[Dev Tip] The HTTP request is unauthorized with client authentication scheme


WCF Issue-The HTTP request is unauthorized with client authentication scheme ‘Negotiate’. The authentication header received from the server was ‘NTLM’.
Problem
When calling any WCF/web services/Sharepopint services via WCF, you will normally get this error if you leave the settings as configured by the “Add Service Reference Wizard” :
“The HTTP request is unauthorized with client authentication scheme ‘Negotiate’. The authentication header received from the server was ‘NTLM’.”
Solution
You must specify a non-anonymous impersonation level for your ClientCredentials. Just specifying a username and password for your WCF Service reference’s ClientCredentials.UserName.UserName and ClientCredentials.UserName.Password is not sufficient to resolve the problem. This is utter necessary when you are calling service from different domain.
Code Changes
ServiceReference1.Service serviceClient = new ServiceReference1.Service();
            serviceClient.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential(“username”, “password”, “domain”);
            serviceClient.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation
Note:
When you are in same domain, don’t have to pass in the Windows.ClientCredential information. You can also set the above values in app.config configuration elements rather than code.

You can use (with descending levels of security):

System.Security.Principal.TokenImpersonationLevel.Identification
System.Security.Principal.TokenImpersonationLevel.Impersonation
System.Security.Principal.TokenImpersonationLevel.Delegation
Config Changes:

  <binding name=”BasicHttpBinding_Service”>
                    <security mode=”TransportCredentialOnly”>
                        <transport clientCredentialType=”Windows” />
                        <message clientCredentialType=”UserName” algorithmSuite=”Default” />
                    </security>
                </binding>
Now you run program and above issue is fixed.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s