none
Web part calling PSI getting 401 Unauthorized in farm

    คำถาม

  • Hi

    I'm building a web part to change the Project's currency inside a PDP. It's working brilliantly in my dev environment, even got it working to update when the Save button is clicked.

    However, as soon as I deploy it to my client's farm, I'm getting a 401 Unauthorized error when I try to call the Project.ReadProjectEntities method. On the face of it, it's a double hop problem, so I've tried to specify credentials that I get from Secure Store.

    No matter what I do, I get this error:

    System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM'. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized. at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory factory) at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException, ChannelBinding channelBinding) at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at EPM2010Utils.SvcProject.Project.ReadProjectEntities(Guid projectUid, Int32 ProjectEntityType, DataStoreEnum dataStore) at EPM2010Utils.SvcProject.ProjectClient.ReadProjectEntities(Guid projectUid, Int32 ProjectEntityType, DataStoreEnum dataStore) at EPM2010Utils.Project.GetProjectLevelInformation(Guid ProjUID, DataStoreEnum StoreToGetFrom) at Currency_Selector.Currency_Selector.Currency_SelectorUserControl.GetCurrentProjectCurrency()

    I've tried messing around with the ChannelFactory.Credentials options, changing the Binding.Security.Transport.ClientCredentialType type, but nothing makes a difference.

    This is the code I'm using to set the credentials:

     public const string DefaultServiceRouter = "_vti_bin/PSI/ProjectServer.svc";
            private void SetClientEndpoints(string pwaUrl, bool isHttps)
            {
                const int MAXSIZE = 500000000;
    
                BasicHttpBinding binding = null;
    
                if (isHttps)
                {
                    // Create a binding for HTTPS.
                    binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
                }
                else
                {
                    // Create a binding for HTTP.
                    binding = new BasicHttpBinding(
                        BasicHttpSecurityMode.TransportCredentialOnly);
                }
    
                binding.Name = "basicHttpConf";
                binding.SendTimeout = TimeSpan.MaxValue;
                binding.MaxReceivedMessageSize = MAXSIZE;
                binding.ReaderQuotas.MaxNameTableCharCount = MAXSIZE;
                binding.MessageEncoding = WSMessageEncoding.Text;
                binding.Security.Transport.ClientCredentialType =
                    HttpClientCredentialType.Basic ;
                
                
                EndpointAddress addressListProjects =
                    new EndpointAddress(pwaUrl + DefaultServiceRouter);
    
                objProjClient =
                    new SvcProject.ProjectClient(binding, addressListProjects);
                objProjClient.ChannelFactory.Credentials.Windows.ClientCredential = new System.Net.NetworkCredential("username", "password", "domain");
                objProjClient.ChannelFactory.Credentials.Windows.AllowedImpersonationLevel
                    = TokenImpersonationLevel.Impersonation;
                objProjClient.ChannelFactory.Credentials.Windows.AllowNtlm = true;
                //objProjClient.ChannelFactory.Credentials.Windows.ClientCredential.Domain = "domain";
                //objProjClient.ChannelFactory.Credentials.Windows.ClientCredential.UserName = "username";
                //objProjClient.ChannelFactory.Credentials.Windows.ClientCredential.Password = "password";
                
                
    
            }
    
            public override void Dispose()
            {
                DisposeClients();
                base.Dispose();
            }
    
            // Dispose the service clients.
            public void DisposeClients()
            {
                objProjClient.Close();
            }

    I'm getting desperate, any help would be appreciated.



    • แก้ไขโดย MandarbRSA 30 มีนาคม 2555 11:18 Forgot the error message
    28 มีนาคม 2555 18:17

ตอบทั้งหมด