SecurityNegotiationException in WCF Services


Many people including myself are running into this problem while sharing and running WCF samples using the .NET Framwork 3.0 RC1.  If you receive the following…


Exception
[System.ServiceModel.Security.SecurityNegotiationException] {“SOAP security negotiation with ‘http://localhost/OrderService/OrderService.svc’ for target ‘http://localhost/OrderService/OrderService.svc’ failed. See inner exception for more details.”}


Inner Exception
[System.ComponentModel.Win32Exception] {“The Security Support Provider Interface (SSPI) negotiation failed.”}


Try changing <userPrincipalName value=MACHINENAME\ASPNET /> to <servicePrincipalName value=host/localhost /> in the client config file.

Comments (3)

  1. UWCF says:

    HI, I am facing the same problem, but after changing  as you mentioned, i am getting the following Exception:

    The HTTP request is unauthorized with client authentication scheme ‘Anonymous’. The authentication header received from the server was ‘Negotiate,NTLM’.

    Can u please suggest me some thing to overcome this problem

    Thanks,

    UWCF

  2. MSDN Archive says:

    This error indicates that your WCF service (virtual directory) is configured to use windows integrated authentication.  Assuming you don’t need the windows credentials, go into into IIS and change it to use anonymous only access. (i.e. uncheck integrated authentication)

    Similar instructions can be found here:

    https://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=972933&SiteID=1

    If you’re using the integrated authentication for something in your service, you’ll need to use the appropriate userPrincipalName for your environment.  In my case, I just wanted my sample to port between machines with minimal effort and didn’t need the windows authentication for anything.  (i.e. run anonyously)

  3. We’d like to extend a big thank you to everyone who attended the first two stops of Bob &amp; Chris’

Skip to main content