SOAP security negotiation with ” for target ” failed

{"SOAP security negotiation with ‘http://localhost:8080/service1′ for target ‘http://localhost:8080/service1′ failed. See inner exception for more details."}

{"The Security Support Provider Interface (SSPI) negotiation failed."}

HRESULT -2146893052 0x80090304 "The Local Security Authority cannot be contacted."

If this happens to you while you demo the "Hello World!" Windows Communication Foundation RC1 example service, you’re not alone.

It looks like you tested within a Windows domain or Active Directory environment and are now running in class outside of your domain, yet with your domain account.

By default, "WCF Service Library" configures wsHttpBinding, which is secure by default using message encryption using Windows’s SSPI, which in turn, I guess, depends on the availability of a "Local Security Authority".

Solution: Get a link to a domain controller for your account or use an insecure binding or configure client and server to run using a local account.

 

So it goes to show, thou shall test in the final environment, always. And find out what happens to your security infrastructure if the connection to a domain controller is momentarily not available.

 

I was giving a presentation on Windows Communication Foundation when I was hit hard by this thing.

Boy, I am so not the expert! Now I wonder if anybody is, given the vast breadth and depth of that WCF thing, with those bells and whistles all over the place.

Also, if you want to make the PDC 2005 samples work, look for Breaking Changes. If you get Steve Swartz’s COM417 "extended everywhere" sample to work, drop me a line. This would so demo nicely.

Advertisements
This entry was posted in Coding Horror. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s