locked
WCF: The request for security token could not be satisfied because authentication failed. RRS feed

  • Question

  • I have written a very simple WCF Service that sends and receives messages. I have tested the app through the VS 2008 default web server host and everything works fine. But when I deploy the WCF service to another computer's IIS I receive the following error:

    "The request for security token could not be satisfied because authentication failed."

    How can I set the authentication type to use my custom username and password in config file? If it is not possible, please tell me how I can set its windows credentials because the 2 computers that I'm using, don't share the same users.

    Saturday, December 27, 2008 10:52 AM

Answers

  •  Windows authentication requires both machines to be in a domain and that the domain will be the same one.

    If you want to cancel authentication at all wither use basicHttpBinding and not wsHttpBinding (the default) or add a binding configuration with security/mode="None".

    this will also cancel all security (enveyprion etc.)
    http://webservices20.blogspot.com/
    WCF Security, Performance And Testing Blog
    • Marked as answer by _larsw Saturday, December 27, 2008 9:55 PM
    Saturday, December 27, 2008 9:32 PM
  • Hi,

     Note that there are alternatives to Windows authentication if you require security.

     See the excellent WCF Security Guidance for more information.

     --larsw

    Lars Wilhelmsen | Senior Consultant | Miles, Norway | MCTS WCF | http://larswilhelmsen.com/
    • Marked as answer by _larsw Saturday, December 27, 2008 9:57 PM
    Saturday, December 27, 2008 9:57 PM

All replies

  • Windows credentials cannot be used when client and server are not on the same domain (unless the domains trust each other).

    Since the default configuration of a WCF service is to use windows authentication this is most probably the reason for the error.

    In order to use custom username/password you need to set the customUserNamePasswordValidatorType property. See example here:



    http://webservices20.blogspot.com/
    WCF Security, Performance And Testing Blog
    Saturday, December 27, 2008 1:34 PM
  • Thanks for your reply.
    My computers are not part of any domains. In this case, what is the problem?
    Is there any ways to completely disable the need to authentication?
    Saturday, December 27, 2008 2:30 PM
  •  Windows authentication requires both machines to be in a domain and that the domain will be the same one.

    If you want to cancel authentication at all wither use basicHttpBinding and not wsHttpBinding (the default) or add a binding configuration with security/mode="None".

    this will also cancel all security (enveyprion etc.)
    http://webservices20.blogspot.com/
    WCF Security, Performance And Testing Blog
    • Marked as answer by _larsw Saturday, December 27, 2008 9:55 PM
    Saturday, December 27, 2008 9:32 PM
  • Hi,

     Note that there are alternatives to Windows authentication if you require security.

     See the excellent WCF Security Guidance for more information.

     --larsw

    Lars Wilhelmsen | Senior Consultant | Miles, Norway | MCTS WCF | http://larswilhelmsen.com/
    • Marked as answer by _larsw Saturday, December 27, 2008 9:57 PM
    Saturday, December 27, 2008 9:57 PM
  • Hi to all,

    I'm finding solution for this problem. In my case, the service is hosted on a server and i'm trying accessing it from another server on same domain. I'm not too expierenced with WCF. Can any help me please?

    Thanks.
    • Proposed as answer by Hridya S Wednesday, September 9, 2009 11:00 AM
    Tuesday, March 10, 2009 3:57 PM
  • I was also facing this problem and found a solution recently. You just need to change the type of binding from wsHttpBinding to basicHttpBinding in your web.config file.

    Wednesday, September 9, 2009 11:01 AM