When consuming a dynamics nav web service I get the following error :
The request failed with HTTP status 401: Unauthorized.
However when I try it in a browser it works . I tried the following but its still not working :
service.UseDefaultCredentials = true;
service.PreAuthenticate = true;
also :
service.Credentials = new System.Net.NetworkCredential("XXXXX", "XXXX","XXXX");
I even tried using dynamics nav acces key but also it didn't work.
Any new suggestions ?
I know this thread is more than 4 years old, but i thought if somone is currently searching for this problem he will come across this trhead, like me.
There is currently a problem with NTLM and Xamarin (at the moment i write this, the problem also exists in .net core on MacOS).
See the links:
iOS: https://github.com/xamarin/xamarin-macios/issues/7770
Android: https://developercommunity.visualstudio.com/content/problem/756697/last-visual-studio-update-brakes-ntlm-authenticati.html
The solution is to use the "MonoWebRequestHandler". For a combined Android and iOS Solution check my latest post here
I hope i could save somones time with this post!
Several things might be wrong.
Did you check what kind of authentication the Service Tier is setup to?
Is there a default company set (or are you selecting a company in the URL).
Is NTLM on or off; these are all possible reasons this error might popup.
I think you're code should be like that
service.UseDefaultCredentials = false;
service.Credentials = new System.Net.NetworkCredential("XXXXX", "XXXX","XXXX");
You must enabled NTLM setting properties authentification if you are using PHP or Java Or XAMARIN
Use NTLM Authentication
This piece of code below is working for me (I wasn't really adjusting the Service Tier - it has more or less the default settings):
service.ClientCredentials.Windows.ClientCredential.Domain = <domain>;
service.ClientCredentials.Windows.ClientCredential.UserName = <username>;
service.ClientCredentials.Windows.ClientCredential.Password = <password>;
service.ClientCredentials.Windows.AllowedImpersonationLevel =
System.Security.Principal.TokenImpersonationLevel.Delegation;
If that above doesn't work try to get rid of the domain from the NetworkCredential - just use your username and password (if the client and the server are in the same domain, obviously).
Related
I want to integrate twitter in my ASP.Net web site with C# . I want to implement a profile page in which user should be able to sign in from twitter. After clicking on "Sign Up via Twitter" Button. I have made a twitter application and i am doing this thing with OAuth. After getting user details i want to add them to my SQL Server Database(So that in future user can sign in using these details).
IT gives an exception at runtime.The exception is
The remote server returned an error:(403) Forbidden.so please answer if you have done this kind of stuff.
I have already search all around on the internet,am i doing something wrong here?
Add the following line:
request.UseDefaultCredentials = true;
This will let the application use the credentials of the logged in user to access the site. If it's returning 403, clearly it's expecting authentication.
It's also possible that you (now?) have an authenticating proxy in between you and the remote site. In which case, try:
request.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials;
Hope this helps.
I'm using the below code to create a new instance of Sharepoint datacontext:
spDataContext con = new spDataContext(new Uri("http://mysite/subsite/_vti_bin/ListData.svc"));
con.Credentials = CredentialCache.DefaultCredentials;
Then I try fetching the items by using
var result = con.testingList.ToList();
Then Below error shows:
"401 UNAUTHORIZED"
Here's the screenshot of the error:
But if I change the credentials by providing the sharepoint admin username and password, I am able to fetch the items.
con.Credentials = new NetworkCredential(username, password);
But the problem is: I want to use the current user's credentials instead of administrator account, since not all the items are supposed to be seen by current user.
Some addition information from the IIS:
At first, all authentication methods are enabled, then I tried turning off basic and digest authentication to see if it helps, but the exception still throws.
So how to fix this problem??
Check what account you are actually connecting with by inspecting a breakpoint, writing to a log or checking the server's audit trail/Logs (IIS/SharePoint) - are you sure it's a valid account and not an IUSR_xyz IIS account or something like that? Also check that you are not hitting a Kerberos "double hop" if you are working with a distributed architecture. This can often trip you up when adding another server/service to the mix.
In order to get this to work, you should configure the Authentication options in IIS as follows:
Anonymous Authentication - DISABLED
ASPNET Impersonation - DISABLED
Windows Authentication - ENABLED
You can use the CredentialCache.DefaultCredentials, but I would suggest switching from using the WCF services to using CSOM (Microsoft.SharePoint.Client).
At last the reason was:
I don't have the System.Web assembly in the class library, so the system was unable to get the CredentialCache.DefaultCredentials.
I am trying to use EWS on an Office 365 account however I get a return of (403 Forbidden)
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2013);
service.Credentials = new WebCredentials("mv003237", "correctpw","domain");
service.AutodiscoverUrl("mv003237#domain.co.uk");
To login and view the Webservices file on outlook.com/EWS/Exchange.asmx I need to authenticate with mv003237#live.domain.co.uk
I have tried several combinations of this and still get the same error message.
Has anyone had a similar experience of connecting to an office 365 account before?
My WINDOWS login for this account does have a domain of RDG-HOME but I haven't seen a domain for login into OWA.
Many thanks in advance
If you've already removed the domain name (as Matt suggested in his comment) the one thing that remains is to automatically follow redirects in the autodiscover process.
Change your last line to
service.AutodiscoverUrl("mv003237#domain.co.uk", redirect => true);
to follow the redirection response that Exchange Online sends.
So the complete sequence then becomes:
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2013);
service.Credentials = new WebCredentials("mv003237", "correctpw");
service.AutodiscoverUrl("mv003237#domain.co.uk", redirect => true);
Cannot comment due to low reputation score and hence responding as an answer.
Are you able to login into OWA with "mv003237#domain.co.uk"? If yes, have you tried by hardcoding Url instead of using Autodiscover to understand if issue is with Autodiscover or EWS. Try following instead of autodiscover call:
service.Url = new Uri(#"https://outlook.office365.com/ews/exchange.asmx");
If above works fine, subscribe to RedirectionUrlValidationCallback with AutodiscoverService and see which redirected URL is throwing 403. Or enable verbose logging with Trace* properties present on service object.
I have an intranet site which calls a POST method from another server, also on the intranet.
If I set the Authentication mode to Basic Authentication in IIS I can use the following:
HttpWebRequest oReq = (HttpWebRequest)WebRequest.Create(sURL);
oReq.ContentType = "application/x-www-form-urlencoded";
oReq.Method = "POST";
oReq.Timeout = 60000;
...
oReq.Credentials = System.Net.CredentialCache.DefaultNetworkCredentials;
...
try
{
HttpWebResponse oResp = (HttpWebResponse)oReq.GetResponse();
...
}
All of the above works as intended.
However I need to change the security to Windows Authentication in IIS, and once I do I keep getting error 401 unauthorized on this line:
try
{
HttpWebResponse oResp = (HttpWebResponse)oReq.GetResponse();
...
}
That can be fixed by changing the credentials like so:
NetworkCredential creds = new NetworkCredential("username","password","domain");
oReq.Credentials = creds;
But that's not the right way anyway. How can I get the default credentials to work for Windows Authentication also?
If you've got one web site calling out to another, you've got a 2nd hop. This is a kerberos 2nd hop problem.
The intranet site needs permission to call the 2nd site on behalf on the end user.
I'd suggest you use a tool call DelegConfig. I can't recommend it highly enough. Its a simple asp.net application that will tell you what is wrong with your kerberos setup and can tell you how to fix it (or do it itself if you want)
I've found I had to get the client to server authentication working first for it it work, but once thats there it makes working out what wrong with the next hop to UNC/http/sql etc very easy.
I'm trying to use the Facebook SDK 5.2.1 to ultimately create a test user, however even what I believe is the simple example of getting the list of test accounts isn't working for me. I get the OAuthException "An access token is required to request this resource."
Here's my code (replace APP ID and APP SECRET with my own):
FacebookOAuthClient oauth = new FacebookOAuthClient { AppId = "APP ID", AppSecret = "APP SECRET" };
dynamic tokenRes = oauth.GetApplicationAccessToken();
fbClient = new FacebookClient(tokenRes.access_token);
dynamic response = fbClient.Get("APPID/accounts/test-users");
However, I get the exception on the fbClient.Get line.
Any idea as to what's wrong?
Thanks,
Chad
After hours of trying various things and reading various web pages/blogs, I found the reason it wasn't working. In my app settings, I had my app type set to a Native/Desktop App. Changing this to Web, allows the above scenario to work. I'm not yet quite sure of what other differences exist between web vs native facebook apps. My app is certainly only being used via a desktop application and I can't understand why I need to set this to Web just to allow me to create test users.
This code works in my app:
var app = new FacebookClient(FacebookApplication.Current.AppId,
FacebookApplication.Current.AppSecret);
dynamic result = app.Post(string.Format("{0}/accounts/test-users",
FacebookApplication.Current.AppId),
new { installed = true, permissions = "user_about_me" });
The reason why you are receiving the exception OAuthException is because you have not yet got the permission of the user.
To do a Graph API call on the current user, you need to get the user to accept the permissions that you require FIRST and then do the Graph API call.
You need to get the user to a browser some how in your application, as there is not an authentication flow which doesn't require a browser window.
Check out this URL to view the authentication flows:
http://developers.facebook.com/docs/authentication/