none
Error in soap connection from Azure app application RRS feed

  • Question

  • Hello,

    I have a web application that sends through SOAP requests to an external asmx service.
    Test and production environments are deployed as web app on Azure.
    The remote server has a firewall rule and all the public IP of my servers is authorized for connection. 
    From my local environments (managed by VS2017) I am able to communicate with SOAP server sending and receveing my data.

    The same code seems not working on Azure hosted application (Stardand 1 Plan), when the application try to connect to SOAP service the answer received is this one:

    The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was ''.

    The complete stack is this:

      Server stack trace:      at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory`1 factory)     at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory`1 factory, WebException responseException, ChannelBinding channelBinding)     at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)     at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)     at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)     at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)     at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)     at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)    Exception rethrown at [0]:      at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)     at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)     at Beneficy.FEConnector.IntermediateFEService.Ws_CoreSoap.Core_RiceviFile(Core_RiceviFileRequest request)     at Beneficy.FEConnector.IntermediateFEService.Ws_CoreSoapClient.Beneficy.FEConnector.IntermediateFEService.Ws_CoreSoap.Core_RiceviFile(Core_RiceviFileRequest request)

    The binding configuration in web.config is the following:

    <basicHttpBinding>
                  <binding maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" name="FeSoap"  />
    </basicHttpBinding>
    
    <client>
          <endpoint address="http://EXTERNALIP/Service/Ws_Core.asmx" binding="basicHttpBinding" bindingConfiguration="FeSoap" contract="IntermediateFEService.Ws_CoreSoap" name="FeSoap" />
    </client>

    I have tried lot of stuff on proxy or on changing transport security, but no success..
    Could you give me help or suggestion?


    Thank you very much!

    Friday, March 1, 2019 3:00 PM

Answers

  • Hi Abraham,

    I have done some additional testing and also thanks to your suggestion I have finally figured out the issue.

    I have set directly in C# the Anonymous authentication in my Soap Client:

    client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Anonymous;

    This makes the trick!

    Thank you gor your help!

    Regards

    Francesco

    • Marked as answer by fcallieco Thursday, March 7, 2019 9:40 PM
    Thursday, March 7, 2019 9:40 PM

All replies

  • Hi fcallieco,
    There still exists some unclear thing I would like to know, with which I need to locate the problem. how do you host the XML web service (ASMX)?  Which way you use to invoke the web service, by adding service reference?  Do you have tried to send a soap request with SOAPUI? by which we could exclude whether the authentication caused the problem.
    One possibility is that authentication causes this problem, and if your local code tests an xml web service hosted on a local server, it may use windows authentication. In addition, do you have anonymous authentication enabled on the web server?
    Best Regards
    Abraham
    Monday, March 4, 2019 6:41 AM
    Moderator
  • Hi,

    the asmx is hosted by a third party supplier I do not exactly know how they host it. 

    As regards my part of connection I have used visual studio automated process (adding services) and connected to url. VS automatically generated everything (as for other services I used). 
    From my local machine everything works fine (towards the remote server) and I have also used SOAPUI to test the connection to asmx remote server and it is ok (the authentication mode is automatically set as anonymous)

    This is an extraction from my web.config but I don't think there is something connected with remote authentication:

        <authentication mode="None" />
        <compilation targetFramework="4.6.1">
          <buildProviders>
            <add extension=".rdlc" type="Microsoft.Reporting.RdlBuildProvider, Microsoft.ReportViewer.WebForms, Version=15.0.0.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91" />
          </buildProviders>
          <assemblies>
            <add assembly="Microsoft.ReportViewer.Common, Version=15.0.0.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91" />
            <add assembly="Microsoft.ReportViewer.WebForms, Version=15.0.0.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91" />
          </assemblies>
        </compilation>
        <httpRuntime targetFramework="4.5.1" maxRequestLength="10000" />
        <httpHandlers>
          <add path="Reserved.ReportViewerWebControl.axd" verb="*" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=15.0.0.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91" validate="false" />
        </httpHandlers>
      </system.web>
      <system.webServer>
        <modules>
          <remove name="FormsAuthentication" />
        </modules>
        <handlers>
          <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
          <remove name="OPTIONSVerbHandler" />
          <remove name="TRACEVerbHandler" />
          <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
          <add name="ReportViewerWebControlHandler" verb="*" path="Reserved.ReportViewerWebControl.axd" preCondition="integratedMode" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=15.0.0.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91" />
        </handlers>

    Finally I have asked for partner remote server web.config just to check if they are using some authentication (but in this case i should have problem also with soaopui, isn't it)?

    Thank you so much for your help!

    Monday, March 4, 2019 8:57 AM
  • Hi fcallieco,

    I have searched some related information about this issue, I think it may be useful to you.
    Add the following code snippets to binding configuration so that specify the security mode explicitly

    <transport clientCredentialType="Ntlm" proxyCredentialType="None"realm="" />
    <message clientCredentialType="UserName" algorithmSuite="Default" />

    Here are related discussions.
    http://morrisbahrami.blogspot.com/2011/02/http-request-is-unauthorized-with.html
    https://social.msdn.microsoft.com/Forums/vstudio/en-US/3651246b-49ae-4f5e-b444-6752bf085910/the-http-request-is-unauthorized-with-client-authentication-scheme-anonymous-the-authentication?forum=wcf
    http://ddkonline.blogspot.com/2009/11/fix-http-request-is-unauthorized-with.html
    Feel free to let me know if the problem still exists.
    Best Regards
    Abraham

    Tuesday, March 5, 2019 6:13 AM
    Moderator
  • Hi Abraham,

    I have done some additional testing and also thanks to your suggestion I have finally figured out the issue.

    I have set directly in C# the Anonymous authentication in my Soap Client:

    client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Anonymous;

    This makes the trick!

    Thank you gor your help!

    Regards

    Francesco

    • Marked as answer by fcallieco Thursday, March 7, 2019 9:40 PM
    Thursday, March 7, 2019 9:40 PM