creating the configuration section handler for system.serviceModel/bindings: Could not load type 'System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement' from assembly 'System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089'. (C:\Program Files (x86)\MyFolder\MyApp\MyAppWinSVC.exe.Config line 4) ---> System.TypeLoadException: Could not load type 'System.Security.Authentication.ExtendedProtection.Configuration.ExtendedProtectionPolicyElement' from assembly 'System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089'.    at System.ServiceModel.Configuration.HttpTransportSecurityElement.get_Properties() I have the 3.5 sp1 feature installed. The only thing I have found online that is remotely similar is this MS hotfix: http://support.microsoft.com/kb/2262911 But when I try and apply it, it says that it isn't for my computer. Does anyone have any ideas how to resolve this issue?

Windows 2008 R2 kerberos authentication

Hi i have install windows 200R2 with blackpearl but i have this issue with Kerberos Authentication the same account when using ie8 on the local machine allows me to login while the same credientials using ie7 & ie8 on remote machine will keep prompting for credentials; any advise on this?

LDAP - directory entry issue with out user and password using impersonate and windows authentication

Hi All I am using the below code to fetch the user information from LDAP             DirectoryEntry entry = new DirectoryEntry("LDAP://DEV");             DirectorySearcher searcher =  new DirectorySearcher(entry);             SearchResult result;             searcher.Filter = "samaccountname=testuser";             result = searcher.FindOne(); here i am using windows authentication always and along with that when i enable the impersonate = true ,  the code fails at "result = searcher.FindOne();" with message "object reference not set to instance of an object "  also with the same code if i give the username and password along with the impersonate tag >> it works  or if i am using the user and password along with the DirectoryEntry  object then also it will work  but it fails with same user that i gave in impersonate tag / directory entry object with windows authentication enabled  and the  user logged to the application and no username and password tag in directory entry / impersonate tag  Interesting thing is that  in our development server ,  i am able to execute the same code with out user name p

the type initializer for 'system.runtime.remoting.identity' threw an exception.

HI, I am trying to implement kerberos delegation in Active Directory enviroment with windows 2003 servers SP2. I have Client, ProxyServer and RemoteServer application that are developed on .Net framework v3.5 using .Net Remoting "System.Runtime.Remoting". I am not using Microsoft.Samples.Security.SSPI &  Microsoft.Samples.Runtime.Remoting.Security directly. my code is based on "http://blogs.msdn.com/dotnetremoting/archive/2006/07/06/662599.aspx" Only change that I have done is put impersonate="true" in channel configuration of ProxyServer and RemoteServer, and of course changed the UPN and Port and IP address. The Client's credentials are successfully impersonated by ProxyServer, I can access the text file on ProxyServer on behalf of client. But when from ProxyServer I try to execute the method on RemoteServer it throws "the type initializer for 'system.runtime.remoting.identity' threw an exception." After looking at blog http://www.secnewsgroups.net/group/microsoft.public.dotnet.security/topic8251.aspx I did required changing under Local Security Settings -> Local Policies -> User Rights Assignments -> impersonate a client after authentication and Create Global Objects. I have added three domain user names in three machine under whose credentials corrosponding application is running. When i run three applications on their

Weird Issue with the MOSS Search : FileExtension metadata object type instead of string

Hello, We 've got a strange issue with the search and especially with the FileExtension metadata. when we make a query on the search engine, we receive for the FileExtension metadata an unexcpected result. here is a printscreen showing the issue. http://cid-53eee937847a625e.photos.live.com/self.aspx/Public/Untitled.jpg as you can see the Type of the FileExtension is object and it should be string and I checked the type of the object and it's System.String[] the element at the index 0 contains the value! what's wrong ? thx in advance

Very Wierd User Authentication Issue

We recently had a new starter for whom HR assigned the wrong Windows user name (his initials are P.S. and he got the username pc12, which should have been given to another guy who was starting at the same time...) It took a little while before this came to light and by this time the user had logged on, accessed a bunch of applications etc... Eventually, everything gets straightened out in AD and both users now have exactly the right records. The only problem is SharePoint. Profile information is fine, but (and this is the weird part) when P.S. accesses the site, he gets 'Welcome Pxxxx Cxxxx' (the other guy's name). We have been trying to resolve this for days now, so there has been plenty of time for any required replication and there have been about 100 iis resets. Now get this, when P.S. accesses other internal Web sites, he's authenticated fine - it's just SharePoint! I sense a support call coming on, but if anyone else has seen anything like this it would be great to hear any ideas.

Cannot Login with Forms Based Authentication to SharePoint 2010 - Issue with the SecurityTokenServic

Please be advised I have followed the steps on http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/. I have tried to fix the following issue for a week using different farms and SharePoint 2010 installations, however I am getting the following error when trying to authenticate using Forms Based into a Claims site: Cannot get Membership Provider with name FBARoleProvider The membership provider for this process was not properly configured. You must configure the membership provider in the .config file for every SharePoint process. 1. I am certain the membership provider is configured in the SecurityTokenServiceApplication webservice as I can manage users and roles in IIS7 using the SecurityTokenServiceApplication website. 2. I am certain that membership provider is configured in the both the Claims Web Application and Central Admin as I can manage users and roles in IIS7 using their websites. 3. I know the issue is the SecurityTokenServiceApplication service as I had to set <serviceDebug includeExceptionDetailInFaults="true" /> to get the error above. 4. I can log into the Claims Based Application using windows authentication, however I am unable to see the users on the people picker despite that I can see them from the application's site on IIS

Login issue using authentication mode="Forms"

Hi,I am using authentication mode="Forms" with ldap, i manage to login and logour fine but when user 1 is logged and when user2 logs, user1 gets the user2 session. Any idea why this might be happening? Here is some code:     <authentication mode="Forms">            <forms name="login" loginUrl="Login.aspx" />        </authentication>        <authorization>            <allow roles="auditor"/>            <allow roles="approver"/>            <allow roles="user"/>            <deny users="?"/>        </authorization>        <identity impersonate="true"/>protected Boolean ValidateUser(String strUsername, String strPassword)        {            //Return true if the username and password is valid, false if it isn't             &n
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend