web service remote access
Steve_Contris
Member Posts: 114
I am using web services on a Nav 2009 three-tier install and that works well from any computer in our office but I would like to be able to hit those services from outside our domain. I have port 7047 opened on the firewall and using network monitor I can see that my services requests make it through to the server but on my outside test machine I only get "The website cannot display the page" HTTP 500
When I try the connection, I am prompted for my domain login credentials and only allows any connection at all if the credentials are correct.
Is this kind of connection not possible with web services?
When I try the connection, I am prompted for my domain login credentials and only allows any connection at all if the credentials are correct.
Is this kind of connection not possible with web services?
What would Elvis do?
0
Comments
-
Hi,
the caller must authenticate itself to the web service. For this the calling machine must be part of the AD domain (or something like it, not an AD expert). We had the same issue, there are also a few blog articles on this topic. To resolve it we have built a WS proxy which is routing the web service calls through and does the authentication on the AD side. The only catch is that you need to change and recompile it when the web service changes.
with best regards
Jens0 -
Thanks for the suggestion but I did find a reference to the need for turning on NTLM authentication for web services to be able to be accessed remotely. This is a setting in the CustomSettings.config file. The default is SPNEGO. (I am going to try that after hours when it wont interfere in case it disrupts normal web services access.)
I also found this in wikipedia:
"While Kerberos has replaced NTLM as the default authentication protocol in an Active Directory (AD) based single sign-on scheme, NTLM is still widely used in situations where a domain controller is not available or is unreachable. For example, NTLM would be used if a client is not Kerberos capable, the server is not joined to a domain, or the user is remotely authenticating over the web."
So it seems that NTLM is the only way to access web services over the internet since the domain controller is not reachable.What would Elvis do?0
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 116 Navision DOS
- 851 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 617 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 320 Dynamics CRM
- 111 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 990 SQL General
- 383 SQL Performance
- 34 SQL Tips & Tricks
- 35 Design Patterns (General & Best Practices)
- 1 Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.6K General
- 1.1K General Chat
- 1.6K Website
- 83 Testing
- 1.2K Download section
- 23 How Tos section
- 252 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions