Home/ Questions/Q 3877542
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-19T22:30:35+00:00

While calling a web service I get the following error: The HTTP request is

  • 0

While calling a web service I get the following error:

The HTTP request is unauthorized with client authentication scheme ‘NTLM’. The authentication header received from the server was ‘NTLM’. The HTTP request is unauthorized with client authentication scheme ‘NTLM’. The authentication header received from the server was ‘NTLM’.

I have a Silverlight 4 application that calls a WCF web service, both on my IIS (7).
my WCF web service calls another ASMX web service, installed on a different web server, using NTLM (Windows Authentication).
Both servers, mine and the one hosting the ASMX web service are in the same domain.

When the Silverlight client opens the application from the server using http://localhost/MySiteName everything works fine. But when the Silverlight client opens the application from a different client, which is not the server but still in the same domain, using http://MyServerName/MySiteName then I get the error.

Windows Authentication is enabled in my IIS.
Anonymous Authentication is disabled in my IIS.

Binding configuration for calling my WCF web service is:

    <binding name="winAuthBasicHttpBinding">
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Windows" />
      </security>
    </binding>

Binding configuration for calling the ASMX web service is:

    <binding name="ClNtlmBinding">
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Ntlm" />
      </security>
    </binding>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    OK, here are the things that come into mind:

    • Your WCF service presumably running on IIS must be running under the security context that has the privilege that calls the Web Service. You need to make sure in the app pool with a user that is a domain user – ideally a dedicated user.
    • You can not use impersonation to use user’s security token to pass back to ASMX using impersonation since my WCF web service calls another ASMX web service, installed on a **different** web server
    • Try changing Ntlm to Windows and test again.

    OK, a few words on impersonation. Basically it is a known issue that you cannot use the impersonation tokens that you got to one server, to pass to another server. The reason seems to be that the token is a kind of a hash using user’s password and valid for the machine generated from so it cannot be used from the middle server.

    UPDATE

    Delegation is possible under WCF (i.e. forwarding impersonation from a server to another server). Look at this topic here.

    • 0