LsaLogonUser call failed error
Francesco Caporusso
fcaporusso at anago.nl
Fri Nov 18 11:07:07 EST 2005
Hi, I am Caporusso and I am a software engineer. I am working in
securing web services with Kerberos authentication with WSE 2.0
I have an asp.net web application client which calls web services.
Well, I have a problem on this line code:
targetPrincipalName = "host/" + System.Net.Dns.GetHostName
I don't know wher the KDC lies. BEcouse if I have a nrmal windows
application client, then it works correctly.
Can you please help me.
As follow, there is the error I receive...
Thanks
microsoft.Web.Services2.Security.SecurityFault: An invalid security
token was provided ---> System.Security.SecurityException: The incoming
Kerberos service ticket could not be validated. The LsaLogonUser call
failed with the following message: Logon failure: the user has not been
granted the requested logon type at this computer. . The substatus is:
0. --- End of inner exception stack trace --- at
Microsoft.Web.Services2.Security.Tokens.Kerberos.LsaServerContext.LogonU
ser(Byte[] inToken) at
Microsoft.Web.Services2.Security.Tokens.Kerberos.LsaServerContext..ctor(
Byte[] inToken) at
Microsoft.Web.Services2.Security.Tokens.KerberosToken.InitializeLifeTime
() at
Microsoft.Web.Services2.Security.Tokens.KerberosToken.get_IsCurrent() at
Microsoft.Web.Services2.Security.Security.LoadToken(XmlElement element,
SecurityConfiguration configuration, Int32& tokenCount) at
Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element) at
Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(Soap
Envelope envelope) at
Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope
envelope) at
Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(Soa
pServerMessage message)
More information about the Kerberos
mailing list