Random AuthenticationManager CustomTargetNameDictionary exception when calling a WCF service


I Have been receiving this error when making a call to a WCF service from a ASP.Net application:

Unhandled Exception: System.InvalidOperationException

System.InvalidOperationException: The entry found in AuthenticationManager's CustomTargetNameDictionary for {URL} does not match the requested identity of host/{Hostname}.

Server stack trace: 
   at System.ServiceModel.Channels.HttpTransportSecurityHelpers.AddIdentityMapping(Uri via, EndpointAddress target)
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.PrepareOpen()
   at System.ServiceModel.Channels.HttpsChannelFactory.HttpsRequestChannel.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
   at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

The strange part about it is that I can not reproduce it on any machine other than our production web servers, and it only happens sporadically. The service requires active directory authentication but I am sure that the user has the correct permission set.

It doesn't seem to be a problem with the WCF config because it works sometimes, and other applications make calls to the same service without error.

I have already tried completely recreating the user, recreating the app pool that it runs in and re-installing the application. Thanks for the help!

By : omockler


This seems to match the "old" problem with "broken impersonation". Which part or you solutions runs with with credentials? If your Web user (even if he is logged in to your domain) is impersonated correctly in the ASP.net application, your chain might break when calling the WS (and the AD from there on). So make sure that your WS runs with a user context, and it is allowed to access the AuthManager parts. If you need, make sure that Kerberos' delegation is either enabled on the user account or on the machine accounts.

(You might not see this problem when developing on your PC 'cause you probably run as Admin and have "debug" permissions.)

HTH, Thomas

By : Tomcat

I ran into the same problem with the same error. It was doing my head in, but I found the solution.

It appears to be a caching issue in the WCF client libraries. It looks like that for every web service URL it remembers the endpoint identity. If two requests are made for a single web service from code in the same application pool then you will get the error you reported if they don't use the exact same identity.

In my situation one identity used upper case and the other one lower case. As a result whatever code was called first would continue to work just fine, but any code that used the second identity would consistently fail until the application pool was restarted.

My code is as follows

// ** Specify an identity (any identity) in order to get it past .net3.5 sp1
EndpointIdentity epi = EndpointIdentity.CreateUpnIdentity("unknown");
EndpointAddress epa = new EndpointAddress(new Uri(address), epi);

Another bit of code used "Unknown" rather than "unknown"

By : Muhimbi

This video can help you solving your question :)
By: admin