DotNet Core HttpSys Windows Authentication - Double Hop IssueProgrammatic WCF based access to SQL Server Reporting Services 2010 web servicesDouble hop issue with IIS and SSRSSSRS Double Hop Authentication?SSRS 2016 Native Double-Hop Windows AuthenticationEquivalent to AssemblyInfo in dotnet core/csproj.NET Core - When to use “dotnet new sln”Angular 2 & dotnet core integrated windows authenticationHttpClient as singleton in dotnet coreDotnet Core authentication CorrelationFailedAuthentication for dotnet core SPA template

Can I cast Sunbeam if both my hands are busy?

Why did they ever make smaller than full-frame sensors?

Gas pipes - why does gas burn "outwards?"

How do you build a Dominant 7th chord?

Are there any instances of members of different Hogwarts houses coupling up and marrying each other?

Is it possible to PIVOT on a LIKE statement

Exact Brexit date and consequences

Can I toggle Do Not Disturb on/off on my Mac as easily as I can on my iPhone?

Is it appropriate for a professor to require students to sign a non-disclosure agreement before being taught?

Double it your way

Using the pipe operator ("|") when executing system commands

What is the purpose of libraries like Pyomo and Google OR tools?

Kerning feedback on logo

Do any aircraft carry boats?

Creating a Master Image to roll out to 30 new Machines Licensing Issues

Is there a standard terminology for female equivalents of terms such as 'Kingdom' and if so, what are the most common terms?

Which ping implementation is Cygwin using?

Are Democrats more likely to believe Astrology is a science?

Renewed US passport, did not receive expired US passport

Can I use ratchet straps to lift a dolly into a truck bed?

What's the biggest organic molecule that could have a smell?

Kingdom Map and Travel Pace

Why should I always enable compiler warnings?

Why did it become so much more expensive to start a university?



DotNet Core HttpSys Windows Authentication - Double Hop Issue


Programmatic WCF based access to SQL Server Reporting Services 2010 web servicesDouble hop issue with IIS and SSRSSSRS Double Hop Authentication?SSRS 2016 Native Double-Hop Windows AuthenticationEquivalent to AssemblyInfo in dotnet core/csproj.NET Core - When to use “dotnet new sln”Angular 2 & dotnet core integrated windows authenticationHttpClient as singleton in dotnet coreDotnet Core authentication CorrelationFailedAuthentication for dotnet core SPA template






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








0















We have Micro Services being developed on Service Fabric platform that are deployed on stand alone local cluster. We have a website, that is configured to use windows authentication and then the logged in User is impersonated to fetch SSRS reports. We have used HttpSys to build the web host. And we are facing double hop issue when website is accessed from any server other than app box itself.



Code looks like below for stateless service :



protected override IEnumerable<ServiceInstanceListener> CreateServiceInstanceListeners()

return new ServiceInstanceListener[]

new ServiceInstanceListener(serviceContext =>
new HttpSysCommunicationListener(serviceContext, "ServiceEndpoint", (url, listener) =>

return new WebHostBuilder()
.UseHttpSys(
options =>

options.Authentication.Schemes = AuthenticationSchemes.Negotiate
)
.ConfigureServices(
services => services
.AddSingleton<StatelessServiceContext>(serviceContext))
.UseContentRoot(Directory.GetCurrentDirectory())
.UseStartup<Startup>()
.UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None)
.UseUrls(url)
.Build();
))
;



In Startup.cs:



public void ConfigureServices(IServiceCollection services)

services.AddAuthenticationCore(options =>

options.DefaultScheme = HttpSysDefaults.AuthenticationScheme;
);



SSRS Call:



if (User.Identity is WindowsIdentity currentUser)

WindowsIdentity.RunImpersonated(currentUser.AccessToken, () =>

var reportServer = ReportServer();
var trustedUserHeader = new ReportService2010.TrustedUserHeader();
reportServer.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Identification;
var items = reportServer.ListChildrenAsync(trustedUserHeader, ReportFolder, true).Result;
);



We have tried everything. All the SPNs are properly created. We already have a legacy Silverlight website which is working alright and works on same basis of windows authentication and impersonate user to fetch SSRS reports.



Just to verify if issue is with how service fabric creates services, I created stand alone DotNet core website using HttpSys self host server. Still same issue.



I tried to find online, but there is no documentation or any other person that have faced similar issue.




The HTTP request is unauthorized with client authentication scheme
'Ntlm'. The authentication header received from the server was 'NTLM'.











share|improve this question
































    0















    We have Micro Services being developed on Service Fabric platform that are deployed on stand alone local cluster. We have a website, that is configured to use windows authentication and then the logged in User is impersonated to fetch SSRS reports. We have used HttpSys to build the web host. And we are facing double hop issue when website is accessed from any server other than app box itself.



    Code looks like below for stateless service :



    protected override IEnumerable<ServiceInstanceListener> CreateServiceInstanceListeners()

    return new ServiceInstanceListener[]

    new ServiceInstanceListener(serviceContext =>
    new HttpSysCommunicationListener(serviceContext, "ServiceEndpoint", (url, listener) =>

    return new WebHostBuilder()
    .UseHttpSys(
    options =>

    options.Authentication.Schemes = AuthenticationSchemes.Negotiate
    )
    .ConfigureServices(
    services => services
    .AddSingleton<StatelessServiceContext>(serviceContext))
    .UseContentRoot(Directory.GetCurrentDirectory())
    .UseStartup<Startup>()
    .UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None)
    .UseUrls(url)
    .Build();
    ))
    ;



    In Startup.cs:



    public void ConfigureServices(IServiceCollection services)

    services.AddAuthenticationCore(options =>

    options.DefaultScheme = HttpSysDefaults.AuthenticationScheme;
    );



    SSRS Call:



    if (User.Identity is WindowsIdentity currentUser)

    WindowsIdentity.RunImpersonated(currentUser.AccessToken, () =>

    var reportServer = ReportServer();
    var trustedUserHeader = new ReportService2010.TrustedUserHeader();
    reportServer.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Identification;
    var items = reportServer.ListChildrenAsync(trustedUserHeader, ReportFolder, true).Result;
    );



    We have tried everything. All the SPNs are properly created. We already have a legacy Silverlight website which is working alright and works on same basis of windows authentication and impersonate user to fetch SSRS reports.



    Just to verify if issue is with how service fabric creates services, I created stand alone DotNet core website using HttpSys self host server. Still same issue.



    I tried to find online, but there is no documentation or any other person that have faced similar issue.




    The HTTP request is unauthorized with client authentication scheme
    'Ntlm'. The authentication header received from the server was 'NTLM'.











    share|improve this question




























      0












      0








      0








      We have Micro Services being developed on Service Fabric platform that are deployed on stand alone local cluster. We have a website, that is configured to use windows authentication and then the logged in User is impersonated to fetch SSRS reports. We have used HttpSys to build the web host. And we are facing double hop issue when website is accessed from any server other than app box itself.



      Code looks like below for stateless service :



      protected override IEnumerable<ServiceInstanceListener> CreateServiceInstanceListeners()

      return new ServiceInstanceListener[]

      new ServiceInstanceListener(serviceContext =>
      new HttpSysCommunicationListener(serviceContext, "ServiceEndpoint", (url, listener) =>

      return new WebHostBuilder()
      .UseHttpSys(
      options =>

      options.Authentication.Schemes = AuthenticationSchemes.Negotiate
      )
      .ConfigureServices(
      services => services
      .AddSingleton<StatelessServiceContext>(serviceContext))
      .UseContentRoot(Directory.GetCurrentDirectory())
      .UseStartup<Startup>()
      .UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None)
      .UseUrls(url)
      .Build();
      ))
      ;



      In Startup.cs:



      public void ConfigureServices(IServiceCollection services)

      services.AddAuthenticationCore(options =>

      options.DefaultScheme = HttpSysDefaults.AuthenticationScheme;
      );



      SSRS Call:



      if (User.Identity is WindowsIdentity currentUser)

      WindowsIdentity.RunImpersonated(currentUser.AccessToken, () =>

      var reportServer = ReportServer();
      var trustedUserHeader = new ReportService2010.TrustedUserHeader();
      reportServer.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Identification;
      var items = reportServer.ListChildrenAsync(trustedUserHeader, ReportFolder, true).Result;
      );



      We have tried everything. All the SPNs are properly created. We already have a legacy Silverlight website which is working alright and works on same basis of windows authentication and impersonate user to fetch SSRS reports.



      Just to verify if issue is with how service fabric creates services, I created stand alone DotNet core website using HttpSys self host server. Still same issue.



      I tried to find online, but there is no documentation or any other person that have faced similar issue.




      The HTTP request is unauthorized with client authentication scheme
      'Ntlm'. The authentication header received from the server was 'NTLM'.











      share|improve this question
















      We have Micro Services being developed on Service Fabric platform that are deployed on stand alone local cluster. We have a website, that is configured to use windows authentication and then the logged in User is impersonated to fetch SSRS reports. We have used HttpSys to build the web host. And we are facing double hop issue when website is accessed from any server other than app box itself.



      Code looks like below for stateless service :



      protected override IEnumerable<ServiceInstanceListener> CreateServiceInstanceListeners()

      return new ServiceInstanceListener[]

      new ServiceInstanceListener(serviceContext =>
      new HttpSysCommunicationListener(serviceContext, "ServiceEndpoint", (url, listener) =>

      return new WebHostBuilder()
      .UseHttpSys(
      options =>

      options.Authentication.Schemes = AuthenticationSchemes.Negotiate
      )
      .ConfigureServices(
      services => services
      .AddSingleton<StatelessServiceContext>(serviceContext))
      .UseContentRoot(Directory.GetCurrentDirectory())
      .UseStartup<Startup>()
      .UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None)
      .UseUrls(url)
      .Build();
      ))
      ;



      In Startup.cs:



      public void ConfigureServices(IServiceCollection services)

      services.AddAuthenticationCore(options =>

      options.DefaultScheme = HttpSysDefaults.AuthenticationScheme;
      );



      SSRS Call:



      if (User.Identity is WindowsIdentity currentUser)

      WindowsIdentity.RunImpersonated(currentUser.AccessToken, () =>

      var reportServer = ReportServer();
      var trustedUserHeader = new ReportService2010.TrustedUserHeader();
      reportServer.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Identification;
      var items = reportServer.ListChildrenAsync(trustedUserHeader, ReportFolder, true).Result;
      );



      We have tried everything. All the SPNs are properly created. We already have a legacy Silverlight website which is working alright and works on same basis of windows authentication and impersonate user to fetch SSRS reports.



      Just to verify if issue is with how service fabric creates services, I created stand alone DotNet core website using HttpSys self host server. Still same issue.



      I tried to find online, but there is no documentation or any other person that have faced similar issue.




      The HTTP request is unauthorized with client authentication scheme
      'Ntlm'. The authentication header received from the server was 'NTLM'.








      reporting-services .net-core azure-service-fabric service-fabric-on-premises httpsys






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Mar 28 at 22:02







      Dharmesh Tailor

















      asked Mar 28 at 8:58









      Dharmesh TailorDharmesh Tailor

      2181 silver badge9 bronze badges




      2181 silver badge9 bronze badges

























          0






          active

          oldest

          votes










          Your Answer






          StackExchange.ifUsing("editor", function ()
          StackExchange.using("externalEditor", function ()
          StackExchange.using("snippets", function ()
          StackExchange.snippets.init();
          );
          );
          , "code-snippets");

          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "1"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );














          draft saved

          draft discarded
















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55393563%2fdotnet-core-httpsys-windows-authentication-double-hop-issue%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes




          Is this question similar to what you get asked at work? Learn more about asking and sharing private information with your coworkers using Stack Overflow for Teams.







          Is this question similar to what you get asked at work? Learn more about asking and sharing private information with your coworkers using Stack Overflow for Teams.




















          draft saved

          draft discarded















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55393563%2fdotnet-core-httpsys-windows-authentication-double-hop-issue%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Kamusi Yaliyomo Aina za kamusi | Muundo wa kamusi | Faida za kamusi | Dhima ya picha katika kamusi | Marejeo | Tazama pia | Viungo vya nje | UrambazajiKuhusu kamusiGo-SwahiliWiki-KamusiKamusi ya Kiswahili na Kiingerezakuihariri na kuongeza habari

          Swift 4 - func physicsWorld not invoked on collision? The Next CEO of Stack OverflowHow to call Objective-C code from Swift#ifdef replacement in the Swift language@selector() in Swift?#pragma mark in Swift?Swift for loop: for index, element in array?dispatch_after - GCD in Swift?Swift Beta performance: sorting arraysSplit a String into an array in Swift?The use of Swift 3 @objc inference in Swift 4 mode is deprecated?How to optimize UITableViewCell, because my UITableView lags

          Access current req object everywhere in Node.js ExpressWhy are global variables considered bad practice? (node.js)Using req & res across functionsHow do I get the path to the current script with Node.js?What is Node.js' Connect, Express and “middleware”?Node.js w/ express error handling in callbackHow to access the GET parameters after “?” in Express?Modify Node.js req object parametersAccess “app” variable inside of ExpressJS/ConnectJS middleware?Node.js Express app - request objectAngular Http Module considered middleware?Session variables in ExpressJSAdd properties to the req object in expressjs with Typescript