I have a problem with "Microsoft.Data.SqlClient.SqlException: 'Login failed: The HTTP request was forbidden with client authentication scheme 'Anonymous'." I can't find a example that is run.
var sqlConnectionString = #"
Data Source=xxxxx.crm4.dynamics.com;
Initial Catalog=xxxxx;
User ID=<the app id>;
Password=<the secret>;
Authentication=ActiveDirectoryServicePrincipal;";
using var cn = new SqlConnection(sqlConnectionString);
cn.Open();
Where is my mistake? Why use the connection the http scheme? Where can I this configure?
Thanks a lot for every idea. I am despairing :-o
Related
We are trying to connect to Office365 over POP3 using OAUTH. We get the error "Protocol error. Connection is closed. 10" stacktrace mentioned below
javax.mail.AuthenticationFailedException: Protocol error. Connection is closed. 10
at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:193)
at javax.mail.Service.connect(Service.java:342)
Below if the snipped of code we are usign to connect
Properties props = new Properties();
props.put("mail.pop3.ssl.enable", "true");
props.put("mail.pop3s.auth.mechanisms","XOAUTH2");
props.put("mail.debug", "true");
session = Session.getInstance(props);
final Store store = session.getStore("pop3s");
store.connect("outlook.office365.com", 995, userId, accessToken);
We are able to connect to Office using IMAP protocol over OAUTH. we tried this with jakarta-mail-1.6.5 and jakarta-mail-1.6.6 both but are unable to resolve the error. Please suggest if we are connecting wrongly or there is any properties missing.
Worked with the workaround mentioned in https://github.com/eclipse-ee4j/mail/issues/461 on Jakarta-mail 1.6.6 development version.
I am following code to send mail without authentication.The java code described as follows.
final String frommail = "a#g.com"
String toEmail = "b#gmail.com";
Properties props = new Properties();
props.put("mail.smtp.auth", PropertiesLoader.getPropertiesValue(MAIL_SMTP_AUTH));
props.put("mail.smtp.host", PropertiesLoader.getPropertiesValue(MAIL_SMTP_HOST));
props.put("mail.smtp.port", PropertiesLoader.getPropertiesValue(MAIL_SMTP_PORT));
//enable authentication
props.put(MAIL_SMTP_ENABLE, PropertiesLoader.getPropertiesValue(MAIL_SMTP_ENABLE));
Session session = Session.getInstance(props);
try {
MimeMessage msg = new MimeMessage(session);
//set message headers
msg.addHeader("Content-type", "text/HTML; charset=UTF-8");
msg.addHeader("format", "flowed");
msg.addHeader("Content-Transfer-Encoding", "8bit");
msg.setFrom(new InternetAddress(frommail, EMAIL_FROM_NAME));
// msg.setReplyTo(InternetAddress.parse(frommail, false));
msg.setSubject(subject, "UTF-8");
msg.setContent(body, MAIL_CONTENT_TYPE);
msg.setSentDate(new Date());
msg.setRecipients(Message.RecipientType.TO, InternetAddress.parse("pramilkprince#rediffmail.com", false));
Transport.send(msg);
logger.info("EMail Sent Successfully!!");
But when sending mail, it throws following exception
com.sun.mail.smtp.SMTPAddressFailedException: 554 5.7.1
: Relay access denied at
com.sun.mail.smtp.SMTPTransport.rcptTo(SMTPTransport.java:1862) at
com.sun.mail.smtp.SMTPTransport.sendMessage(SMTPTransport.java:1118)
at javax.mail.Transport.send0(Transport.java:254) at
javax.mail.Transport.send(Transport.java:124) at
com.gtl.gcc.util.SendEmail.sendEmailFromInfo(SendEmail.java:195) at
com.gtl.gcc.util.SendEmail.createMailBodyAndSendMailForUpdateKYC(SendEmail.java:144)
if any one have any idea about this please help
If you want to send mail without authentication, you need to run your own SMTP server. If it's on the public internet, it will be flooded with spam before you can use it yourself. If it's on your private intranet, you can make it work. Gmail, for example, is definitely not going to let you send mail without authenticating. Note that this has absolutely nothing at all to do with use of the JavaMail API.
As #BillShannon pointed out, sending through most SMTP servers will require authentication due to SPAM issues.
However, the MX Gateways for any domain are required to be open on TCP 25 and for emails without authentication.
While working on Java send email avoiding smtp relay server and send directly to MX server I created a small example to use the target domain's MX server to directly address that.
As pointed out before: If your sending server does not reverse-DNS to the domain you're sending from, you'll most likely end up being blocked or directly classified as spam.
Good Luck
I have a Windows Server 2016 TechnicalPreview 3 with a configured ADFS vNext, as first client I have created an MVC Application as a ReplingPartyTrust.
The authentication with the ADFS work really well with the MVC Application.
Now to the problem: I have written a Native Application (WPF) which i want to authenticate against the ADFS.
The Steps i did are:
To inform the ADFS of my new WPF Client i ran the the following PowerShell Script:
Add-ADFSClient -ClientType Public -Name “MyClient” -ClientId “E1CF1107-FF90-4228-93BF-26052DD2C714” -RedirectUri “https://E1CF1107-FF90-4228-93BF-26052DD2C714/redir´”
To authenticate the client (Code-Wise) i used the following NuGet-Package:
Microsoft.IdentityModel.Clients.ActiveDirectory (3.5 (Alpha))
Then I wrote the following code:
string authority = "https://win2016preview.server.local/adfs/ls";
string resourceURI = "https://adfs.server.local/MyMVCApp";
string clientReturnURI = "https://e1cf1107-ff90-4228-93bf-26052dd2c714/redir";
string clientID = "E1CF1107-FF90-4228-93BF-26052DD2C714";
var ac = new AuthenticationContext(authority, false);
var ar = await ac.AcquireTokenAsync(resourceURI, clientID, new
Uri(clientReturnURI),
new PlatformParameters(PromptBehavior.Auto, new
WindowInteropHelper(this).Handle));
With this code, the client should authenticate at the ADFS (over OAuth i think) and prompt the user to enter his organisation credentials.
If i run the application this window appears:
I choose Yes (Ja) and the credential prompt opens. In the same time the following exception occures
In the event log if the server ADFS the following error message appears:
Microsoft.IdentityServer.Web.Protocols.OAuth.Exceptions.OAuthAuthorizationUnauthorizedClientException: MSIS9321: Received invalid OAuth request. The client 'E1CF1107-FF90-4228-93BF-26052DD2C714' is forbidden to access the resource 'https://adfs.server.local/MyMVCApp.
at Microsoft.IdentityServer.Web.Protocols.OAuth.OAuthAuthorization.OAuthAuthorizationRequestContext.ValidateCore()
at Microsoft.IdentityServer.Web.Protocols.ProtocolContext.Validate()
at Microsoft.IdentityServer.Web.Protocols.OAuth.OAuthAuthorization.OAuthAuthorizationProtocolHandler.GetRequiredPipelineBehaviors(ProtocolContext pContext)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.GatherDeviceSecurityToken(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
As far as i can tell, the ADFS recognizes the Client Id and tries to authenticate it. But the ADFS rejects the Client.
Did i forget to configure something? The client should just prompt the user, which authenticates against the ADFS, so the client can habe the AuthenticationToken.
I hope you can follow me. Thank you in advance!
The solution is very simple :)
Add the property IssuanceAuthorizationRules (Add-ADFSRelyingPartyTrust )
-IssuanceAuthorizationRules '=> issue (Type = "http://schemas.microsoft.com/authorization/claims/permit" value = "true");'
I have written a WebApp, which is deployed on Google AppEngine. I am trying to fetch a url in my app.. It shows the following error:
Firewall Notification - Your access has been blocked by firewall
policy 732. If you have any further concerns, please contact your
network administrator for more information.
This is how I am fetching the url.. Am I doing something wrong here?
URL url = new URL(urlString);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setConnectTimeout(REQUEST_TIME_OUT);
conn.setReadTimeout(REQUEST_TIME_OUT);
conn.setDoOutput(true);
int length = dataToBePost.length();
conn.setRequestProperty("Content-Length", (String.valueOf(length)));
OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
wr.write(dataToBePost);
wr.flush();
InputStream inStream = conn.getInputStream();
//using inStream now
NOTE: This is happening only when I deploy my app on Google AppEngine, and if I deploy my app on my local server, it works fine.
The url which I am trying to fetch is outside from Google Cloud/AppEngine network..
Is there any specific thing I have to do to make it work on AppEngine?
This is a Fortinet Firewall notification.
That mean that your administrator blocked you that website.
I don't think Google use Fortinet, they have their own technology. BTW that sound correct as you are able to connect to it when localhost, and your IT block certain connection, like this one.
Source: I have the same at work. Good luck!
Has anyone successfully used the System.Net.HTTPWebRequest with Active Directory authentication in a DotNetNuke website? I have looked around and found several references to HTTPWebRequest and Active Directory authentication, but none seem to have the special sauce. I have tried uncountable variations of the attributes/methods, without success.
The development environment I am working in is a Windows 2003 Server that acts as a backup PDC and runs IIS 6.0. The website is running DotNetNuke 4.9.4 with Active Directory authentication (also tried it in DNN 5.1.4) and is working great for login. However, one of the modules does a HTTPWebRequest to process files and it is faling with a 401 Unauthorized error.
The most basic of code I have tried:
Dim webReq As HttpWebRequest = DirectCast(WebRequest.Create(sURL), HttpWebRequest)
webReq.Timeout = 30000
Dim credential As New NetworkCredential(sUserName, sPassword)
Dim credentialCache As New CredentialCache()
credentialCache.Add(New Uri(sURL), "NTLM", credential)
webReq.Credentials = credentialCache
webReq.KeepAlive = True
webReq.Accept = "/"
I have tried adding PreAuthenticate.
I have also tried registry key modifications, including this one:
Changes to NTLM authentication for HTTPWebRequest in Version 3.5 SP1
All without success. Each time I get the dreaded 401:
The remote server returned an error: (401) Unauthorized.
at System.Net.HttpWebRequest.GetResponse()
I have also created a simple aspx page with the following int he code behind:
Dim requestUrlString As String = "http://adtestsite/somepage.aspx"
Dim webReq As HttpWebRequest = DirectCast(WebRequest.Create(requestUrlString), HttpWebRequest)
Dim nc As New NetworkCredential("UserName", "Password", "OurDomainName")
Dim webResponse As System.Net.HttpWebResponse = DirectCast(webReq.GetResponse, HttpWebResponse)
If webResponse.StatusCode = HttpStatusCode.OK Then
Response.Write("Yes!")
Else
Response.Write("NO!")
End If
I get a "NO!" everytime with the 401 error.
I am beating my head against the wall on this one. If anyone has the recipe for the secret sauce, PLEASE let me know!
What is the OS platform of the server that HttpWebRequest is connecting to?