WCF: Why does passing in a remote endpoint fail?

Jonathan Allen picture Jonathan Allen · Jan 29, 2009 · Viewed 8.8k times · Source

WCF: Why does passing in a remote endpoint fail when passing the same endpoint via the configuration file works?

This works:

    Using con As New OfferingTap.OfferingTapClient(New ServiceModel.InstanceContext(callback), "NetTcpBinding_IOfferingTap"

This doesn't:

    Using con As New OfferingTap.OfferingTapClient(New ServiceModel.InstanceContext(callback), "NetTcpBinding_IOfferingTap", "net.tcp://qa1offerings:8190/")

Configuration File Excerpt:

        <endpoint address="net.tcp://qa1offerings:8190/" binding="netTcpBinding"
            bindingConfiguration="NetTcpBinding_IOfferingTap" contract="OfferingTap.IOfferingTap"
            name="NetTcpBinding_IOfferingTap">

Exception:

System.ServiceModel.Security.SecurityNegotiationException was unhandled
  Message="A call to SSPI failed, see inner exception."
  Source="mscorlib"
  StackTrace:
    Server stack trace: 
       at System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider.WindowsStreamSecurityUpgradeInitiator.OnInitiateUpgrade(Stream stream, SecurityMessageProperty& remoteSecurity)
       at System.ServiceModel.Channels.StreamSecurityUpgradeInitiatorBase.InitiateUpgrade(Stream stream)
       at System.ServiceModel.Channels.ConnectionUpgradeHelper.InitiateUpgrade(StreamUpgradeInitiator upgradeInitiator, IConnection& connection, ClientFramingDecoder decoder, IDefaultCommunicationTimeouts defaultTimeouts, TimeoutHelper& timeoutHelper)
       at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.SendPreamble(IConnection connection, ArraySegment`1 preamble, TimeoutHelper& timeoutHelper)
       at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.DuplexConnectionPoolHelper.AcceptPooledConnection(IConnection connection, TimeoutHelper& timeoutHelper)
       at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
       at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
       at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    Exception rethrown at [0]: 
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at Offering_Server_Recorder.OfferingTap.IOfferingTap.RequestFeed(Int32 dataSourceKey)
       at Offering_Server_Recorder.OfferingTap.OfferingTapClient.RequestFeed(Int32 dataSourceKey) in C:\Documents and Settings\jallen\Local Settings\Application Data\Temporary Projects\Offering Server Recorder\Service References\OfferingTap\Reference.vb:line 471
       at Offering_Server_Recorder.Module1.Main() in C:\Documents and Settings\jallen\Local Settings\Application Data\Temporary Projects\Offering Server Recorder\Module1.vb:line 9
       at System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args)
       at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
       at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
       at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
       at System.Threading.ThreadHelper.ThreadStart()
  InnerException: System.Security.Authentication.AuthenticationException
       Message="A call to SSPI failed, see inner exception."
       Source="System"
       StackTrace:
            at System.Net.Security.NegoState.ProcessAuthentication(LazyAsyncResult lazyResult)
            at System.Net.Security.NegotiateStream.AuthenticateAsClient(NetworkCredential credential, String targetName, ProtectionLevel requiredProtectionLevel, TokenImpersonationLevel allowedImpersonationLevel)
            at System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider.WindowsStreamSecurityUpgradeInitiator.OnInitiateUpgrade(Stream stream, SecurityMessageProperty& remoteSecurity)
       InnerException: System.ComponentModel.Win32Exception
            ErrorCode=-2147467259
            Message="The target principal name is incorrect"
            NativeErrorCode=-2146893022
            InnerException: 

Answer

Jonathan Allen picture Jonathan Allen · Jan 29, 2009

Appearantly you have to pass in an empty SpnEndpointIdentity to make this work.

    Using con As New OfferingTap.OfferingTapClient( _ 
        New ServiceModel.InstanceContext(callback), "NetTcpBinding_IOfferingTap", _
        New ServiceModel.EndpointAddress(New Uri("net.tcp://qa1offerings:8190/"), _
        New ServiceModel.SpnEndpointIdentity("")))