WCF security problem

SSPI indicates you're using windows authentication.

Have you created a secure principal name for service C in your domain? google the setspn command. The issue is that windows will not pass a credential from the domain to an untrusted system. You trust it by providing the secure principal name in the domain which then allows the token to be passed.

Secure Principal Name SPN Creation Tutorial


You are encountering what's called the Double Hop problem. http://blogs.msdn.com/knowledgecast/archive/2007/01/31/the-double-hop-problem.aspx. The solution is generally to use Kerberos authentication, which as Spence says, involves things like SPNs.


Comments

  1. Melvin

    • 2019/5/16

    In the following sections, I'll show you how to configure WCF security and then take initialize the values you want to enforce, and issue the Demand().

  2. Muhammad

    • 2018/2/7

    I have an app that accesses a WCF service on a server which is hosted in a console app. I don't have a problem there, it's when I try access another service from the console app that's on yet another server that i have the problem. I'm using TCP to connect and i'm using all the default security values.

  3. Kendrick

    • 2017/12/16

    with two security modes or levels so that only an intended client can access the services. The security threats that are common in a distributed transaction are moderated to a large extent by WCF.

  4. Maddox

    • 2017/5/16

    wcf security problem. Archived Forums > Windows Communication Foundation, Serialization, and Networking. Windows Communication Foundation, Serialization, and

  5. Luca

    • 2015/6/25

    out of the box: it supports not only transport security (using SSL and https to secure your link, like ASMX) but also supports message encryption, and messages are by default encrypted and digitally signed.

  6. Braxton

    • 2017/12/23

    As for the WCF service, have you tried enabling tracing at server-side(the WCF service) to see whether the WCF service model layer has captured any internal error? Or if the tracing hasn't provided much info, it is likely the problem is related to the windows security authentication infrastructure. btw, you can also try the following code to explicitly supply NTLM credentails to see whether it works:

  7. Zyon

    • 2020/10/5

    ." Two additional modes are specific to two bindings: the "transport-credential only" mode found on the BasicHttpBinding, and the "Both"

  8. Kyle

    • 2021/6/20

    This error message occurs when "Windows Communication Foundation HTTP Activation" is not explicitly set in the Control Panel. To set this go to the Control Panel, click Programs in the lower left-hand corner of the window. Click Turn Windows features on or off.

  9. Anderson

    • 2018/6/3

    my problem is not wcf performance but authentication with certificate which cause wcf have poor performance. i use certificate authentication:.

  10. Rossetti

    • 2020/2/14

    WCF security problems with named pipes. I have a slightly complicated setup that, of course, works fine in XP, but chokes on Windows 7. It may seem like madness, but it made sense at the time! I have a WPF application that launches and then launches another application that communicates with an external device.

  11. Brooks

    • 2015/12/11

    SSPI indicates you're using windows authentication. Have you created a secure principal name for service C in your domain? google the setspn 

  12. Esposito

    • 2016/2/9

    WCF Security Problem with UserName clientCredentialType I have a problem! I wrote the code for a simple WCF Service and with the configuration #1 all works fine.

  13. Madden

    • 2016/10/4

    IIRC, you must use transport security (HTTPS) otherwise WCF will not use The error message indicates the client configuration does not 

  14. Devin

    • 2016/11/6

    I am trying to debug a WCF service. This client has been able to connect When I set security mode=none, and increase the timeout, the error changes to

  15. Prifti

    • 2021/2/10

    On the client side, the allowed HTTP bindings demand permission to execute (security permission with execution flag) and permission to connect to the 

Comments are closed.

Recent Posts