locked
SOS: Lightswitch deployment fails with 401 errors having followed all instuctions --please help! RRS feed

  • Question

  • Hi,  I hope you can help me with a project that's way behind schedule due to deployment errors.

    I developed a Lightswitch project in VS 2013, ASP.NET 4.5, with Web API 2.1 so I could call stored procedures from the silverlight 5 client, using windows authentication.  It works fine on my development machine, but when I try to deploy to test, I get a variety of 401 errors as shown below.  I've tried every remedy I can find online, with no luck.  Please help!

    Here's the trace from going to the first page of the LS 2013 site, in IE:

    

    Requests to this Application

    Remaining: 32
    No. Time of Request File Status Code Verb  
    1 4/17/2014 7:28:56 AM DesktopClient/default.htm 200 GET View Details
    2 4/17/2014 7:28:57 AM DesktopClient/Silverlight.js 304 GET View Details
    3 4/17/2014 7:28:57 AM favicon.ico 404 GET View Details
    4 4/17/2014 7:28:58 AM DesktopClient/Web/MastercardVB5FromScratch.DesktopClient.xap 304 GET View Details
    5 4/17/2014 7:28:59 AM DesktopClient/Web/Microsoft-LightSwitch-Security-ServerGenerated-Implementation-AuthenticationService.svc/binary/GetAuthenticationInfo 200 GET View Details
    6 4/17/2014 7:29:04 AM MastercardData.svc/Microsoft_LightSwitch_GetCanInformation 200 GET View Details
    7 4/17/2014 7:29:05 AM MastercardData.svc/qryMaxPeriods 200 GET View Details
    8 4/17/2014 7:32:40 AM Mastercard/DesktopClient/trace.axd 401 GET View Details

    Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.18446  

    It doesn't show the 401 errors;  we have to get fiddler to see those--odd!  

    Does the last line about the .Net framework being 4.0 mean that there's a conflict on the server with asp.net 4.5.1 that I used in VS2013, or does this just mean that the application pools in iis only offer options of ASP 2.0 and ASP 4.0?

    Anyway, here is fiddler's view on the issue:  most requests to the server, be they lightswitch or for the web API, are met initially with a 401, then with a 200 or 304.  Is lightswitch retrying the message or something?

    GET http://eospdev:3860/DesktopClient/default.htm
    401 Unauthorized (text/html)

    GET http://eospdev:3860/DesktopClient/default.htm
    200 OK (text/html)

    GET http://eospdev:3860/DesktopClient/Silverlight.js
    304 Not Modified ()

    GET http://eospdev:3860/favicon.ico
    404 Not Found (text/html)

    GET http://eospdev:3860/DesktopClient/Web/MastercardVB5FromScratch.DesktopClient.xap?v=1.1.28.0
    401 Unauthorized (text/html)

    GET http://eospdev:3860/DesktopClient/Web/MastercardVB5FromScratch.DesktopClient.xap?v=1.1.28.0
    304 Not Modified ()

    GET http://eospdev:3860/DesktopClient/Web/Microsoft-LightSwitch-Security-ServerGenerated-Implementation-AuthenticationService.svc/binary/GetAuthenticationInfo
    200 OK (application/msbin1)

    GET http://eospdev:3860/MastercardData.svc/Microsoft_LightSwitch_GetCanInformation?dataServiceMembers='qryMaxPeriods'
    200 OK (application/json)

    GET http://eospdev:3860/MastercardData.svc/qryMaxPeriods
    401 Unauthorized (text/html)

    GET http://eospdev:3860/MastercardData.svc/qryMaxPeriods
    200 OK (application/json)

    Looking at the first request in the fiddler listing, here are its details:

    Request:

    GET /DesktopClient/default.htm HTTP/1.1

    Accept: */*

    Accept-Language: en-US

    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/6.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET4.0C; .NET4.0E)

    Accept-Encoding: gzip, deflate

    Host: eospdev:3860

    If-Modified-Since: Wed, 16 Apr 2014 06:02:15 GMT

    If-None-Match: "804d646a3959cf1:0"

    DNT: 1

    Connection: Keep-Alive

    Pragma: no-cache

    Cookie: ASP.NET_SessionId=zptycrcjfajvh4brhxhwn4hu; WSS_KeepSessionAuthenticated={2176709b-cb25-44ff-b9ed-8218094b16fb}

    Authorization: NTLM TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==

    No Proxy-Authorization Header is present.

    Authorization Header is present: NTLM

    4E 54 4C 4D 53 53 50 00 01 00 00 00 07 82 08 A2  NTLMSSP......‚.¢

    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

    06 01 B1 1D 00 00 00 0F                          ..±.....       

    -[NTLM Type1: Negotiation]------------------------------

    Provider: NTLMSSP

    Type: 1

    OS Version: 6.1:7601

    Flags: 0xa2088207

           Unicode supported in security buffer.

           OEM strings supported in security buffer.

           Request server's authentication realm included in Type2 reply.

           NTLM authentication.

           Negotiate Always Sign.

           Negotiate NTLM2 Key.

           Supports 56-bit encryption.

           Supports 128-bit encryption.

    Domain_Offset: 0; Domain_Length: 0; Domain_Length2: 0

    Host_Offset: 0; Host_Length: 0; Host_Length2: 0

    Host:

    Domain:

    ------------------------------------

    Response:

    Not Authorized

    HTTP Error 401. The requested resource requires user authentication.

    HTTP/1.1 401 Unauthorized

    Content-Type: text/html; charset=us-ascii

    Server: Microsoft-HTTPAPI/2.0

    WWW-Authenticate: NTLM TlRMTVNTUAACAAAADgAOADgAAAAFgomiXc2laG1xHXAAAAAAAAAAALYAtgBGAAAABgGxHQAAAA9EAE8ATQBBAEkATgAxAAIADgBEAE8ATQBBAEkATgAxAAEADgBFAE8AUwBQAEQARQBWAAQAIgBpAG4AdABlAHIAbgBhAGwALgBwAHIAcABhAC4AbwByAGcAAwAyAEUATwBTAFAARABlAHYALgBpAG4AdABlAHIAbgBhAGwALgBwAHIAcABhAC4AbwByAGcABQAiAGkAbgB0AGUAcgBuAGEAbAAuAHAAcgBwAGEALgBvAHIAZwAHAAgAgsdP+UBazwEAAAAA

    Date: Thu, 17 Apr 2014 13:28:52 GMT

    Content-Length: 341

    Proxy-Support: Session-Based-Authentication

    No Proxy-Authenticate Header is present.

    WWW-Authenticate Header is present: NTLM

    4E 54 4C 4D 53 53 50 00 02 00 00 00 0E 00 0E 00  NTLMSSP.........

    38 00 00 00 05 82 89 A2 5D CD A5 68 6D 71 1D 70  8....‚‰¢]Í¥hmq.p

    00 00 00 00 00 00 00 00 B6 00 B6 00 46 00 00 00  ........¶.¶.F...

    06 01 B1 1D 00 00 00 0F 44 00 4F 00 4D 00 41 00  ..±.....D.O.M.A.

    49 00 4E 00 31 00 02 00 0E 00 44 00 4F 00 4D 00  I.N.1.....D.O.M.

    41 00 49 00 4E 00 31 00 01 00 0E 00 45 00 4F 00  A.I.N.1.....E.O.

    53 00 50 00 44 00 45 00 56 00 04 00 22 00 69 00  S.P.D.E.V...".i.

    6E 00 74 00 65 00 72 00 6E 00 61 00 6C 00 2E 00  n.t.e.r.n.a.l...

    70 00 72 00 70 00 61 00 2E 00 6F 00 72 00 67 00  p.r.p.a...o.r.g.

    03 00 32 00 45 00 4F 00 53 00 50 00 44 00 65 00  ..2.E.O.S.P.D.e.

    76 00 2E 00 69 00 6E 00 74 00 65 00 72 00 6E 00  v...i.n.t.e.r.n.

    61 00 6C 00 2E 00 70 00 72 00 70 00 61 00 2E 00  a.l...p.r.p.a...

    6F 00 72 00 67 00 05 00 22 00 69 00 6E 00 74 00  o.r.g...".i.n.t.

    65 00 72 00 6E 00 61 00 6C 00 2E 00 70 00 72 00  e.r.n.a.l...p.r.

    70 00 61 00 2E 00 6F 00 72 00 67 00 07 00 08 00  p.a...o.r.g.....

    82 C7 4F F9 40 5A CF 01 00 00 00 00              ‚ÇOù@ZÏ.....   

    -[NTLM Type2: Challenge]------------------------------

    Provider: NTLMSSP

    Type: 2

    OS Version: 6.1:7601

    Flags: 0xa2898205

           Unicode supported in security buffer.

           Request server's authentication realm included in Type2 reply.

           NTLM authentication.

           Negotiate Always Sign.

           Negotiate NTLM2 Key.

           Target Information block provided for use in calculation of the NTLMv2 response.

           Supports 56-bit encryption.

           Supports 128-bit encryption.

    Challenge: 5D CD A5 68 6D 71 1D 70

    ------------------------------------

    What is going on?  Is there really a permissions issue?  Many of my calls to the web API are failing--do I need to somehow tell iis that the path to the web api is allowed?  What other info do we need?  I have it or can get it.   Please respond asap!  Thanks!

    Thursday, April 17, 2014 2:15 PM

All replies