none
SSRS imbedded in a WCF Server authentication issue

    Pregunta

  • Hi:

    I would like to create a WCF Web Service that as a part of the processing returns a PDF of a SSRS 2008 report.  In other word run a web service (ssrs) inside of a web service.  Much of the code in my WCF Service is some what like the following example:

    http://geekswithblogs.net/stun/archive/2010/02/26/executing-reporting-services-web-service-from-asp-net-mvc-using-wcf-add-service-reference.aspx

    The WCF Service is configured on IIS as anonymous authentication.  The SSRS binding is:

    <binding name="basicHttpBindingLargeArray" closeTimeout="00:01:00"
      openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
      maxBufferSize="2147483647" maxBufferPoolSize="1000000" maxReceivedMessageSize="2147483647">
      <readerQuotas maxDepth="64" maxStringContentLength="2147483647"
        maxArrayLength="2147483647" maxBytesPerRead="16384" maxNameTableCharCount="16384" />
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Ntlm" proxyCredentialType="None" realm="" />
        <message clientCredentialType="UserName" algorithmSuite="Default" />
      </security>
    </binding>

    The App Pool for the WCF site in IIS is running as a domain user.  But, I am getting the following error:

    The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'.

    Phil


    P.Huhn




    • Editado P.Huhn domingo, 01 de abril de 2012 1:31
    viernes, 30 de marzo de 2012 18:12

Respuestas

  • Hello,

    Follow the link below. It may help you.

    http://stackoverflow.com/questions/4919912/the-http-request-is-unauthorized-with-client-authentication-scheme-ntlm

    http://stackoverflow.com/questions/7677611/the-http-request-is-unauthorized-with-client-authentication-scheme-anonymous

    • Marcado como respuesta P.Huhn miércoles, 04 de abril de 2012 13:52
    domingo, 01 de abril de 2012 14:01

Todas las respuestas

  • Hi:

    This could be as simple as the account that the WCF service is running as is not configured to have access in report manager, but that should be access denied not NTLM issue.

    I have found this:

    http://blogs.msdn.com/b/distributedservices/archive/2009/11/10/wcf-calling-wcf-service-hosted-in-iis-on-the-same-machine-as-client-throws-an-authentication-error.aspx

    I think it is a double hop issue.  The SSRS service is on a different server than the WCF service.  How would that appear as a error message?

    http://blogs.technet.com/b/askds/archive/2008/06/13/understanding-kerberos-double-hop.aspx

    Phil


    P.Huhn



    • Editado P.Huhn domingo, 01 de abril de 2012 2:19
    domingo, 01 de abril de 2012 2:09
  • Hello,

    Follow the link below. It may help you.

    http://stackoverflow.com/questions/4919912/the-http-request-is-unauthorized-with-client-authentication-scheme-ntlm

    http://stackoverflow.com/questions/7677611/the-http-request-is-unauthorized-with-client-authentication-scheme-anonymous

    • Marcado como respuesta P.Huhn miércoles, 04 de abril de 2012 13:52
    domingo, 01 de abril de 2012 14:01
  • Hi:

    Cross-eyed...

    <binding name="ReportExecutionServiceSoap" closeTimeout="00:01:00"
    	openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
    	allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
    	maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
    	messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
    	useDefaultWebProxy="true">
    	<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
    		maxBytesPerRead="4096" maxNameTableCharCount="16384" />
    	<security mode="None">
    		<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
    		<message clientCredentialType="UserName" algorithmSuite="Default" />
    	</security>
    </binding>
    

    I grabbed and changed the wrong basicHttpBinding.

    Changing the above solved it under the web site, but under the test project, I still have to figure out.

    <security mode="TransportCredentialOnly">
    	<transport clientCredentialType="Ntlm" proxyCredentialType="None" realm="" />
    	<message clientCredentialType="UserName" algorithmSuite="Default" />
    </security>
    

    Thanks,

    Phil


    P.Huhn

    miércoles, 04 de abril de 2012 13:50