locked
The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM'. RRS feed

  • Question

  • I am trying to program a VisualWebPart using Visual Studio 2010 which has to do a simple thing: invoke a web service (hosted in a remote server, NOT locally). When I execute within the Sharepoint site (version 2010, which I have published in my IIS) I get this error:
    "The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM'."
    I have been all over the web and found many related problems, but none of the solutions worked, I am pretty sure I tried them all, so I decided to post mine. Almost ALL solutions i found involves modifications in the webservice security configuration however this is not an option for me.
    Looking for a solution, I created a sample windows form and invoked the web service from it: no problems whatsoever.
    The webservice, in order to be invoked correctly, must have the following security configuration:
        <security mode="TransportCredentialOnly">
           <transport clientCredentialType="Ntlm" proxyCredentialType="Ntlm" realm="" />
           <message clientCredentialType="UserName" algorithmSuite="Default" />
        </security>
    I believe the problem is that I haven´t been able to properly set this security property to the web.config of my Sharepoint site, since I tried to put it in the security tag that appears in the web.config but still get the same error. Has anybody faced this problem and could fix it?

    • Edited by soff87 Monday, December 26, 2011 3:29 PM
    Monday, December 26, 2011 3:00 PM

Answers

All replies

  • Hi Soff87,

    Thanks for your post!

    I am trying to involve some one familiar with this topic to do some further research.

    Thanks,
    Simon


    Simon Huang

    TechNet Community Support

    Wednesday, December 28, 2011 6:41 AM
  • Hi soff87,

    Maybe you can reference to http://blogs.msdn.com/ashishme/archive/2006/11/10/ntlm-vs-kerberos-windows-communication-foundation.aspx.  It may give you some ideas.

    Cheers,

    Jeff - MSFT

    Wednesday, December 28, 2011 5:19 PM
  • Thanks, we updated to an Active Directory environment, and hitting the ""http request is unauthorized with client authentication scheme" Error.  I replaced the security node in web.config with the "soff87's" configuration and all is well.  Thanks.

        <security mode="TransportCredentialOnly">
           <transport clientCredentialType="Ntlm" proxyCredentialType="Ntlm" realm="" />
           <message clientCredentialType="UserName" algorithmSuite="Default" />
        </security>

    Phil

    Thursday, March 29, 2012 6:34 PM