none
IIS WebService Request for principal permission failed

    Question

  • I have a simple web service and in the web service I have written a simple method as illustrated in the code below.

            [PrincipalPermission(SecurityAction.Demand, Role = @"KIANCOORP\SomethingElse Users U")]
            public string HelloWorld()
            {
                var msg = "Hello {0} from internal.".FormatWith(IdentityName);
    
                _log.Info(msg);
    
                return msg;
            }

    I have hosted the web service in an app pool that is set to a Domain User KIANCOORP\webapppooluser, and I have added this user into the group of "KIANCOORP\SomethingElse Users U" (via active directory).

    Now when I use an internet browser to browse to the web service I get the following prompt, so I try to log in with the same user that I have used to set as the app pool user for this HelloWorld web service of mine.

    LogInPrompt For HelloWorld web method

    Now if I try to log in with the correct credentials, the prompt comes up again 

    Re-prompt for log in user name and password

    Its like I have to enter the credentials 3 times, I have tested this and everytime I have been prompted with the login dialog box I have to try 3 times and eventually it gets into the following browser screen.

    Browser display HTTP Error 401

    If I go to the IIS logs this is what I will see.

    System.ServiceModel Warning: 131076 : <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Warning"><TraceIdentifier>http://msdn.microsoft.com/en-NZ/library/System.ServiceModel.Diagnostics.TraceHandledException.aspx</TraceIdentifier><Description>Handling an exception.</Description><AppDomain>/LM/W3SVC/3/ROOT-1-131164864670874625</AppDomain><Exception><ExceptionType>System.Security.SecurityException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType><Message>Request for principal permission failed.</Message><StackTrace>   at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()
       at System.Security.Permissions.PrincipalPermission.Demand()
       at System.Security.PermissionSet.DemandNonCAS()
       at KianService.HelloWorld() in C:\vso\SandBox\KianService.cs:line 81
       at SyncInvokeHelloWorld(Object , Object[] , Object[] )
       at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]&amp;amp; outputs)</StackTrace><ExceptionString>System.Security.SecurityException: Request for principal permission failed.
       at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()
       at System.Security.Permissions.PrincipalPermission.Demand()
       at System.Security.PermissionSet.DemandNonCAS()
       at KianService.HelloWorld() in C:\vso\SandBox\KianService.cs:line 81
       at SyncInvokeHelloWorld(Object , Object[] , Object[] )
       at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]&amp;amp; outputs)
    The action that failed was:
    Demand
    The type of the first permission that failed was:
    System.Security.Permissions.PrincipalPermission
    The first permission that failed was:
    &amp;lt;IPermission class="System.Security.Permissions.PrincipalPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
    version="1"&amp;gt;
    &amp;lt;Identity Authenticated="true"
    Role="KIANCOORP\SomethingElse Users U"/&amp;gt;
    &amp;lt;/IPermission&amp;gt;
    
    The demand was for:
    &amp;lt;IPermission class="System.Security.Permissions.PrincipalPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
    version="1"&amp;gt;
    &amp;lt;Identity Authenticated="true"
    Role="KIANCOORP\SomethingElse Users U"/&amp;gt;
    &amp;lt;/IPermission&amp;gt;
    
    The assembly or AppDomain that failed was:
    mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionString></Exception></TraceRecord>
    System.ServiceModel Error: 131075 : <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Error"><TraceIdentifier>http://msdn.microsoft.com/en-NZ/library/System.ServiceModel.Diagnostics.ThrowingException.aspx</TraceIdentifier><Description>Throwing an exception.</Description><AppDomain>/LM/W3SVC/3/ROOT-1-131164864670874625</AppDomain><Exception><ExceptionType>System.ServiceModel.FaultException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType><Message>Access is denied.</Message><StackTrace>   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]&amp;amp; outputs)
       at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc&amp;amp; rpc)
       at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc&amp;amp; rpc)
       at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc&amp;amp; rpc)
       at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
       at System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(RequestContext request, Boolean cleanThread, OperationContext currentOperationContext)
       at System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(RequestContext request, OperationContext currentOperationContext)
       at System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(IAsyncResult result)
       at System.Runtime.Fx.AsyncThunk.UnhandledExceptionFrame(IAsyncResult result)
       at System.Runtime.AsyncResult.Complete(Boolean completedSynchronously)
       at System.Runtime.InputQueue`1.AsyncQueueReader.Set(Item item)
       at System.Runtime.InputQueue`1.EnqueueAndDispatch(Item item, Boolean canDispatchOnThisThread)
       at System.Runtime.InputQueue`1.EnqueueAndDispatch(T item, Action dequeuedCallback, Boolean canDispatchOnThisThread)
       at System.ServiceModel.Channels.SingletonChannelAcceptor`3.Enqueue(QueueItemType item, Action dequeuedCallback, Boolean canDispatchOnThisThread)
       at System.ServiceModel.Channels.HttpChannelListener.HttpContextReceived(HttpRequestContext context, Action callback)
       at System.ServiceModel.Activation.HostedHttpTransportManager.HttpContextReceived(HostedHttpRequestAsyncResult result)
       at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest()
       at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()
       at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequest(Object state)
       at System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
       at System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
       at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
    </StackTrace><ExceptionString>System.ServiceModel.FaultException: Access is denied.</ExceptionString></Exception></TraceRecord>
    System.ServiceModel Information: 131076 : <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Information"><TraceIdentifier>http://msdn.microsoft.com/en-NZ/library/System.ServiceModel.Diagnostics.TraceHandledException.aspx</TraceIdentifier><Description>Handling an exception.</Description><AppDomain>/LM/W3SVC/3/ROOT-1-131164864670874625</AppDomain><Exception><ExceptionType>System.ServiceModel.FaultException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType><Message>Access is denied.</Message><StackTrace>   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]&amp;amp; outputs)
       at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc&amp;amp; rpc)
       at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc&amp;amp; rpc)
       at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc&amp;amp; rpc)
       at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)</StackTrace><ExceptionString>System.ServiceModel.FaultException: Access is denied.
       at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]&amp;amp; outputs)
       at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc&amp;amp; rpc)
       at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc&amp;amp; rpc)
       at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc&amp;amp; rpc)
       at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)</ExceptionString></Exception></TraceRecord>
    I cant find anything helpful online that can help me trouble shoot this error.


    Yours Sincerely, Kian, Ting



    • Edited by Kian, Ting Wednesday, August 24, 2016 9:47 PM trying to delete this question as it is posted in the wrong forum category
    Wednesday, August 24, 2016 4:36 AM

Answers

All replies