Web part calling PSI getting 401 Unauthorized in farm

• 28 มีนาคม 2555 18:17

   

   
  

  0

  Hi

  I'm building a web part to change the Project's currency inside a PDP. It's working brilliantly in my dev environment, even got it working to update when the Save button is clicked.

  However, as soon as I deploy it to my client's farm, I'm getting a 401 Unauthorized error when I try to call the Project.ReadProjectEntities method. On the face of it, it's a double hop problem, so I've tried to specify credentials that I get from Secure Store.

  No matter what I do, I get this error:

  System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM'. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized. at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory factory) at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException, ChannelBinding channelBinding) at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at EPM2010Utils.SvcProject.Project.ReadProjectEntities(Guid projectUid, Int32 ProjectEntityType, DataStoreEnum dataStore) at EPM2010Utils.SvcProject.ProjectClient.ReadProjectEntities(Guid projectUid, Int32 ProjectEntityType, DataStoreEnum dataStore) at EPM2010Utils.Project.GetProjectLevelInformation(Guid ProjUID, DataStoreEnum StoreToGetFrom) at Currency_Selector.Currency_Selector.Currency_SelectorUserControl.GetCurrentProjectCurrency()

  I've tried messing around with the ChannelFactory.Credentials options, changing the Binding.Security.Transport.ClientCredentialType type, but nothing makes a difference.

  This is the code I'm using to set the credentials:

   public const string DefaultServiceRouter = "_vti_bin/PSI/ProjectServer.svc";
          private void SetClientEndpoints(string pwaUrl, bool isHttps)
          {
              const int MAXSIZE = 500000000;
  
              BasicHttpBinding binding = null;
  
              if (isHttps)
              {
                  // Create a binding for HTTPS.
                  binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
              }
              else
              {
                  // Create a binding for HTTP.
                  binding = new BasicHttpBinding(
                      BasicHttpSecurityMode.TransportCredentialOnly);
              }
  
              binding.Name = "basicHttpConf";
              binding.SendTimeout = TimeSpan.MaxValue;
              binding.MaxReceivedMessageSize = MAXSIZE;
              binding.ReaderQuotas.MaxNameTableCharCount = MAXSIZE;
              binding.MessageEncoding = WSMessageEncoding.Text;
              binding.Security.Transport.ClientCredentialType =
                  HttpClientCredentialType.Basic ;
              
              
              EndpointAddress addressListProjects =
                  new EndpointAddress(pwaUrl + DefaultServiceRouter);
  
              objProjClient =
                  new SvcProject.ProjectClient(binding, addressListProjects);
              objProjClient.ChannelFactory.Credentials.Windows.ClientCredential = new System.Net.NetworkCredential("username", "password", "domain");
              objProjClient.ChannelFactory.Credentials.Windows.AllowedImpersonationLevel
                  = TokenImpersonationLevel.Impersonation;
              objProjClient.ChannelFactory.Credentials.Windows.AllowNtlm = true;
              //objProjClient.ChannelFactory.Credentials.Windows.ClientCredential.Domain = "domain";
              //objProjClient.ChannelFactory.Credentials.Windows.ClientCredential.UserName = "username";
              //objProjClient.ChannelFactory.Credentials.Windows.ClientCredential.Password = "password";
              
              
  
          }
  
          public override void Dispose()
          {
              DisposeClients();
              base.Dispose();
          }
  
          // Dispose the service clients.
          public void DisposeClients()
          {
              objProjClient.Close();
          }

  
  

  I'm getting desperate, any help would be appreciated.

  
  
  

  • แก้ไขโดย MandarbRSA 30 มีนาคม 2555 11:18 Forgot the error message
  •  
  • ตอบ
  • อ้างอิง