I have a asp.net MVC website which communicates to a SQL database through a web service. When set up in IIS it all works fine. I recently migrated the whole solution to Azure by publishing the Website and webservice as Web Apps. Under IIS the web.config of the website connects to the service endpoint using:
<client>
<endpoint address="http://localhost:7070/Services.svc"binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ITrain" contract="ServiceReference1.ITrain" name="BasicHttpBinding_ITrain"/>
</client>
In Azure i have changed this to:
<client>
<endpoint address="http://<sitename>.azurewebsites.net/Services.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ITrain" contract="ServiceReference1.ITrain" name="BasicHttpBinding_ITrain" />
</client>
The two web apps do not communicate.
Should i be doing something differently or does the problem lie somewhere else?
If you say the WSDL looked okay, the next thing I would recommend would be building a new simple Console app to try to talk to it. Use Add Service Reference in the Solution Explorer and provide the http://.azurewebsites.net/Services.svc URL. If Add Service Reference has a problem, you have some kind of WSDL error. But if it succeeds, your project will have auto-generated code to talk to that service. The example at https://msdn.microsoft.com/en-us/library/bb386386.aspx walks through this.
If the Console app succeeds in talking to the service, look very carefully at the generated app.config to see if it differs from your existing config files.
Ron Cain MSFT
Related
I am trying to deploy Python Flask application in the Azure web app. I had create web app(Flask) and published my code. After publish, I am getting below error from the site.
The page cannot be displayed because an internal server error has
occurred.
When check the Log, i could see the below error.
But this was happening only in my subscription(free subscription got with MSDN). But working fine in the Organisation subscription.
The <fastCGI> settings must be in the applicationHost.config file (in the system.webServer section) of IIS. Just putting it into web.config does not work (confirmed by testing it on a local IIS, not in Azure). An example configuration may look like this:
<fastCgi>
<application
fullPath="D:\home\Python27\python.exe"
arguments="D:\home\Python27\wfastcgi.py"
maxInstances="16"
idleTimeout="21600"
instanceMaxRequests="10000000"
signalBeforeTerminateSeconds="60"
xdt:Transform="InsertIfMissing"
xdt:Locator="Match(fullPath)">
<environmentVariables>
<environmentVariable name="PYTHONHOME" value="D:\home\Python27" />
</environmentVariables>
</application>
</fastCgi>
You may want to adjust this configuration.
This should solve it for a local IIS where you can edit applicationHost.config. I'm not sure about Azure, but maybe you can find some hints here: https://github.com/Azure/azure-python-siteextensions/issues/2.
I'm currently attempting to deploy the Navision webservice (from Dynamics Navision 2009) and am finding that the webservice authenticates when connecting to a local Navision SQL database but NOT a remote Navision SQL database.
So we have servers S (with a full Navision install) and W (with only the Services installed). The CustomSettings.config file on these two systems is identical except that where S references localhost:
<add key="DatabaseServer" value="127.0.0.1"></add>
<add key="ClientCredentialType" value="Windows"></add>
W references S:
<add key="DatabaseServer" value="S"></add>
<add key="ClientCredentialType" value="Windows"></add>
(Other details omitted.) The webservice itself is running as the same domain user in both cases, and that user is authenticated within Navision.
When I connect to the webservice which is running on S, authentication works and the service proceeds as normal:
http://S:7047/DynamicsNAV/WS/Company/Codeunit/RLIntegartion
I'll omit the actual result here. When connecting via W instead:
http://W:7047/DynamicsNAV/WS/Company/Codeunit/RLIntegartion
the webservice instead returns XML indicating an authentication failure:
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<s:Fault>
<faultcode xmlns:a="urn:microsoft-dynamics-schemas/error">
a:Microsoft.Dynamics.Nav.Types.NavDatabasePasswordException
</faultcode>
<faultstring xml:lang="en-US">
The login failed when connecting to SQL Server S.
</faultstring>
<detail>
<string xmlns="http://schemas.microsoft.com/2003/10/Serialization/">
The login failed when connecting to SQL Server S.
</string>
</detail>
</s:Fault>
</s:Body>
</s:Envelope>
I can configure an ODBC connection on W to the Navision database on S and the connection succeeds and authenticates correctly, so the actual database connection and authentication appears to be fine.
I'm aware that the webservice itself must normally be accessed locally so that any files written can be read from where the Navision webservice has written them, but from what I can tell in the documentation the webservice may legitimately access the database from a separate server. However, in practice (per above) this doesn't seem to actually work.
Is this a restriction that Navision imposes? If not, does anyone have any suggestions as to why the webservice is failing to authenticate when accessing a remote database when the same webservice succeeds locally?
Or could it be a limitation imposed by the codeunit programmers? I've spoken to them and they indicate that this should work, but clearly it does not.
That is known problem of Nav 2009. In later versions it's working without additional tricks. To solve this you need to create SPN.
Me personally was not able to set it properly so I just always installed web service tier on the same server with SQL. In this case it works.
There are three participants in this scheme - DB, web service and the client (that connects to this service). The problem appears only when all these three participants are on three different machines.
This three-machine setup will work only if the following requirements are fulfilled:
1) your client is capable of using Kerberos authentication (e.g. Internet Explorer or .NET applications are capable, but Chrome or PHP applications are not)
2) you set up NAV to use Kerberos authentication (as opposed to NTLM) and you set up delegation.
Delegation is a process that allows NAV server (or web service) to take the authentication ticket that came from client and pass it to SQL Server. You need to explicitly allow this in Active Directory setup. For that you will need SPNs - they basically describe the subjects that take part in this delegation.
You may refer to these manuals to setup the whole thing:
MSDN Walkthrough: Installing the Three Tiers on Three Computers
MSDN How to: Configure Web Services with Delegation
NAV 2009 Web Services on a three machine setup
You can also revert to more simple setup of using two-machines setup. In this case, either NAV server and SQL server should be on the same machine, or NAV server and the web service client should be on the same machine. As an example of the latter, you may create a small custom web service which acts as a proxy for your calls, and publish it on the same machine as NAV server/web service.
I am trying to program a VisualWebPart using Visual Studio 2010 which has to do a simple thing: invoke a web service (hosted in a remote server, NOT locally). When I execute within the Sharepoint site (version 2010, which I have published in my IIS) I get this error:
"The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM'."
Pardon my ignorance, but the only difference here is the case of the Ntlm authentication scheme! I have been all over the web and found many related problems, but none of the solutions worked. Almost ALL solutions i found involve modifications in the webservice security configuration, this is not an option for me.
Looking for a solution, I created a sample windows form and invoked the web service from it: no problems whatsoever.
In order to be able to invoke the webservice correctly this is the necessary security configuration:
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm" proxyCredentialType="Ntlm" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
I believe the problem is that I havenĀ“t been able to properly set this security property to the web.config of my Sharepoint site, since I tried to put it in the security tag that appears in the web.config but still get the same error.
Any further information needed please ask, I am REALLY desperate, for days I have been with the SAME error.
In the end I was given permissions in their server: more precisely in the database which was the one that wouldn't let me create the web part in the server. Once this was done, the call to the webservice worked just fine, because they have the web.config correctly configured.
I have a IIS hosted service http://localhost/someProject/services/myservice.svc . Is it possible to somehow make say http://locahost:9705 point to it? How do I set this up? It seems to be pretty straightforward with a Windows Service hosted WCF service, but I cannot figure how to accomplish this when using .svc files and IIS. In the app.config of a Windows Service I just add a host node...
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:9705"/>
</baseAddresses>
</host>
however when I do the same thing in an IIS hosted svc web.config
<host>
<baseAddresses>
<add baseAddress="http://localhost:9705"/>
</baseAddresses>
</host>
I browse to http://localhost:9705 and I get an IE error cannot display the webpage etc... In the windows hosted services I'm able to browse to the page, although not in this example as I'm using net.tcp, but with other services, it works. What am I doing wrong here? Is this even possible? Please point me in the right direction. Thanks for any tips and/or help.
Cheers,
~ck in San Diego
If you host in IIS, it's IIS that controls where the service is located. You cannot override the IIS settings - if your *.svc file is located under http://localhost/someproject/services/myservice.svc, then that's your service address. Any <baseAddress> settings in your web.config file are ignored and useless.
So either you can configure this in IIS, or you have to switch to self-hosting your WCF service in e.g. a Windows Service or a console app or something.
Its possible I am just really really thick. However, looking over the SDK for the live search (MSN search) that uses SOAP, doesn't tell me what URL the service is at?? I can download SDKs for C# or VB which probably encapsulate, but that doesn't help me (I am using ruby).
http://search.live.com/developer/
The URL you need is: http://soap.search.live.com/webservices.asmx
Additional info on various tools you could use to discover endpoints from WSDL:
If you have VS, you can discover the endpoint by adding a Web Service Reference to a C# console project and then opening the app.config file and looking for the <endpoint> element.
To add the Web Service Reference for the Live Search web service, point the wizard to the WSDL at http://soap.search.live.com/webservices.asmx?wsdl.
Alternatively, you can use the svcutil.exe tool from .Net 3.0 to generate C# client wrapper and a .config file from the WSDL. Again, you are interested in the <endpoint> from the generate config.