locked
[UDDI] Authentification failed RRS feed

  • Question

  • Hello ,

    I've installed the Biztalk UDDI services, and create providet, tModel & etc 

    In a application console, I try this :

    UddiSiteLocation location = new UddiSiteLocation(
     httpServerName + "inquire.asmx",
     httpServerName + "publish.asmx",
     httpServerName + "extension.asmx",
     "My UDDI",
     AuthenticationMode.UddiAuthentication);
    
    UddiConnection conn = new UddiConnection(location, @"SRVBIZTALK\UDDIAdmin", "*********");
    conn.AutoGetAuthToken = true;
    
    GetServiceDetail getDetails = new GetServiceDetail("uddi:caeb14a2-3d3f-4ab6-8b7f-***** ");
    ServiceDetail details = getDetails.Send(conn);

    Then , I have this error : Authentification failed.

    I also try WindowsAuthentication and i have the same error.

    Note : 

    I create the user UDDIAdmin, and put it in the BizTalk Server UDDI Administrators group

    Merci d'avance

    Tuesday, January 19, 2016 3:15 PM

Answers

  • Re!

    My IIS Config is :

    Anonymous Authentification : Disable
    Basic Authentification : Enabled
    Windows Authentification : Enabled

    I have finally solve my problem with this lines of code :

    private const int LOGON_TYPE = 9; 	// LOGON32_LOGON_NEW_CREDENTIALS
    private const int LOGON_PROVIDER = 0; 	// LOGON32_PROVIDER_DEFAULT 
    
    [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
    public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
    	int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
    
    GetServiceDetail getDetails = new GetServiceDetail("uddi:*******-3d3f-4ab6-*****-*********** ");
    ServiceDetail details = null;
    UddiConnection conn = null;
    			
    IntPtr tokenHandle = IntPtr.Zero;
    bool returnValue = LogonUser("UDDIAdmin", "SRVBIZTALK", "*****", LOGON_TYPE, LOGON_PROVIDER, ref tokenHandle);
    if(returnValue == true)
    {
    	WindowsIdentity newId = new WindowsIdentity(tokenHandle);
    
    	using (WindowsImpersonationContext impersonatedUser = newId.Impersonate())
    	{
    		UddiSiteLocation location = new UddiSiteLocation(
    		httpServerName + "inquire.asmx",
    		httpServerName + "publish.asmx",
    		httpServerName + "extension.asmx",
    		"UDDI",
    		AuthenticationMode.WindowsAuthentication);
    
    		conn = new UddiConnection(location);
    		conn.AutoGetAuthToken = true;
    
    		details = getDetails.Send(conn);
    		getDetails = null;
    
    	}
    }

    • Marked as answer by Angie Xu Tuesday, February 2, 2016 1:57 AM
    Wednesday, January 20, 2016 9:27 AM

All replies

  • Refer: http://my-tech-talk.blogspot.in/2009/01/dealing-with-microsoft-uddi-services.html

    "Microsoft UDDI offers basically 2 different types of authentication.

    Windows Authentication and UDDIAuthentication.

    The difference is that in Windows Authentication you do not have to specify a Username and Password when you create the UDDIConnection object.

    Windows Authentication


    In Windows Authentication you do not have to specify a Username and Password. UDDI simply takes the Usercredentials received by the UDDI web service. To configure UDDI for using Windows credentials open the IIS Manager, right click the virtual directory (e.g. uddi or uddipublic), go to the Directory Security tab and click onAuthentication and access control. Now make sure "Enable anonymous access" is disabled and Authenticated accessis set to Integrated Windows authentication.

    UDDIAuthentication


    When you use UDDIAuthentication you specify a Username and Password when you create the UDDIConnection object. However this user has to be a valid windows user account and has to have appropriate permissions. Using UDDIAuthentication the authentication of the account is not enforced by IIS but the UDDI Service will authenticate the user.
    To configure UDDI for doing UDDI authentication open the IIS Manager, right click the virtual directory (e.g. uddi or uddipublic), go to the Directory Security tab and click on Authentication and access control. Now make sure "Enable anonymous access" is enabled."


    Rachit Sikroria (Microsoft Azure MVP) 


    Tuesday, January 19, 2016 4:21 PM
    Moderator
  • Before you go any further, are you doing this for legacy support reasons?

    I ask because literally (almost), no on used UDDI even when it was the thing to do and no UDDI stack has been updated in years.

    What are you trying to accomplish?  We can probably recommend a better, or at least more current approach.

    Tuesday, January 19, 2016 6:44 PM
    Moderator
  • Hi,

    I think this is the exception raised from the IIS where you have installed or deployed the UDDI services .

    Have you tried the security settings for the IIS to give proper rights to the user invoking the UDDI service ?

    I think internally the UDDI server is expecting the internal local IIS user for the authentication .

    Thanks

    Abhishek


    If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply

    Tuesday, January 19, 2016 8:42 PM
  • @Johns-305 : 
    We have many applications and lots of exposed services (mostly in WCF) and we want to put a directory in place and a service bus.
    I saw that it was possible to make dynamic routing with UDDI and ESB Biztalk.
    https://www.youtube.com/watch?v=bSU9oiPIdfI
    We will also need to communicate BizTalk and Microsoft Dynamics thereafter.
    Any advice is welcome
    Wednesday, January 20, 2016 7:44 AM
  • Re!

    My IIS Config is :

    Anonymous Authentification : Disable
    Basic Authentification : Enabled
    Windows Authentification : Enabled

    I have finally solve my problem with this lines of code :

    private const int LOGON_TYPE = 9; 	// LOGON32_LOGON_NEW_CREDENTIALS
    private const int LOGON_PROVIDER = 0; 	// LOGON32_PROVIDER_DEFAULT 
    
    [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
    public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
    	int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
    
    GetServiceDetail getDetails = new GetServiceDetail("uddi:*******-3d3f-4ab6-*****-*********** ");
    ServiceDetail details = null;
    UddiConnection conn = null;
    			
    IntPtr tokenHandle = IntPtr.Zero;
    bool returnValue = LogonUser("UDDIAdmin", "SRVBIZTALK", "*****", LOGON_TYPE, LOGON_PROVIDER, ref tokenHandle);
    if(returnValue == true)
    {
    	WindowsIdentity newId = new WindowsIdentity(tokenHandle);
    
    	using (WindowsImpersonationContext impersonatedUser = newId.Impersonate())
    	{
    		UddiSiteLocation location = new UddiSiteLocation(
    		httpServerName + "inquire.asmx",
    		httpServerName + "publish.asmx",
    		httpServerName + "extension.asmx",
    		"UDDI",
    		AuthenticationMode.WindowsAuthentication);
    
    		conn = new UddiConnection(location);
    		conn.AutoGetAuthToken = true;
    
    		details = getDetails.Send(conn);
    		getDetails = null;
    
    	}
    }

    • Marked as answer by Angie Xu Tuesday, February 2, 2016 1:57 AM
    Wednesday, January 20, 2016 9:27 AM
  • If you want dynamic routing, then you can use the Business Rules Engine Resolver for that.

    Trust me, putting your services in a directory, especially UDDI will be a waste of time and not even a good learning exercise since no one will use it.  Uninstall UDDI and pretend it never existed.

    Also, do you really need "dynamic routing"?  I've seen plenty of instances where a nice flexible/dynamic architecture that ended up being wholly static because the apps involved, SAP, Oracle, legacy, AX/GP are not anything that could be considered 'dynamic'.

    Wednesday, January 20, 2016 1:32 PM
    Moderator