HTTP Status 403 - Trust Token failure.

Similar Messages

• HTTP Status 403 after logging out of my JSF application

  I have a JSF application that is using form based authentication (using a custom JSF control that creates a form with an action attribute equal to "j_security_check").
  Everything seems to be working just fine except when Firefox browsers logout and then backup (using the browser's back button) and click on a link or button in my JSF application. Instead of just showing the logon page again it shows the following ugly page:
  HTTP Status 403 - The request body was too large to be cached during the authentication process
  type Status report
  message The request body was too large to be cached during the authentication process
  description Access to the specified resource (The request body was too large to be cached during the authentication process) has been forbidden.
  Apache Tomcat/6.0.14IE shows the logon page when you click the back button.
  Is there some way that I can get Firefox to behave differently? Is there another way to handle authentication that would be better for a JSF application?
  Thank you!
  Dave

  Thank you for pointing me to look closer at the server RaymondDeCampo.
  I'm very new to Web development, Java, and JSF.
  I watched the HTTP Monitor (in NetBeans) as I did the following steps with Firefox, Safari (PC version), and IE:
  1. Log on to my app
  2. Change to a page in my app
  3. Log out of my app
  4. Click the browser's back button
  Firefox and Safari seemed to behave the same way. Clicking the back button displayed the previous page correctly, and NO new HTTP requests are added to the HTTP monitor. I assume these browsers are just loading the previous page from cached history or something? If I then click on a link or command button on the page, I get the HTTP Status 403 page in the browsers and once again NO new HTTP requests are added to the HTTP monitor. Is it possible for Tomcat to reply with the HTTP Status 403 page before the HTTP monitor even gets a chance to see the HTTP request? I'm pretty sure that Tomcat is producing the HTTP Status 403 page since the very last line on the page says "Tomcat 6.0.14."
  IE on the other hand caused an HTTP GET to be posted to the HTTP monitor when the browser's back button was clicked. The GET is for the login page which then gets shown in IE.
  Is there something else I should be looking at on the server side?
  Is there a way to stop Firefox and Safari from using cached pages when the back button is clicked and force them to go to the server for the content again?
  Thank you very much for any answers or advice that you can share!
  Dave

• LDAP HTTP Status 403 Error

  I have just upgraded my set up to Sun one AS 7.0 and and sunone web server 6 sp5. And we use LDAP for Basic Authentication
  The given example with file realm works good!!!
  but when i configure it with LDAP, it does not work ??
  I get 403
  with the log in the console as
  FINE: Authenticator[ser]: Security checking request GET /ser/servlet/test.ser3
  FINE: Authenticator[ser]: Checking constraint 'SecurityConstraint[AllUrls]' against GET /servlet/test.ser3 --> true
  FINE: Authenticator[ser]: Subject to constraint SecurityConstraint[AllUrls]
  FINE: Authenticator[ser]: Calling checkUserData()
  FINE: Authenticator[ser]: User data constraint has no restrictions
  FINE: Authenticator[ser]: Calling authenticate()
  FINEST: Processing login with credentials of type: class com.sun.enterprise.security.auth.login.PasswordCredential
  FINE: Logging in user [97779] into realm: ldap using JAAS module: ldapRealm
  FINEST: Login module initialized: class com.iplanet.ias.security.auth.login.LDAPLoginModule
  FINEST: search: baseDN: dc=my,dc=com filter: uid=97779
  FINEST: Found user DN: uid=97779,dc=my,dc=com
  FINEST: Group search filter: uniquemember=uid=97779,dc=my,dc=com
  FINEST: Group memberships found:
  FINEST: LDAP login succeeded for: 97779
  FINEST: JAAS login complete.
  FINEST: JAAS authentication committed.
  INFO: SEC5047: Audit: Authentication granted for [97779].
  FINE: Password login succeeded for : 97779
  FINE: Set security context as user: 97779
  FINE: Authenticator[ser]: Authenticated '97779' with type 'BASIC'
  FINE: SingleSignOn[server1]: Registering sso id 'A7BC7C80E7340931CDE1C52A1DF9EBDC' for user '97779' with auth type 'BASIC'
  FINE: Authenticator[ser]: Calling accessControl()
  FINEST: PRINCIPAL : 97779 hasRole?: myRole
  FINEST: PRINCIPAL TABLE: {MyGroup=[myRole]}
  INFO: SEC1123: Audit: principal=97779 GET /ser/servlet/test.ser3 session=null DENIED
  FINE: Authenticator[ser]: Failed accessControl() test
  pls tell me what could be wrong

  Hi guys,
  i got the issue solved,
  it was just that the usr i had in LDAP did not belong to the group i had set in his role.

• HTTP Error 403.16 - Forbidden, Your client certificate is either not trusted or is invalid.

  Dear Experts,
  I have tried mutual authentication with sample website as per below link:
  http://itq.nl/testing-with-client-certificate-authentication-in-a-development-environment-on-iis-8-5/#comment-19427
  1. Created a Root certificate, client and server certificate based on this root certificate by using Makecert command as per below link:
  2. Import these certificates in Trusted Root Certification authority of both the stores (Local and Current user)
  3. Created a sample website with HTML page
  4.Hosted this website in IIS with HTTPS binding and selected the above server certifcate
  5. Enabled "Require SSL" and selected "Require" under SSL settings of website
  6. Exported the client certificate in base64 format --> Edited in notepad --> made the key into single line
  7. Placed the above key under Configuration editor --> system.webServer/security/authentication/iisClientCertificateMappingAuthentication --> one to one mapping with user credentials.
  8. I tried to access the website
  But, I ended with below error :(
  HTTP Error 403.16 - Forbidden
  Your client certificate is either not trusted or is invalid.
  Detailed Error Information:
  Module    IIS Web Core
  Notification    BeginRequest
  Handler    ExtensionlessUrlHandler-Integrated-4.0
  Error Code    0x800b0109
  Requested URL    https://localhost:443/
  Physical Path    E:\SampleRoot
  Logon Method    Not yet determined
  Logon User    Not yet determined
  Could you please let me know what I missed here.
  Note:
  I am using windows8, IIS8.0.
  Thanks in advance.
  Regards,
  M. Prasad Reddy.

  Hi Prasad,
    As per this case, I have been shared the corresponding details below
    1.First of all,make sure that you import the certificate whether it belongs to Trusted RootCertification or not .
      If that is the case ,Goto Microsoft Management Console (MMC), open the Certificates snap-in. 
      For instance, the certificate store that WCF is configured to retrieve X.509 certificates from, select the Trusted RootCertification Authoritiesfolder. Under the Trusted Root Certification Authorities folder, right-click the Certificatesfolder,
  point to All Tasks, and then click Import.
    2.you configured the server certificate as well, But check the client certificate whether have root certificate or not by following command?
  makecert -pe -n "CN=SSLClientAuthClient"
           -eku 1.3.6.1.5.5.7.3.2 -is root -ir localmachine -in WebSSLTestRoot
           -ss my -sr currentuser -len 2048
    3. Also check the Service Certificate whether its configured on the WCF Service side
    4.Make sure that you followed all the steps are done correctly from your given referred link below
  http://itq.nl/testing-with-client-certificate-authentication-in-a-development-environment-on-iis-8-5/#comment-19427
    5.Besides, please try to set the require SSL as ignore to see if you can access the website.
  If the above details cannot able to resolve this issue, please post your config file here.

• Lync 2013 Logon Failing (HTTP status code 500) No valid security token

  Hello there,
  I'm in the process of deploying Lync 2013.  I have the pool deployed and everything is at least running.  I can access the control panel and provision users.  However when I try to logon to the Lync Client I get a DNS error.  The DNS
  error appears to be misleading and is a result of the earlier auto-detection methods failing.
  However using the Lync Connectivity Analyzer I get a "No valid security token." error.  This doesnt matter if I use auto-detection or manual pointing the Connectivity Analyzer to the pool servers.
  [3/2/2015 9:34:15 AM] [ERROR] Reason: Internal server error (HTTP status code 500)
  [3/2/2015 9:34:15 AM] [ERROR] Ms-Diagnostics-Fault ErrorId: 28020, Reason: No valid security token.
  [3/2/2015 9:34:15 AM] [CRITICAL] The credentials were not authorized by the server. Please verify your login credentials and try again.
  [3/2/2015 9:34:15 AM] [DEBUG] System.Exception: Exception of type 'System.Exception' was thrown.
  at Microsoft.LyncServer.WebServices.WebTicketManager.WTExceptions(String exText)
  at Microsoft.LyncServer.WebServices.WebTicketManager.<AcquireTicketAsync>d__19.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
  at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
  at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
  at Microsoft.LyncServer.WebServices.WebTicketManager.<AcquireOpaqueTicketAsync>d__14.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
  at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
  at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
  at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
  at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<AuthenticationRequired>d__2a.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
  at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
  at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
  at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
  at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
  at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
  at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
  at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
  at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
  at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
  at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<ParseResponse>d__16.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
  at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
  at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
  at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
  at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
  at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
  at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
  at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
  at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
  at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
  Im a bit stumped where to go next.
  Thanks.

  Manually entering the server also fails and does not provide much to help "We're having trouble connecting to the server. If this continues, please contact your support team."
  I found that each time I try to logon it generates a Schannel Error on the server.  "A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51.
  The Windows SChannel error state is 1106."
  There seems to be a lot more information on that than the previous "Internal Error" message I was trying to deal with.
  https://social.technet.microsoft.com/Forums/office/en-US/41718327-203f-445f-8657-87b0a8545ead/lync-2013-client-signin-issue-with-lync-2013-server?forum=lyncprofile
  Actually I just found the Lync Server Front-End is stuck "starting" so that would explain why I cannot login.  However I re-issued my certificate to make sure the primary CN matched "lync.domain.tld" and it still wont start.
  https://expertslab.wordpress.com/2014/04/23/lync-server-2013-front-end-service-stuck-on-starting/
  I think my problem is the certificate.  I have been trying to use selfSSL7 to generate the certificate for testing but it does not support creating SAN entries so I have entered all the FQDNs as CN entries.
  Im going to get another method to generate the self-signed certificate for testing.

• Lync 2013 Clients in Child Domain Log "The server returned HTTP status code '403 (0x193)' with text 'Forbidden'."

  Hey All, I am really stumped on this one. 
  Environment - Is using split DNS
  Forest Root Domain - Contains new Lync 2013 Server Standard, ADDS, DNS, Enterprise CA, Workstations
  Clients in this domain connect and work beautifully. No errors. 
  Child Domain - ADDS, DNS, Workstation, Lync 2013 client
  Client autodiscovers, and then asks for a password. Enter the password and this comes up...
  Can't sign in to Lync, You didnt get signed in, It might be your sign-in address or logon credentials..  blah blah blah" 
  Client log shows 
  Error:
  There was an error communicating with the endpoint at 'https://domainlync13srv.Domain.net/WebTicket/WebTicketService.svc'.
  The server returned HTTP status code '403 (0x193)' with text 'Forbidden'.
  The server understood the request, but cannot fulfill it.
  As far as i can tell certificates are correctly configured with all the SAN's possible in my forest. The user is correctly set up in Lync control panel. Autodiscovery seems to be working as it should. EWS is working correctly. 
  Repaired client, removed cached creds, has all lync 2013 updates no dice
  Thank you all! 

  I am an IDIOT. 
  I did not prepare the child domain with the LYNC setup tool. Logged on to a file server in the child domain with domain admin rights and sure enough the setup said the domain was "partial". Ran the setup and bam it all started working. 

• Returning HTTP status codes (401, 403, etc) to Flash 8

  Hi all,
  I'm using AMFPHP on the server-side and Flash remoting
  classes to communicate with it. Everything's working great, but i'd
  like Flash to be able to recieve HTTP status codes from the server.
  For example, if on the server side (in PHP) I go:
  header("Status: 401 Unauthorized");
  I'd like the remoting service on the flash side to be able to
  get the HTTP error code (401 in the example above).
  I know this is possible with
  [url=http://livedocs.adobe.com/flash/8/main/wwhelp/wwhimpl/common/html/wwhelp.htm?context =LiveDocs_Parts&file=00002333.html]LoadVars.onHTTPStatus[/url]
  but it doesn't seem to deal with using it with Flash Remoting.
  Thanks all :)
  - Nilesh

  Hi, I am trying to PUT to update contact info and I get following error:
  2015-01-16 11:00:17,970 INFO [main] oracle.eloqua.connector.eloqua.EloquaConnector.putWithBasicAuth(97) | accessHttpsPut.url=https://secure.eloqua.com/API/REST/2.0//data/contact/7606838, text={"id":"7606838","accountName":"openIdStr001","emailAddress":"[email protected]","type":"Contact"}
  2015-01-16 11:00:18,931 ERROR [main] oracle.eloqua.connector.eloqua.EloquaConnector.putWithBasicAuth(140) | ClientProtocolException
  org.apache.http.client.HttpResponseException: Request is malformed.
  Is there any idea?
  Thanks so much.
  Sincerely.

• EMC Initialization failed: WinRM HTTP error 403

  We have an existing 2003R2 server running Exchange 2007. I have just installed a new 2012 R2 server with Exchange 2010 SP3 RU8v2. Opening the EMC on this new server yields the following error:
  Connecting to remote server XXXXX.DOMAIN.LOCAL failed with the following error message; The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs
  and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig".
  For more information, see the about_Remote_Troubleshooting help topic. It was running the command 'Discover-ExchangeServer -UseWIA $true -SuppressError $true -CurrentVersion 'Version 14.3 (Build 123.4)". 
  If I open EMS it attempts to connect three times, times out, prompts "Failed to connect to an Exchange server in the current site. Enter the server FQDN where you want to connect.:" I then type my servername.domainname.local and am prompted with
  the following error:
  Connecting to remote server failed with the following error message: The WinRM client received an HTTP status code of 403 from the remote WS-Management service. For more information, see the about_Remote_Troubleshooting Help Topic. FullyQualifiedErrorID:
  PSSessionOpenFailed
  ^^^My understand of this error is the connection is being established on 443 instead of 80. I have unchecked SSL from powershell and was able to telnet to the old server (2007 exch box) via 80, so I know the port and traffic is open. 
  I think this is an issue with IIS on the older 2007 server. Obviously I can't use WinRM Quickconfig on that server (2003 R2) and I noticed that there is no "powershell" module in default site in IIS on this box. 
  On the server 2007 box if I run 'get-exchangeserver' from powershell it shows both the old and the new server. However the old server is not able to connect to the console at all and I can't verify that it's actively able to manage my exchange forest. 
  Any assistance is greatly appreciated.

  Hi ,
  Thank you for your question.
  This error could be caused by many reasons, for example: IIS authentication, Win RM and so on.We could refer to the following link to troubleshoot:
  1. Make sure we have enough permission to open EMC;
  2. We could run “WinRM QuickConfig” to make sure IIS WinRM extension is installed:
  3. Open IIS go to Powershell virtual directory and check that SSL in disabled and authentification is set only to Anonymous;
  4. If the issue persist, we could use Exchange Management Console Troubleshooter
   tool to analysis the error and send error information to
  [email protected] for our troubleshooting.
  Permissions required: In order to run the troubleshooter, the user will have to have the rights to log on locally to the Exchange server (due to local nature of the troubleshooter at this time) and will need permissions to run Windows
  PowerShell.
  Installing the troubleshooter: First, we download the troubleshooter ZIP file, which we can find here. Installing the EMTshooter is pretty easy. Just drop the 4 files from the ZIP file into 1 folder, rename them to .ps1 and run
  EMTshooter.ps1 from a normal (and local) PowerShell window. I personally just created a shortcut for it on my desktop with the following properties: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noexit -command ". 'C:\EMTshooter\EMTshooter.ps1'"
  However, as most users probably won't run this more than a few times we might not need or want an icon. Just remember that EMTshooter.ps1 is the main script to run.
  Resolving WinRM errors and Exchange 2010 Management tools startup failures:
  http://blogs.technet.com/b/exchange/archive/2010/12/07/resolving-winrm-errors-and-exchange-2010-management-tools-startup-failures.aspx
  5. Check the proxy setting by the following link:
  https://technet.microsoft.com/en-us/library/cc731131(WS.10).aspx
  6. Make sure two files have been in the following path:
  “web.config” file (under Program Files\Microsoft\Exchange Server\V14\ClientAccess\PowerShell)
  "applicationHost.config" file (located at: \Windows\System32\inetsrv\config)
  If there are any questions regarding this issue, please be free to let me know. 
  Best Regard,
  Jim

• Configuring Reporting Service Add-in for sharepoint - HTTP status 401: Unauthorized.

  I have the following setup
  Machine 1
  WSS 3.0
  Installed Reporting Service Add-in
  Machine 2
  Reporting Service
  Sharepoint Object Model
  SQL Server
  Sharepoint and Report Server DB
  I have congigured Reporting Service for Sharepoint Integrated Mode adn Created new Reprot Server DB
  Sahre Point Integration is Green and verified link
  In Sharepoint Central Administration
  Manage Reporting Service Integratio i have selected the URL and "Trusted Account" as my web applications use "Windows Integration - NTLM".
  All services, DB access everything running under one domain user account.
  I am logged into sharepoint with same account. When clieck on set server defaults i get following error
  An unexpected error occurred while connecting to the report server. Verify that the report server is available and configured for SharePoint integrated mode. --> Server was unable to process request. ---> The request failed with HTTP status 401: Unauthorized.
  Same error when i try to add a report to a sharepoint webapplication
  The domain account is part of "Farm Administration", "site colletion administrato" and local administrator also on both servers.
  Can someone let me know how to fix this.

  jpmartop,
  were you able to get this to work?
  We have a 4 server topolgy.
  moss
  wfe
  sql
  ssrs
  and are using Kerberos.
  I've installed the wfe on the ssrs and am using a domain user for services, web and pools.
  I get all green dots in the ssrs config.
  in Central Admin, Grant access seems to work with the domain user, but set defaults gives me:
  HTTP status 401: Unauthorized.
  What should my web security on the default web site and reports and reports server look like? Integrated Security
  Should the SSRS WFE entry in MOSS have Web application service turned on?
  I've checked that my SPNs are good.I've installed sql server sp2 and a did windows update on all servers..
  Could it be the user I log into the Central Admin with.. it's got server administrator and Farm administrator?
  Thanks for any help or information.

• OAAD Picture upload - HTTP Error: 403 Forbidden

  Dear forum,
  When trying to upload a picture for our Q/A HR system in tx OAAD I get the error HTTP Error: 403 Forbidden. However, I can do it with no issues in our prod environment. Anyone has an idea why this is? I have checked SICF and icman is enabled. Does anyone have an suggestion? Hence it isnt portal communication I cant use httpwatch, which most likely could have told me whats wrong.
  I hope someone is able to comment on this issue.
  Thanks in advance!
  Kind Regards,
  Soren

  Dear Friis,
  We have a steps of configurations that needs to be completed for the photo upload to be working. As you say the same is working in the production system, I hope you have the steps with you.
  Most common things that needs to be checked in this scenario are,
  1. HTTP service availability through the configured profile parameter in the system
  2. Restart after the profile parameter change
  3. Content Server node activation in SICF transaction
  4. User ID and Password to be mentioned in the SICF service as communications or system user
  5. Other checks for the content repository and the number range
  You can also try repeatedly, to upload the pic (in a JPG format) - because most usually the first trial ends in a failure for the HTTP service with a 403 Forbidden error message.
  Let me know your response and the steps you had followed for the config.
  Thank you
  Regards,
  Vineeth

• HTTP Error 403 - Customized Error Page Display Issue

  Hi,
  I have included 403 in <error-code> in my web.xml and defined proper security constraints. But when I try to access my JSPs directly on Mozilla I see my error page but I try in Internet, I can't see the same page.
  Can someone help me?

  BalusC wrote:
  Then don't send the HTTP error status code in the headers. It would trigger IE to display friendly error pages.
  Best solution would be to let the error page invoke a redirect to self (or another error page) when the HTTP status code is 403, so that it becomes 200 (or anything in range of 200-399) so that IE won't be triggered to display friendly error pages. Best solution would be to let the error page invoke a redirect to self (or another error page) when the HTTP status code is 403You want to say that I should define a error page in my JSP where, when its called, I need to handle the 403 error. Please correct me if I'm wrong. I have defined *403 error code in my web.xml*.
  Again if possible can you please put down a sample how to do it?

• Error: on clicking Registry menu item in ESM Management Portal. The request failed with HTTP status 404: Not Found.

  Hi,
  I have installed ESB Management Portal successfully after following all the steps. everything is working fine except when I click the Registry menu in the portal. I get an unhandled exception. The event viewer shows the below error "The request failed
  with HTTP status 404: Not Found."
  ================================================
  Event code: 3005 
  Event message: An unhandled exception has occurred. 
  Event time: 1/27/2015 5:56:10 PM 
  Event time (UTC): 1/27/2015 5:56:10 PM 
  Event ID: f7aedd39118845b79c17d3442a0d15a7 
  Event sequence: 54 
  Event occurrence: 1 
  Event detail code: 0 
  Application information: 
      Application domain: /LM/W3SVC/1/ROOT/ESB.Portal-1-130668549484455107 
      Trust level: Full 
      Application Virtual Path: /ESB.Portal 
      Application Path: C:\Projects\Microsoft.Practices.ESB\Source\Samples\Management Portal\ESB.Portal\ 
      Machine name: <Machine Name> 
  Process information: 
      Process ID: 4712 
      Process name: w3wp.exe 
      Account name: NT AUTHORITY\NETWORK SERVICE 
  Exception information: 
      Exception type: TargetInvocationException 
      Exception message: Exception has been thrown by the target of an invocation.
     at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
     at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
     at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
     at System.Web.UI.WebControls.ObjectDataSourceView.InvokeMethod(ObjectDataSourceMethod method, Boolean disposeInstance, Object& instance)
     at System.Web.UI.WebControls.ObjectDataSourceView.ExecuteSelect(DataSourceSelectArguments arguments)
     at System.Web.UI.DataSourceView.Select(DataSourceSelectArguments arguments, DataSourceViewSelectCallback callback)
     at System.Web.UI.WebControls.DataBoundControl.PerformSelect()
     at System.Web.UI.WebControls.BaseDataBoundControl.EnsureDataBound()
     at System.Web.UI.WebControls.CompositeDataBoundControl.CreateChildControls()
     at System.Web.UI.Control.EnsureChildControls()
     at System.Web.UI.Control.PreRenderRecursiveInternal()
     at System.Web.UI.Control.PreRenderRecursiveInternal()
     at System.Web.UI.Control.PreRenderRecursiveInternal()
     at System.Web.UI.Control.PreRenderRecursiveInternal()
     at System.Web.UI.Control.PreRenderRecursiveInternal()
     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
  The request failed with HTTP status 404: Not Found.
     at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
     at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
     at Microsoft.Practices.ESB.Portal.UDDIService.UDDIService.GetCategoryByName(String UDDIServerUrl, String tModelName) in c:\Projects\Microsoft.Practices.ESB\Source\Samples\Management Portal\ESB.Portal\Web References\UDDIService\Reference.cs:line
  575
     at Microsoft.Practices.ESB.Portal.Uddi.ServiceProxy.getBTEndpoints(String applicationName, Boolean getSendPorts, Boolean getRcvLocations) in c:\Projects\Microsoft.Practices.ESB\Source\Samples\Management Portal\ESB.Portal\Uddi\ServiceProxy.cs:line
  553
     at Microsoft.Practices.ESB.Portal.Uddi.ServiceProxy.GetEndpointsByApplication(String applicationName, Boolean getSendPorts, Boolean getRcvLocations) in c:\Projects\Microsoft.Practices.ESB\Source\Samples\Management Portal\ESB.Portal\Uddi\ServiceProxy.cs:line
  46
  Request information: 
      Request URL: http://localhost/ESB.Portal/uddi/uddi.aspx 
      Request path: /ESB.Portal/uddi/uddi.aspx 
      User host address: ::1 
      User: <domain>\<user>
      Is authenticated: True 
      Authentication Type: Negotiate 
      Thread account name: NT AUTHORITY\NETWORK SERVICE 
  Thread information: 
      Thread ID: 19 
      Thread account name: NT AUTHORITY\NETWORK SERVICE 
      Is impersonating: False 
      Stack trace:    at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
     at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
     at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
     at System.Web.UI.WebControls.ObjectDataSourceView.InvokeMethod(ObjectDataSourceMethod method, Boolean disposeInstance, Object& instance)
     at System.Web.UI.WebControls.ObjectDataSourceView.ExecuteSelect(DataSourceSelectArguments arguments)
     at System.Web.UI.DataSourceView.Select(DataSourceSelectArguments arguments, DataSourceViewSelectCallback callback)
     at System.Web.UI.WebControls.DataBoundControl.PerformSelect()
     at System.Web.UI.WebControls.BaseDataBoundControl.EnsureDataBound()
     at System.Web.UI.WebControls.CompositeDataBoundControl.CreateChildControls()
     at System.Web.UI.Control.EnsureChildControls()
     at System.Web.UI.Control.PreRenderRecursiveInternal()
     at System.Web.UI.Control.PreRenderRecursiveInternal()
     at System.Web.UI.Control.PreRenderRecursiveInternal()
     at System.Web.UI.Control.PreRenderRecursiveInternal()
     at System.Web.UI.Control.PreRenderRecursiveInternal()
     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
  Custom event details: 
  =================================
  Any idea why this is happening and what needs to be done ?
  PLEASE HELP
  Thanks & Regards
  Vikram

  Snippet from the link below:
  If you get a “404: Not Found” error, it ‘s because by default there is no script map for .svc file with default IIS 7.0 installation, so you need to register .svc extension in IIS:
  You need to update IIS script maps to register .svc extension In a command prompt (ran as administrator), execute the following command:
  “%windir%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe” -r -y"
  Refer:
  https://dgoins.wordpress.com/2010/05/01/esb-toolkit-management-portal-installation-notes-from-the-field-2/
  Sarvanan's blog around this with detailed explanation:
  Configuring Exception Management Portal
  As mentioned above also
  Check Portal Configuration Settings
  Rachit
  Please mark as answer or vote as helpful if my reply does

• Web Service client authorization error: HTTP status 401

  .NETters,
  My .NET client program is invoking a simple "Hello World" Web Service written in ABAP. Here is the code:
    Z_HWWSDServiceWse svc = new Z_HWWSDServiceWse();
    try {
      string msg = svc.ZHelloworld();
      Console.WriteLine(msg);
    }catch(Exception e) {
      Console.WriteLine(e.Message);
  The code uses WSE 2.0 framework.
  This code works if I edit the properties on WSD service using transaction SICF and specify anonymous login options. However, I would like to pass the user token from the client program itself.
  So I removed anonymous login options and supplied the required information programmatically.
    UsernameToken ut = new UsernameToken("pradeep", "password", PasswordOption.SendPlainText);
    svc.RequestSoapContext.Security.Tokens.Add(ut);
  However, when I run this code, I get an error: "The request failed with HTTP status 401: Unauthorized"
  I then tried supplementing this code with network credentials logic:
    System.Net.CredentialCache cc = new System.Net.CredentialCache();
    cc.Add(new Uri("http://servermachname"), "Basic", new System.Net.NetworkCredential("pradeep", "password", null));
    svc.Credentials = cc;
  The problem still doesn't go away :-(.
  Does anyone have any idea on what is it that I am missing in my code?
  Thank you in advance for your help.
  Pradeep

  In my tests with normal .NET WS client something like the following allways worked:
  WSProxy proxy = new WSProxy();
  proxy.Credentials = new System.Net.NetworkCredential("user", "password");
  proxy.PreAuthenticate = true;
  proxy.CallMethod();
  As your code is very similar, it may be a compatibility  problem between WSE and WAS. I would recommend that you use a network snippen and look what really goes over the wire.
  I have also seen an issue where the settings in SICF where somehow corrupted (e.g. the fixed credentials checkbock was on, but no credentials where specified). The solution was just to "reset" the settings in SICF.

• Autodiscover and Outlook Anywhere return http status 401

  Hi, I'm having issues with Autodiscovery (externally) and Outlook Anywhere for some users on our Exchange 2010 (SP3, RU2) setup. Just for information, we have Exchange servers at two AD sites (same forest / domain) with each site having 2 combined client
  access / hub transport servers and 3 mailbox servers (with 2 stretched DAG's across both sites). Site A is internet facing, but site B isn't.
  Autodiscovery
  Internally, it's working fine (using the Test E-mail AutoConfiguration option within Outlook 2010). But externally (using the Microsoft TestConnectivity site), autodiscovery fails, returning the following:
  Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
  Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
  +Additional Details
     Elapsed Time: 1783 ms.
     + Test Steps
   The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL   https://autodiscover.company.com/AutoDiscover/AutoDiscover.xml
  for user [email protected].
   The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response.
    +Additional Details
    An HTTP 401 Unauthorized response was received from the remote Unknown server. This is usually the result of an incorrect username or password. If you    are attempting to log onto an Office 365 service, ensure you are using your
  full User Principal Name (UPN).
    Headers received:
    Content-Type: text/html
    Server: Microsoft-IIS/7.5
    WWW-Authenticate: Negotiate,NTLM,Basic realm="autodiscover.company.com"
  The odd thing is, if I browse to the autodiscover file location (externally), then I'm prompted for credentials. When I enter the same credentials that I input into the Microsoft connectivity analyser, I do actually get the correct https status 600 response.
  Also, within EMS, when I run "Test-OutlookWebServices" on Client Access servers in site B, I see the following results...
  RunspaceId : 5c80ec49-f6f8-4f7a-ae63-4ed61a3c966e
  Id         : 1104
  Type       : Error
  Message    : The certificate for the URL https://ExchServer.domain.local/autodiscover/autodiscover.xml is incorrect. For SSL to work, the certificate
  needs
                to have a subject of ExchServer.domain.local, but the subject that was found is webmail.Company.com. Consider correcting service discovery,
               or installing a correct SSL certificate.
  RunspaceId : 5c80ec49-f6f8-4f7a-ae63-4ed61a3c966e
  Id         : 1113
  Type       : Error
  Message    : When contacting https://ExchServer.domain.local:443/autodiscover/autodiscover.xml received the error The remote server returned
  an error:
   (500) Internal Server Error.
  RunspaceId : 5c80ec49-f6f8-4f7a-ae63-4ed61a3c966e
  Id         : 1123
  Type       : Error
  Message    : The Autodiscover service couldn't be contacted.
  However - I can't see where Exchange has pulled the "...domain.local" address from for Autodiscovery. Both Get-AutodiscoveryVirtualDirectory and Get-ClientAccessServer both report the correct URLs/URIs with the FQDN of Company.Com (which are on
  the GoDaddy certificate we use both internally and externally).
  Outlook Anywhere
  Whether my issues with Outlook Anywhere are related to Autodiscover, I'm not sure. Users who's mailbox is located at Site A (internet facing) are fine, and Outlook Anywhere works great. But users who's mailbox is at Site B, can't use Outlook Anywhere (Starting
  Outlook in RPCDiag mode shows that it tries to connect, and sometimes establishes a connection for a couple of seconds, then disconnects completely).
  Running "Test-OutlookConnectivity -Protocol:http" on a Client Access server at Site B, passes all but the last scenario (Mailbox::Logon), which throws up the following error:
  RunspaceId                  : 5c80ec49-f6f8-4f7a-ae63-4ed61a3c966e
  ServiceEndpoint             : ExchServer.domain.local
  Id                          : MailboxLogon
  ClientAccessServer          : ExchServer.domain.local.ad.local
  Scenario                    : Mailbox::Logon.
  ScenarioDescription         :
  PerformanceCounterName      : Mailbox: Logon latency
  Result                      : Failure
  Error                       :
  UserName                    : ad.local\extest_a91a4b4076f24
  StartTime                   : 14/01/2014 16:33:27
  Latency                     : -00:00:00.0010000
  EventType                   : Error
  LatencyInMillisecondsString : -1.00
  Identity                    :
  IsValid                     : True
  Testing Outlook Anywhere using Microsoft RCA throws up the error:
  RPC Proxy can't be pinged.
  An HTTP 401 error was received...
  Any help is greatly appreciated. Let me know if I've missed any info!
  Thanks
  Tony

  Hi Guys,
  My first chance today to respond!
  Firstly - thanks for all the information. I really appreciate it.
  Well, the good news is that Outlook Anywhere is now working at Site B. It looks like a combination of disabling Outlook Anywhere at Site B (thanks
  Jon), and then being patient and allowing replication to do its stuff (thanks Rhoderck).
  However RCA is still showing ‘Failed’ with the following error. If it helps to have the full output, please let me know. Just for info, I chose
  the option to test using autodiscovery (rather than manually enter it), which passed fine.
  Attempting to ping RPC proxy webmail.company.com.
  RPC Proxy can't be pinged.
  Additional Details
  An HTTP 401 Unauthorized response was received from the remote Unknown server. This is usually the result of an incorrect username or password.
  If you are attempting to log onto an Office 365 service, ensure you are using your full User Principal Name (UPN). Headers received: Content-Type: text/html Server: Microsoft-IIS/7.5 WWW-Authenticate: Negotiate,NTLM X-Powered-By: ASP.NET Date: Tue, 21 Jan
  2014 09:55:41 GMT Content-Length: 58
  Elapsed Time: 1063 ms.
  RPCProxy - ValidPorts
  Thanks for the 'SoundTrackOfMyLife' link... that looks to be almost identical to my scenario (with the exception of the Kemp LoadMasters). Following
  through the troubleshooting, my CAS servers at Site A (Internet Facing) are showing the registry key 'ValidPorts' as...
  SiteB-ExchCasSvr01:593;SiteB-ExchCasSvr01:49152-65535
  So - should this be...
  SiteB-ExchMbxSvr01:6001-6002;SiteB-ExchMbxSvr01:6004;SiteB-ExchMbxSvr01.domain.local:6001-6002;SiteB-ExchMbxSvr01.domain.local:6004;
  i.e. I only add ports 6001,6002 and 6004 for mailbox servers only? If so, which sites mailbox servers should I put in here?
  SSL Off Loading
  We've only really implemented SSL Offloading on the advice from Kemp (it's built in to their Exchange 2010 template). Apparently, the advantage
  is the LoadMasters have a dedicated hardware processor for decryption/encryption of SSL traffic, thus taking the load off the Exchange servers. Exactly how much of a load this would normally be for our Exchange servers is unknown. We've followed Kemp's documentation
  on unchecking 'Require SSL' for the IIS directories on Site A, and also configured Outlook Anywhere with SSL Offloading through the EMC. This was required as the Kemp's are not re-encrypting traffic to the CAS servers (which are on the same site / LAN
  segment), and we're not a bank... so don't need encryption between the LoadMasters and the client access servers.
  However, Site B (non internet facing) has 'Require SSL' enabled on IIS directories, since (I guess) traffic is encrypted when performing CAS-CAS
  proxying?
  I am, as ever, open to suggestions on this design... since our original design was to use TMG for reverse proxy. It was only the end-of-life issue
  with TMG, and the fact that we opted for the Kemp LoadMasters (which offered ESP as a replacement to TMG) that swung us down this path.
  ESP and SSO are implements on the LoadMaster at Site A (internet facing), which is (was!) not the problem site.
  Thanks again for your time and assistance guys. We’re almost there!
  Tony

• PROTOCOL_ERROR line 627 of URL.cpp unexpected EOF reading HTTP status

  Hello,
  I'm having a problem getting the NSAPI plugin talking with the WLS6.1sp3 Application
  server.
  The iPlanet Server logs the error:
  *******Exception type [PROTOCOL_ERROR] raised at line 627 of URL.cpp
  Thu Oct 31 10:20:03 2002 got exception in sendRequest phase: PROTOCOL_ERROR [line
  627 of URL.cpp]: unexpected EOF reading HTTP status at line 1048
  Thu Oct 31 10:20:03 2002 Failing over after sendRequest exception
  The Application Server logs:
  <Oct 31, 2002 10:20:03 AM MST> <Error> <HTTP> <Connection failure
  java.lang.NullPointerException
  at weblogic.servlet.internal.ServletRequestImpl.setField(ServletRequestImpl.java:1733)
  at weblogic.servlet.internal.RequestParser.parse(RequestParser.java:254)
  at weblogic.servlet.internal.MuxableSocketHTTP.dispatch(MuxableSocketHTTP.java:355)
  at weblogic.socket.PosixSocketMuxer.deliverGoodNews(PosixSocketMuxer.java:455)
  at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:384)
  at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:24)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  Thanks in advance!
  Steve

  FYI, this was determined to be a bug in WebLogic 6.1sp3. BEA provided us with a
  patch.
  "Steve Wall" <[email protected]> wrote:
  >
  Hello,
  I'm having a problem getting the NSAPI plugin talking with the WLS6.1sp3
  Application
  server.
  The iPlanet Server logs the error:
  *******Exception type [PROTOCOL_ERROR] raised at line 627 of URL.cpp
  Thu Oct 31 10:20:03 2002 got exception in sendRequest phase: PROTOCOL_ERROR
  [line
  627 of URL.cpp]: unexpected EOF reading HTTP status at line 1048
  Thu Oct 31 10:20:03 2002 Failing over after sendRequest exception
  The Application Server logs:
  <Oct 31, 2002 10:20:03 AM MST> <Error> <HTTP> <Connection failure
  java.lang.NullPointerException
  at weblogic.servlet.internal.ServletRequestImpl.setField(ServletRequestImpl.java:1733)
  at weblogic.servlet.internal.RequestParser.parse(RequestParser.java:254)
  at weblogic.servlet.internal.MuxableSocketHTTP.dispatch(MuxableSocketHTTP.java:355)
  at weblogic.socket.PosixSocketMuxer.deliverGoodNews(PosixSocketMuxer.java:455)
  at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:384)
  at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:24)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  Thanks in advance!
  Steve