locked
Service Bus 1.1 - 401 Unauthorized with credentials in connection string RRS feed

  • Question

  • I have a standalone Windows Server 2012 R2 instance (which happens to be in a VM hosted in Azure) where I have installed Service Bus 1.1, with the intent to have it managed via an Azure Pack setup.  Additionally, I have created a self-signed CA cert and self-signed cert that I have in place on my server and exported/imported to my client machine.  From a simple C# client, I am attempting to connect, create a queue, write to the queue, and read from the queue, but I cannot get past the initial connection.

    The connection string in my app.config looks like this (where <vm> stands for the actual host name and <myNS> stands for my actual namespace; also, I have mapped the 8xxx endpoints on the VM into the actual 9xxx ports): 
    Endpoint=sb://<vm>.cloudapp.net/<myNS>;StsEndpoint=https://<vm>.cloudapp.net:8355/<myNS>;RuntimePort=8354;ManagementPort=8355;WindowsUsername=ServiceBusUser;WindowsDomain=<vm>;WindowsPassword=<password>

    The user is a local user that has membership in the Administrators group.  When I run the app using this connection string, I receive:

     {"The token provider was unable to provide a security token while accessing 'https://<vm>.cloudapp.net:8355/<myNS>/$STS/Windows/';. Token provider returned message: ''."} 

     The nested InnerException is: "The remote server returned an error: (401) Unauthorized."

    I have tried several different credentials and consistently end up with the 401.  Alternatively, I have tried using SAS instead, but am sorting out a configuration exception that is thrown as the underlying library can't seem to parse the connection string correctly.  I've searched quite a bit, but have only found information on authentication in forum and blog posts (perhaps I missed some msdn docs?).  Is there a specific setup for a standalone server in regards to authentication for service clients?


    Please remember to mark replies as answers if they help you.

    Tuesday, May 26, 2015 3:52 AM