none
wsHTTPBinding, Transport Security, Windows Authentication RRS feed

  • Question

  • I have published BizTalk schema as a wcf service on IIS7.5 I am using a self signed certificate to secure the transport channel. 

    At the receive location I am using Security Mode = Transport, Transport Client Credential Type = Windows.

    At the IIS end, I have enabled "Windows Authentication - HTTP 401 Challenge" for the service.

    When I browse to the svc file, it asks for Windows credentials and opens successfully.

    When I call it through the visual studio client it gives me the below given error

    The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate oYIEbDCCBGigAwoBAaELBgkqhkiC9xIBAgKiggRSBIIETmCCBEoGCiqGSIb3EgECAgMEATCCBDigAwIBBaEDAgERooIEKmGCBCYwggQioAMCAQWhDhsMUkZHLkNPUlAuUkxHoiEwH6ADAgECoRgwFhsGa3JidGd0GwxSRkcuQ09SUC5STEejggPmMIID4qADAgESoQMCAQ

    The client configuration file is 

            <client>
                <endpoint address="https://xxxxxxxxxx/ESBService/ESBService.svc"
                    binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITwoWayAsyncVoid1"
                    contract="ESBServiceReference.ESBService" name="WSHttpBinding_ITwoWayAsyncVoid1">
                    <identity>
                        <userPrincipalName value="xxxxxxxxxx" />
                    </identity>
                </endpoint>
    </client>
    <bindings>
    <wsHttpBinding>
    <binding name="WSHttpBinding_ITwoWayAsyncVoid1">
    <security mode="Transport">
    <transport clientCredentialType="Windows"/>
    </security>
    </binding>
    </wsHttpBinding>
    </bindings>

    If I set the Transport Client Credential Type = None and enable Anonymous Authentication on IIS, the same client works fine. However I am not able to understand what am I doing wrong.

    Please help

    Friday, August 7, 2015 8:53 PM

Answers