|
Home > Archive > BizTalk Server Orchestration > January 2005 > getting 401 unauthorized error.
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
getting 401 unauthorized error.
|
|
| Mike Hennessy 2005-01-14, 5:49 pm |
| I am trying to expose an orchestration as a web-service and have not been
able to call the web-service without receiving an "unauthorized" access
message.
The service itself is running under an application pool, who's idenity is an
administrator and is listed in every single one of the biztalk groups, as
well as the IIS groups. In addition, the web-service has "allow anonymous
access" selected, and I have the configured user as the administrative user.
At this point, I'm not sure how it can't be authorized, as everything should
be running under the admin account. Any ideas on what I might be missing??
| |
| Richard Blewett [DevelopMentor] 2005-01-14, 5:49 pm |
| IIS is not allowing anonymous access to the virtual directory. Either:
Supply credentials via the web service proxy in your client (assuming it is a Windows Forms or Web client) by setting
MyProxy ws = new MyProxy();
ws.Credentials = System.Net.CredentialCache.DefaultCredentials;
or allow anonymous access by going to the virtual directory properties selecting the "Directory Security" tab, Edit the anonymous access settings and check the box allowing anonymous access.
Regards
Richardr Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk
I am trying to expose an orchestration as a web-service and have not been
able to call the web-service without receiving an "unauthorized" access
message.
The service itself is running under an application pool, who's idenity is an
administrator and is listed in every single one of the biztalk groups, as
well as the IIS groups. In addition, the web-service has "allow anonymous
access" selected, and I have the configured user as the administrative user.
At this point, I'm not sure how it can't be authorized, as everything should
be running under the admin account. Any ideas on what I might be missing??
| |
| Mike Hennessy 2005-01-17, 7:47 am |
| Hi Richard. I have "anonymous access" enabled on the virtual directory. I've
actually changed the user on the anonymous access to an administrative user,
just to make sure that wasn't the issue. I CAN get to the .asmx page. If I
point my web browser to the page, it shows the method I want to invoke.
It's only when I am invoking the method from my "test" web application that
I get this .404 UnAuthorized Access...so it seems to be a security setting
lower down in the stack.
Any other ideas that could be causing this?? Also, I have configured the
application pool with the same administrative user, and I've also placed
this user in every single BizTalk User Group.
Thanks
"Richard Blewett [DevelopMentor]" <richardb@NOSPAMdevelop.com> wrote in
message news:%23U6SKJp%23EHA.3328@TK2MSFTNGP10.phx.gbl...
> IIS is not allowing anonymous access to the virtual directory. Either:
>
> Supply credentials via the web service proxy in your client (assuming it
is a Windows Forms or Web client) by setting
>
> MyProxy ws = new MyProxy();
> ws.Credentials = System.Net.CredentialCache.DefaultCredentials;
>
> or allow anonymous access by going to the virtual directory properties
selecting the "Directory Security" tab, Edit the anonymous access settings
and check the box allowing anonymous access.
>
> Regards
>
> Richardr Blewett - DevelopMentor
> http://www.dotnetconsult.co.uk/weblog
> http://www.dotnetconsult.co.uk
>
> I am trying to expose an orchestration as a web-service and have not
been
> able to call the web-service without receiving an "unauthorized" access
> message.
>
> The service itself is running under an application pool, who's idenity is
an
> administrator and is listed in every single one of the biztalk groups, as
> well as the IIS groups. In addition, the web-service has "allow anonymous
> access" selected, and I have the configured user as the administrative
user.
>
> At this point, I'm not sure how it can't be authorized, as everything
should
> be running under the admin account. Any ideas on what I might be
missing??
>
| |
| Mike Hennessy 2005-01-17, 5:53 pm |
| Some progress made. I'm no longer getting the unauthorized message...now I just get an internal SOAP error message. When I look at the event viewer, Biztalk is throwing this message:
"The Messaging Engine failed to register the adapter for "SOAP" for the receive location "/exposerfp_proxy/ exposerfp_rfporchestration_submitrfpport
.asmx". Please verify that the receive location is valid, and that the isolated adapter runs under an account that has access to the BizTalk databases."
Again...not sure where to look. The application pool which this web-service is running under IS in all the biztalk groups. The anonymous user-identity is an administror account.
Any ideas?
"Mike Hennessy" <mhennessy@brassring.com> wrote in message news:egi5XRJ$EHA.1392@tk2msftngp13.phx.gbl...
> Hi Richard. I have "anonymous access" enabled on the virtual directory. I've
> actually changed the user on the anonymous access to an administrative user,
> just to make sure that wasn't the issue. I CAN get to the .asmx page. If I
> point my web browser to the page, it shows the method I want to invoke.
>
> It's only when I am invoking the method from my "test" web application that
> I get this .404 UnAuthorized Access...so it seems to be a security setting
> lower down in the stack.
>
> Any other ideas that could be causing this?? Also, I have configured the
> application pool with the same administrative user, and I've also placed
> this user in every single BizTalk User Group.
>
> Thanks
>
> "Richard Blewett [DevelopMentor]" <richardb@NOSPAMdevelop.com> wrote in
> message news:%23U6SKJp%23EHA.3328@TK2MSFTNGP10.phx.gbl...
> is a Windows Forms or Web client) by setting
> selecting the "Directory Security" tab, Edit the anonymous access settings
> and check the box allowing anonymous access.
> been
> an
> user.
> should
> missing??
>
>
| |
| Richard Blewett [DevelopMentor] 2005-01-17, 5:53 pm |
| Hmmm - I must admit the only time I've seen this error is when the principal under which the application pool runs is not a member of the Isolated Host Users Group
Regards
Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk
Some progress made. I'm no longer getting the unauthorized message...now I just get an internal SOAP error message. When I look at the event viewer, Biztalk is throwing this message: "The Messaging Engine failed to register the adapter for "SOAP" for
the receive location "/exposerfp_proxy/ exposerfp_rfporchestration_submitrfpport
.asmx". Please verify that the receive location is valid, and that the isolated adapter runs under an account that has access to the BizTalk databases." Again...not sure whe
re to look. The application pool which this web-service is running under IS in all the biztalk groups. The anonymous user-identity is an administror account. Any ideas?
| |
| Mike Hennessy 2005-01-17, 5:53 pm |
| Ok, found the resolution from another site. For everyone else's future
reference, this is what resolved my issue.
""The Messaging Engine failed to register the adapter for "SOAP" for the
receive location
"/ExposeWebService_Proxy/ Microsoft_Samples_BizTalk_ExposeWebServi
ce_ProcessC
lientRequest_SOAPPort.asmx". ***Please verify that the receive location is
valid***, and that the isolated adapter runs under an account that has
access
to the BizTalk databases.
I think the section between *** and *** is the best indication of the
problem (at least in the case of my original test - I havn't gone back and
retried the SDK example that shouldn't have failed either).
THE PROBLEM/SOLUTION:
The actual web service URI did not match the one specified in the Receive
Port.
Once I copied the URI in the error message back to the Receive Port the
problem went away. This is an easy mistake to make.
I also added the default ananymous user IUSR_<machine_name> (?) to the
BizTalk Isolated Hosts group (I had already added ASPNET) but I think the
URI mismatch was the cause."
"Richard Blewett [DevelopMentor]" <richardb@NOSPAMdevelop.com> wrote in
message news:%232A1NSK$EHA.3368@TK2MSFTNGP10.phx.gbl...
> Hmmm - I must admit the only time I've seen this error is when the
principal under which the application pool runs is not a member of the
Isolated Host Users Group
>
> Regards
>
> Richard Blewett - DevelopMentor
> http://www.dotnetconsult.co.uk/weblog
> http://www.dotnetconsult.co.uk
>
> Some progress made. I'm no longer getting the unauthorized
message...now I just get an internal SOAP error message. When I look at the
event viewer, Biztalk is throwing this message: "The Messaging Engine
failed to register the adapter for "SOAP" for the receive location
"/exposerfp_proxy/ exposerfp_rfporchestration_submitrfpport
.asmx". Please
verify that the receive location is valid, and that the isolated adapter
runs under an account that has access to the BizTalk databases."
Again...not sure where to look. The application pool which this web-service
is running under IS in all the biztalk groups. The anonymous user-identity
is an administror account. Any ideas?
|
|
|
|
|