DotNet Core HttpSys Windows Authentication - Double Hop IssueProgrammatic WCF based access to SQL Server Reporting Services 2010 web servicesDouble hop issue with IIS and SSRSSSRS Double Hop Authentication?SSRS 2016 Native Double-Hop Windows AuthenticationEquivalent to AssemblyInfo in dotnet core/csproj.NET Core - When to use “dotnet new sln”Angular 2 & dotnet core integrated windows authenticationHttpClient as singleton in dotnet coreDotnet Core authentication CorrelationFailedAuthentication for dotnet core SPA template
Can I cast Sunbeam if both my hands are busy?
Why did they ever make smaller than full-frame sensors?
Gas pipes - why does gas burn "outwards?"
How do you build a Dominant 7th chord?
Are there any instances of members of different Hogwarts houses coupling up and marrying each other?
Is it possible to PIVOT on a LIKE statement
Exact Brexit date and consequences
Can I toggle Do Not Disturb on/off on my Mac as easily as I can on my iPhone?
Is it appropriate for a professor to require students to sign a non-disclosure agreement before being taught?
Double it your way
Using the pipe operator ("|") when executing system commands
What is the purpose of libraries like Pyomo and Google OR tools?
Kerning feedback on logo
Do any aircraft carry boats?
Creating a Master Image to roll out to 30 new Machines Licensing Issues
Is there a standard terminology for female equivalents of terms such as 'Kingdom' and if so, what are the most common terms?
Which ping implementation is Cygwin using?
Are Democrats more likely to believe Astrology is a science?
Renewed US passport, did not receive expired US passport
Can I use ratchet straps to lift a dolly into a truck bed?
What's the biggest organic molecule that could have a smell?
Kingdom Map and Travel Pace
Why should I always enable compiler warnings?
Why did it become so much more expensive to start a university?
DotNet Core HttpSys Windows Authentication - Double Hop Issue
Programmatic WCF based access to SQL Server Reporting Services 2010 web servicesDouble hop issue with IIS and SSRSSSRS Double Hop Authentication?SSRS 2016 Native Double-Hop Windows AuthenticationEquivalent to AssemblyInfo in dotnet core/csproj.NET Core - When to use “dotnet new sln”Angular 2 & dotnet core integrated windows authenticationHttpClient as singleton in dotnet coreDotnet Core authentication CorrelationFailedAuthentication for dotnet core SPA template
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
We have Micro Services being developed on Service Fabric platform that are deployed on stand alone local cluster. We have a website, that is configured to use windows authentication and then the logged in User is impersonated to fetch SSRS reports. We have used HttpSys to build the web host. And we are facing double hop issue when website is accessed from any server other than app box itself.
Code looks like below for stateless service :
protected override IEnumerable<ServiceInstanceListener> CreateServiceInstanceListeners()
return new ServiceInstanceListener[]
new ServiceInstanceListener(serviceContext =>
new HttpSysCommunicationListener(serviceContext, "ServiceEndpoint", (url, listener) =>
return new WebHostBuilder()
.UseHttpSys(
options =>
options.Authentication.Schemes = AuthenticationSchemes.Negotiate
)
.ConfigureServices(
services => services
.AddSingleton<StatelessServiceContext>(serviceContext))
.UseContentRoot(Directory.GetCurrentDirectory())
.UseStartup<Startup>()
.UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None)
.UseUrls(url)
.Build();
))
;
In Startup.cs:
public void ConfigureServices(IServiceCollection services)
services.AddAuthenticationCore(options =>
options.DefaultScheme = HttpSysDefaults.AuthenticationScheme;
);
SSRS Call:
if (User.Identity is WindowsIdentity currentUser)
WindowsIdentity.RunImpersonated(currentUser.AccessToken, () =>
var reportServer = ReportServer();
var trustedUserHeader = new ReportService2010.TrustedUserHeader();
reportServer.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Identification;
var items = reportServer.ListChildrenAsync(trustedUserHeader, ReportFolder, true).Result;
);
We have tried everything. All the SPNs are properly created. We already have a legacy Silverlight website which is working alright and works on same basis of windows authentication and impersonate user to fetch SSRS reports.
Just to verify if issue is with how service fabric creates services, I created stand alone DotNet core website using HttpSys self host server. Still same issue.
I tried to find online, but there is no documentation or any other person that have faced similar issue.
The HTTP request is unauthorized with client authentication scheme
'Ntlm'. The authentication header received from the server was 'NTLM'.
reporting-services .net-core azure-service-fabric service-fabric-on-premises httpsys
asked Mar 28 at 8:58
Dharmesh TailorDharmesh Tailor
2181 silver badge9 bronze badges
add a comment |
We have Micro Services being developed on Service Fabric platform that are deployed on stand alone local cluster. We have a website, that is configured to use windows authentication and then the logged in User is impersonated to fetch SSRS reports. We have used HttpSys to build the web host. And we are facing double hop issue when website is accessed from any server other than app box itself.
Code looks like below for stateless service :
protected override IEnumerable<ServiceInstanceListener> CreateServiceInstanceListeners()
return new ServiceInstanceListener[]
new ServiceInstanceListener(serviceContext =>
new HttpSysCommunicationListener(serviceContext, "ServiceEndpoint", (url, listener) =>
return new WebHostBuilder()
.UseHttpSys(
options =>
options.Authentication.Schemes = AuthenticationSchemes.Negotiate
)
.ConfigureServices(
services => services
.AddSingleton<StatelessServiceContext>(serviceContext))
.UseContentRoot(Directory.GetCurrentDirectory())
.UseStartup<Startup>()
.UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None)
.UseUrls(url)
.Build();
))
;
In Startup.cs:
public void ConfigureServices(IServiceCollection services)
services.AddAuthenticationCore(options =>
options.DefaultScheme = HttpSysDefaults.AuthenticationScheme;
);
SSRS Call:
if (User.Identity is WindowsIdentity currentUser)
WindowsIdentity.RunImpersonated(currentUser.AccessToken, () =>
var reportServer = ReportServer();
var trustedUserHeader = new ReportService2010.TrustedUserHeader();
reportServer.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Identification;
var items = reportServer.ListChildrenAsync(trustedUserHeader, ReportFolder, true).Result;
);
We have tried everything. All the SPNs are properly created. We already have a legacy Silverlight website which is working alright and works on same basis of windows authentication and impersonate user to fetch SSRS reports.
Just to verify if issue is with how service fabric creates services, I created stand alone DotNet core website using HttpSys self host server. Still same issue.
I tried to find online, but there is no documentation or any other person that have faced similar issue.
The HTTP request is unauthorized with client authentication scheme
'Ntlm'. The authentication header received from the server was 'NTLM'.
reporting-services .net-core azure-service-fabric service-fabric-on-premises httpsys
asked Mar 28 at 8:58
Dharmesh TailorDharmesh Tailor
2181 silver badge9 bronze badges
add a comment |
We have Micro Services being developed on Service Fabric platform that are deployed on stand alone local cluster. We have a website, that is configured to use windows authentication and then the logged in User is impersonated to fetch SSRS reports. We have used HttpSys to build the web host. And we are facing double hop issue when website is accessed from any server other than app box itself.
Code looks like below for stateless service :
protected override IEnumerable<ServiceInstanceListener> CreateServiceInstanceListeners()
return new ServiceInstanceListener[]
new ServiceInstanceListener(serviceContext =>
new HttpSysCommunicationListener(serviceContext, "ServiceEndpoint", (url, listener) =>
return new WebHostBuilder()
.UseHttpSys(
options =>
options.Authentication.Schemes = AuthenticationSchemes.Negotiate
)
.ConfigureServices(
services => services
.AddSingleton<StatelessServiceContext>(serviceContext))
.UseContentRoot(Directory.GetCurrentDirectory())
.UseStartup<Startup>()
.UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None)
.UseUrls(url)
.Build();
))
;
In Startup.cs:
public void ConfigureServices(IServiceCollection services)
services.AddAuthenticationCore(options =>
options.DefaultScheme = HttpSysDefaults.AuthenticationScheme;
);
SSRS Call:
if (User.Identity is WindowsIdentity currentUser)
WindowsIdentity.RunImpersonated(currentUser.AccessToken, () =>
var reportServer = ReportServer();
var trustedUserHeader = new ReportService2010.TrustedUserHeader();
reportServer.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Identification;
var items = reportServer.ListChildrenAsync(trustedUserHeader, ReportFolder, true).Result;
);
We have tried everything. All the SPNs are properly created. We already have a legacy Silverlight website which is working alright and works on same basis of windows authentication and impersonate user to fetch SSRS reports.
Just to verify if issue is with how service fabric creates services, I created stand alone DotNet core website using HttpSys self host server. Still same issue.
I tried to find online, but there is no documentation or any other person that have faced similar issue.
The HTTP request is unauthorized with client authentication scheme
'Ntlm'. The authentication header received from the server was 'NTLM'.
reporting-services .net-core azure-service-fabric service-fabric-on-premises httpsys
asked Mar 28 at 8:58
Dharmesh TailorDharmesh Tailor
2181 silver badge9 bronze badges
We have Micro Services being developed on Service Fabric platform that are deployed on stand alone local cluster. We have a website, that is configured to use windows authentication and then the logged in User is impersonated to fetch SSRS reports. We have used HttpSys to build the web host. And we are facing double hop issue when website is accessed from any server other than app box itself.
Code looks like below for stateless service :
protected override IEnumerable<ServiceInstanceListener> CreateServiceInstanceListeners()
return new ServiceInstanceListener[]
new ServiceInstanceListener(serviceContext =>
new HttpSysCommunicationListener(serviceContext, "ServiceEndpoint", (url, listener) =>
return new WebHostBuilder()
.UseHttpSys(
options =>
options.Authentication.Schemes = AuthenticationSchemes.Negotiate
)
.ConfigureServices(
services => services
.AddSingleton<StatelessServiceContext>(serviceContext))
.UseContentRoot(Directory.GetCurrentDirectory())
.UseStartup<Startup>()
.UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None)
.UseUrls(url)
.Build();
))
;
In Startup.cs:
public void ConfigureServices(IServiceCollection services)
services.AddAuthenticationCore(options =>
options.DefaultScheme = HttpSysDefaults.AuthenticationScheme;
);
SSRS Call:
if (User.Identity is WindowsIdentity currentUser)
WindowsIdentity.RunImpersonated(currentUser.AccessToken, () =>
var reportServer = ReportServer();
var trustedUserHeader = new ReportService2010.TrustedUserHeader();
reportServer.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Identification;
var items = reportServer.ListChildrenAsync(trustedUserHeader, ReportFolder, true).Result;
);
We have tried everything. All the SPNs are properly created. We already have a legacy Silverlight website which is working alright and works on same basis of windows authentication and impersonate user to fetch SSRS reports.
Just to verify if issue is with how service fabric creates services, I created stand alone DotNet core website using HttpSys self host server. Still same issue.
I tried to find online, but there is no documentation or any other person that have faced similar issue.
The HTTP request is unauthorized with client authentication scheme
'Ntlm'. The authentication header received from the server was 'NTLM'.
reporting-services .net-core azure-service-fabric service-fabric-on-premises httpsys
reporting-services .net-core azure-service-fabric service-fabric-on-premises httpsys
asked Mar 28 at 8:58
Dharmesh TailorDharmesh Tailor
2181 silver badge9 bronze badges
asked Mar 28 at 8:58
Dharmesh TailorDharmesh Tailor
2181 silver badge9 bronze badges
edited Mar 28 at 22:02
Dharmesh Tailor
asked Mar 28 at 8:58
Dharmesh TailorDharmesh Tailor
2181 silver badge9 bronze badges
asked Mar 28 at 8:58
Dharmesh TailorDharmesh Tailor
2181 silver badge9 bronze badges
asked Mar 28 at 8:58
Dharmesh TailorDharmesh Tailor
2181 silver badge9 bronze badges
2181 silver badge9 bronze badges
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55393563%2fdotnet-core-httpsys-windows-authentication-double-hop-issue%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Is this question similar to what you get asked at work? Learn more about asking and sharing private information with your coworkers using Stack Overflow for Teams.
Is this question similar to what you get asked at work? Learn more about asking and sharing private information with your coworkers using Stack Overflow for Teams.
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55393563%2fdotnet-core-httpsys-windows-authentication-double-hop-issue%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
