Friday, August 24, 2007

Notes onto Wcf HTTP 4XX for Kerberos


System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. ---> System.Net.WebException: The remote server returned an error: (4XX)

For this and similar:

1. Check if anonymous authentication is disabled, enable only windows integrated
2. Check if computers are trusted for delegation
3. Check if user account is not marked as sensitive
4. Check if service account is trusted for delegation (that is after spn is setup for it)
5. Check service principal names correctness

Refs:
http://blogs.msdn.com/dotnetremoting/archive/2006/07/06/662599.aspx
http://blogs.neudesic.com/blogs/rinat_shagisultanov/archive/2006/08/03/206.aspx

Technorati Tags: ,
Post a Comment