Breeding: c# - WCF TCP Windows Authentication issue -

c# - WCF TCP Windows Authentication issue -

i have situation have 2 machines.

machine a machine b

client on machine b connects host on machine a.

client on machine b connects host on machine b.

client on machine connects host on machine b.

client on machine cannot connect host on machine a. - system.servicemodel.security.securitynegotiationexception: server has rejected client credentials.

i using windows authentication.

client:

        var nettcpbinding = new nettcpbinding()         {             security = new nettcpsecurity()             {                 mode = securitymode.transport,                 transport = new tcptransportsecurity()                 {                     clientcredentialtype = tcpclientcredentialtype.windows,                 }             },             transfermode = transfermode.streamed,             maxreceivedmessagesize = long.maxvalue,             maxbuffersize = int.maxvalue,             maxbufferpoolsize = long.maxvalue,             readerquotas = new system.xml.xmldictionaryreaderquotas()             {                 maxdepth = int.maxvalue,                 maxarraylength = int.maxvalue,                 maxstringcontentlength = int.maxvalue             },             sendtimeout = timespan.maxvalue,             receivetimeout = timespan.maxvalue         };          string endpointaddress;         if (port == 0)             endpointaddress = string.format("net.tcp://{0}/configuration", host);         else             endpointaddress = string.format("net.tcp://{0}:{1}/configuration", host, port);          console.writeline("endpoint: {0}", endpointaddress);          var  mill = new channelfactory<imychannel>(nettcpbinding);         factory.endpoint.address = new endpointaddress(new uri(endpointaddress), new dnsendpointidentity("mydns"));          //do not verify         factory.credentials.servicecertificate.authentication.certificatevalidationmode = system.servicemodel.security.x509certificatevalidationmode.none;          factory.credentials.windows.clientcredential.domain = domain;         factory.credentials.windows.clientcredential.username = username;         factory.credentials.windows.clientcredential.password = password;          //console.writeline("opening channel  mill ... ");         factory.open();

host:

    #region init      //set configuration file  1 time     if (channelservices.registeredchannels.length == 0)     {         remotingconfiguration.configure(appdomain.currentdomain.setupinformation.configurationfile, false);     }      _servicehost = null;     _servicehost = new servicehost(typeof(mychannel));     _servicehost.adddefaultendpoints();      // build list local ip addresses bind     var localipaddresses = new list<ipaddress>(dns.gethostaddresses(dns.gethostname()));     if (ipaddress.loopback != null)         localipaddresses.add(ipaddress.loopback);     localipaddresses.removeall(i => i.addressfamily != addressfamily.internetwork);      // enable metadata exchange bahaviour     //  add together metadatabehaviour in case http not enabled     var metadatabehaviour = _servicehost.description.behaviors.find<servicemetadatabehavior>();     if (metadatabehaviour == null)     {         metadatabehaviour = new servicemetadatabehavior();         _servicehost.description.behaviors.add(metadatabehaviour);     }      var credentialsbehaviour = _servicehost.description.behaviors.find<servicecredentials>();     if (credentialsbehaviour == null)     {         credentialsbehaviour = new servicecredentials();         _servicehost.description.behaviors.add(credentialsbehaviour);     }      var servicedebug = _servicehost.description.behaviors.find<servicedebugbehavior>();     if (servicedebug == null)     {         servicedebug = new servicedebugbehavior();         _servicehost.description.behaviors.add(servicedebug);     }     servicedebug.includeexceptiondetailinfaults = true;      var tcpport = "9096";      _log.info("tcpport - {0}", tcpport);      var nettcpbinding = new nettcpbinding()     {         security = new nettcpsecurity()         {             mode = securitymode.transport,             transport = new tcptransportsecurity()             {                 clientcredentialtype = tcpclientcredentialtype.windows,             }         },         transfermode = transfermode.streamed,         maxreceivedmessagesize = long.maxvalue,         maxbuffersize = int.maxvalue,         maxbufferpoolsize = long.maxvalue,         readerquotas = new system.xml.xmldictionaryreaderquotas()         {             maxdepth = int.maxvalue,             maxarraylength = int.maxvalue,             maxstringcontentlength = int.maxvalue         },         sendtimeout = timespan.maxvalue,         receivetimeout = timespan.maxvalue     };      var endpoint = _servicehost.addserviceendpoint(         typeof(imychannel),         nettcpbinding,         new uri(string.format("net.tcp://0:{0}/configuration", tcpport)));      servicesecurityauditbehavior newaudit = new servicesecurityauditbehavior();     newaudit.auditloglocation = auditloglocation.application;     newaudit.messageauthenticationauditlevel = auditlevel.successorfailure;     newaudit.serviceauthorizationauditlevel = auditlevel.successorfailure;     newaudit.suppressauditfailure = false;      _servicehost.addserviceendpoint(servicemetadatabehavior.mexcontractname,         metadataexchangebindings.createmextcpbinding(),         string.format("net.tcp://localhost:{0}/configuration/mex", tcpport));      _servicehost.description.behaviors.remove<servicesecurityauditbehavior>();     _servicehost.description.behaviors.add(newaudit);      _servicehost.opening += (sender, eventargs) => _log.info("opening connection ...");     _servicehost.opened += (sender, eventargs) => _log.info("opened connection ...");      _servicehost.closing += (sender, eventargs) => _log.info("closing connection ...");     _servicehost.closed += (sender, eventargs) => _log.info("closed connection ...");      _servicehost.faulted += (sender, eventargs) => _log.error("fault detected on wcf host");      _servicehost.open();     #endregion

here total stack trace:

system.servicemodel.security.securitynegotiationexception: server has reject ed client credentials. ---> system.security.authentication.invalidcredential exception: server has rejected client credentials. ---> system.component model.win32exception: logon effort failed --- end of inner exception stack trace --- @ system.net.security.negostate.processreceivedblob(byte[] message, lazyasyn cresult lazyresult) @ system.net.security.negostate.startsendblob(byte[] message, lazyasyncresul t lazyresult) @ system.net.security.negostate.checkcompletionbeforenextsend(byte[] message , lazyasyncresult lazyresult) @ system.net.security.negostate.processreceivedblob(byte[] message, lazyasyn cresult lazyresult) @ system.net.security.negostate.startsendblob(byte[] message, lazyasyncresul t lazyresult) @ system.net.security.negostate.processauthentication(lazyasyncresult lazyre sult) @ system.net.security.negotiatestream.authenticateasclient(networkcredential credential, string targetname, protectionlevel requiredprotectionlevel, tokenim personationlevel allowedimpersonationlevel) @ system.servicemodel.channels.windowsstreamsecurityupgradeprovider.windowss treamsecurityupgradeinitiator.oninitiateupgrade(stream stream, securitymessagepr operty& remotesecurity) --- end of inner exception stack trace ---

server stack trace: @ system.servicemodel.channels.windowsstreamsecurityupgradeprovider.windowss treamsecurityupgradeinitiator.oninitiateupgrade(stream stream, securitymessagepr operty& remotesecurity) @ system.servicemodel.channels.streamsecurityupgradeinitiatorbase.initiateup grade(stream stream) @ system.servicemodel.channels.connectionupgradehelper.initiateupgrade(strea mupgradeinitiator upgradeinitiator, iconnection& connection, clientframingdecode r decoder, idefaultcommunicationtimeouts defaulttimeouts, timeouthelper& timeout helper) @ system.servicemodel.channels.streamedframingrequestchannel.sendpreamble(ic onnection connection, timeouthelper& timeouthelper, clientframingdecoder decoder , securitymessageproperty& remotesecurity) @ system.servicemodel.channels.streamedframingrequestchannel.streamedconnect ionpoolhelper.acceptpooledconnection(iconnection connection, timeouthelper& time outhelper) @ system.servicemodel.channels.connectionpoolhelper.establishconnection(time span timeout) @ system.servicemodel.channels.streamedframingrequestchannel.streamedframing request.sendrequest(message message, timespan timeout) @ system.servicemodel.channels.requestchannel.request(message message, times pan timeout) @ system.servicemodel.channels.servicechannel.call(string action, boolean on eway, proxyoperationruntime operation, object[] ins, object[] outs, timespan tim eout) @ system.servicemodel.channels.servicechannelproxy.invokeservice(imethodcall message methodcall, proxyoperationruntime operation) @ system.servicemodel.channels.servicechannelproxy.invoke(imessage message)

exception rethrown @ [0]: @ system.runtime.remoting.proxies.realproxy.handlereturnmessage(imessage req msg, imessage retmsg) @ system.runtime.remoting.proxies.realproxy.privateinvoke(messagedata& msgda ta, int32 type) @ myproject.testconnection() @ myproject.program.manualinput() in d:\source\myproject\program.cs:line 84

it not create sense.

any help appreciated!

thanks!

solved!

this issue dnsendpointidentity not needed windows authentication :)

c# windows wcf authentication tcp

Breeding

Wednesday, 15 February 2012

c# - WCF TCP Windows Authentication issue -

No comments:

Post a Comment