Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 304 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 260 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
web service remote access
Steve_Contris
Member Posts: 114
I am using web services on a Nav 2009 three-tier install and that works well from any computer in our office but I would like to be able to hit those services from outside our domain. I have port 7047 opened on the firewall and using network monitor I can see that my services requests make it through to the server but on my outside test machine I only get "The website cannot display the page" HTTP 500
When I try the connection, I am prompted for my domain login credentials and only allows any connection at all if the credentials are correct.
Is this kind of connection not possible with web services?
When I try the connection, I am prompted for my domain login credentials and only allows any connection at all if the credentials are correct.
Is this kind of connection not possible with web services?
What would Elvis do?
0
Comments
the caller must authenticate itself to the web service. For this the calling machine must be part of the AD domain (or something like it, not an AD expert). We had the same issue, there are also a few blog articles on this topic. To resolve it we have built a WS proxy which is routing the web service calls through and does the authentication on the AD side. The only catch is that you need to change and recompile it when the web service changes.
with best regards
Jens
I also found this in wikipedia:
"While Kerberos has replaced NTLM as the default authentication protocol in an Active Directory (AD) based single sign-on scheme, NTLM is still widely used in situations where a domain controller is not available or is unreachable. For example, NTLM would be used if a client is not Kerberos capable, the server is not joined to a domain, or the user is remotely authenticating over the web."
So it seems that NTLM is the only way to access web services over the internet since the domain controller is not reachable.