locked
System.ServiceModel.Security.SecurityNegotiationException WCF Master Data Services RRS feed

  • Question

  • Hello everyone.

    I'm trying to make a web application that connects to the Microsoft Master Data Service web service; This application will be used by various people around the world.

    However, I try to make a modification to the model by adding an entity through this code:

    private static void CreateMembers() {
                WSHttpBinding binding = new WSHttpBinding();
                binding.Security.Mode = System.ServiceModel.SecurityMode.Message;
                
                binding.Security.Message.ClientCredentialType = System.ServiceModel.MessageCredentialType.Windows;
                EndpointAddress address = new EndpointAddress(mdsURL);
                
    
                ChannelFactory<IService> channelFactory = new ChannelFactory<IService>(binding, address);
                IService client = channelFactory.CreateChannel();
    
                //Create request and response objects
               EntityMembersUpdateRequest request = new EntityMembersUpdateRequest();
                EntityMembersUpdateResponse response = new EntityMembersUpdateResponse();
    
                //Create member context
                EntityMembers memberContext = new EntityMembers();
                memberContext.ModelId = new Identifier() { Name = "MY_MODEL_NAME" };
                memberContext.EntityId = new Identifier() { Name = "TEST_ENTITY" };
                memberContext.VersionId = new Identifier() { Name = "VERSION_1" };
                request.Members = memberContext;
    
             
                //Create member collection
                System.Collections.ObjectModel.Collection<Member> memberCollection = new System.Collections.ObjectModel.Collection<Member>();
                memberContext.Members = memberCollection;
    
                //Create member
                Member member = new Member();
                member.MemberId = new MemberIdentifier() { Code = "0" };
                memberCollection.Add(member);
           
                //Create attributes
                member.Attributes = new System.Collections.ObjectModel.Collection<MasterData.MDSTestService.Attribute>();
                MasterData.MDSTestService.Attribute attribute = new MasterData.MDSTestService.Attribute();
                attribute.Identifier = new Identifier() { Name = "NuevoAtributo" };
                attribute.Value = "ValorDelAtributo";
                member.Attributes.Add(attribute);
    
                
                //update attribute
                response = client.EntityMembersUpdate(request);
                
                HandleOperationErrors(response.OperationResult);
                ((IClientChannel)client).Close();
                channelFactory.Close();
            }

    And here is my Client App.Config:

    <configuration>
        <startup> 
            <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
        </startup>
        <system.serviceModel>
            <bindings>
                <basicHttpBinding>
                    <binding name="BasicHttpBinding_IService">
                        <security mode="TransportCredentialOnly">
                            <transport clientCredentialType="Windows" />
                        </security>
                    </binding>
                </basicHttpBinding>
                <wsHttpBinding>
                    <binding name="WSHttpBinding_IService" />
                </wsHttpBinding>
            </bindings>
            <client>
                <endpoint address="http://webservice.company.test:8001/service/Service.svc"
                    binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService"
                    contract="MDSTestService.IService" name="WSHttpBinding_IService">
                    <identity>
                        <userPrincipalName value="Service@comp.domain.net" />
                    </identity>
                </endpoint>
    
            </client>
        </system.serviceModel>
    </configuration>

    and throws an exception:

    System.ServiceModel.Security.SecurityNegotiationException: SOAP security negotiation with "http://mydomain.comp.domain.net:8001/service/service.svc" for target "http://mydomain.comp.domain.net:8001/service/service.svc" failed. See inner Exception for more information --> System.ComponentModel.Win32Exception: 

    Security Support Provider interface (SSPI) authentication failed.
    The server may not be running in an account with identity "host/mydomain.comp.domain.net"
    If the server is running in a service account, specify the account´s ServicePrincipalName as the identity in the EndPointAddress for the server.

    my doubt lies, as a validation to each user who enters this application, since not all people will have access to it.

    It is important to know that I do not have access to the server, that is, I'm just a customer trying to consume the service and they gave me permission to modify the whole model.

    Someone who can guide me?

    Thank you!!

    Tuesday, November 28, 2017 4:24 PM