SecurityNegotiationException on a disconnected domain client

Question

SecurityNegotiationException on a disconnected domain client

When I start the WCF service on my development machine, it works as long as the client is connected to the domain.

When the device is disconnected, I get the following exception:

System.ServiceModel.Security.SecurityNegotiationException: SSPI call failed, see internal exception. System.Security.Authentication.AuthenticationException: SSPI call failed, see Internal Exception. ---> System.ComponentModel.Win32Exception: the system detected a possible attempt to compromise security. Verify that you can contact the authenticated server.

The service uses internal protection ( <transport clientCredentialType="Windows" protectionLevel="None"/>), so I can’t easily disable it.

Is there a way around this problem so that I can check the service when I am not connected?

+3

.net wcf wcf-security

laktak Mar 04 '10 at 7:43

source share

3 answers

UserPrincipal ( app.config)

<identity>
    <userPrincipalName value="SOME-DOMAIN\SomeUser" />
</identity>

+3

Dane Balia 30 . '13 19:18

,

-

http://blogs.msdn.com/b/jpsanders/archive/2010/10/14/wcf-client-inner-exception-quot-the-security-support-provider-interface-sspi-negotiation-failed-quot.aspx

0

vibhu 06 . '13 19:21

marc_s · Accepted Answer · 2010-03-04T07:49:44+0000

Probably will not work if it is not connected to the domain.

The standard WCF protection for multiple bindings is “Windows,” for example. your current user credentials are passed to the WCF service, and then the service tries to verify these user credentials in the Windows domain.

If you are not connected, this check is not possible, so the WCF service will refuse the call. It works as I thought :-)

, ( " " ), Windows? , , .

SecurityNegotiationException on a disconnected domain client

More articles: