解决办法:

跟服务器有关,需要再每台服务器进行以下配置

New-ItemProperty HKLM:\System\CurrentControlSet\Control\Lsa -Name "DisableLoopbackCheck" -value "1" -PropertyType dword

下面是有关 loopback问题的由来以及应对措施:

Windows Server 2003 SP1 introduced a loopback security check. This feature is obviously also present in Windows Server 2008. The feature prevents access to a web application using a fully qualified domain name (FQDN) if an attempt to access it takes place from a machine that hosts that application. The end result is a 401.1 Access Denied from the web server and a logon failure in the event log.

Unfortunately 401.1 is not really helpful as this error code means there is a problem with the user credentials. Of course, the HTTP spec doesn’t know about security features in a vendor’s implementation so there can’t be a HTTP error code for such a feature. This can lead to much banging of the head on the desk. It’s one of numerous causes of the 401.1 which are nothing to do with invalid credentials (e.g. attempting to use Kernel Mode Authentication with domain account in IIS7).

This problem occurs because of the way that NT LAN Manager (NTLM) treats different naming conventions as remote entities instead of as local entities. A local authentication failure might occur when the client calculates and caches the correct response to the NTLM challenge that is sent by the server in local "lsass" memory before the response is sent back to the server. When the server code for NTLM finds the received response in the local "lsass" cache, the code does not honor the authentication request and treats it as a replay attack. This behavior leads to a local authentication failure.

This issue was introduced from a security fix:

http://support2.microsoft.com/kb/957097/en

To work around this issue, we have two ways to do that:

http://support2.microsoft.com/kb/896861

域名通过infopath访问webservice出现401错误的更多相关文章

  1. Jwt访问api提示401错误 Authorization has been denied for this request

    教程  http://bitoftech.net/2015/02/16/implement-oauth-json-web-tokens-authentication-in-asp-net-web-ap ...

  2. MVC4中 访问webservice 出现无法找到资源的错误

    出现这个情况,是mvc将webservice.asmx解析成了控制器,下面先将这个控制器忽略 继续访问出现这样的错误: 下面修改配置文件 访问成功

  3. ajax——client访问webservice基本用法

    学前aps.net当我学会了使用服务器端的访问webservice方法,然后实现一个样本:web server模拟网上购物,今天学习asp.net ajax的时候学习到了client直接訪问webse ...

  4. asp.net访问WebService的各种方式

    WebService的访问形式主要有:SOAP调用.XMLHTTP POST.GET调用.MicroSoft.XMLDOMC调用.webbehavior.htc调用 我们知道的在C#后台本地调用Web ...

  5. flex 访问webservice方法及跨域问题解决

    一.flex调用webserivice代码 import mx.rpc.soap.WebService; import mx.rpc.events.FaultEvent;   import mx.rp ...

  6. Android局域网访问webservice以及其中的一些问题

    应老师的要求,要做个安卓app,实现备份app上的数据到服务器上的mongodb上,网上搜了下相关的实现方式.利用webservice技术,具体来说就是客户端直接调用服务器端的接口.之前从来没接触这玩 ...

  7. (转)Android访问webservice

    纠正网上乱传的android调用Webservice方法.   1.写作背景: 笔者想实现android调用webservice,可是网上全是不管对与错乱转载的文章,结果不但不能解决问题,只会让人心烦 ...

  8. 部署samba服务之后,在客户端用挂载访问的方式,错误信息:mount: block device //192.168.1.108/mysqldata is write-protected, mounting read-only mount: cannot mount block device //192.168.1.108/mysqldata read-only

    部署samba服务之后,在客户端用挂载访问的方式,错误信息:mount: block device //192.168.1.108/mysqldata is write-protected, moun ...

  9. Firefox访问https出现 ssl_error_weak_server_ephemeral_dh_key错误

    一个自签名的内部网站当ff访问时出现以下错误 SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange hands ...

随机推荐

  1. ASP.NET AJAX web chat application

    ASP.NET AJAX web chat application The project illustrates how to design a simple AJAX web chat appli ...

  2. maven settings.xml 文件

    指定jdk 的版本: <profile> <id>jdk-1.8</id> <activation> <activeByDefault>tr ...

  3. JSON.parse() 方法解析一个JSON字符串

    JSON.parse() 方法解析一个JSON字符串,构造由字符串描述的JavaScript值或对象.可以提供可选的reviver函数以在返回之前对所得到的对象执行变换. 语法EDIT JSON.pa ...

  4. 【转】跨DLLnew delete问题

    转两篇文章来说这个问题的 链接1:https://blog.csdn.net/notebook2001a/article/details/6647850 链接2:https://blog.csdn.n ...

  5. Java Web 从入门到精通(明日科技)

    目录结构: 第一章:Java Web 应用开发概述 第二章:html与css网页开发基础 第三章:JavaScript脚本语言 第四章:搭建开发环境 第五章:JSP语言基础 第六章:JSP内置对象 第 ...

  6. Linux安装centos7

    安装 选择安装centos7,按回车 进入到安装界面: 选择我要自定义分区,然后点击左上角done: 然后自定义分区(swap分区一般为内存的2倍,我这里用的虚拟机截的图,所以内存给的少,具体按照自己 ...

  7. jsp中常用的标签

    jsp本质上就是一个servlet,只是tomcat会将其翻译成servlet,servlet本质上是一个类,那么jsp也是一个类.jsp中各种标签都会被tomcat翻译成各种基本的java代码 如果 ...

  8. CVE-2017-7494:Linux Samba named pipe漏洞

    描述: 漏洞是由于代码中一个管道申请命令的判断导致的,可以通过构造特定请求执行上传的so文件. 漏洞影响了Samba 3.5.0 之后到4.6.4/4.5.10/4.4.14中间的所有版本. 测试: ...

  9. SNAT和DNAT的区别

    SNAT: Source Network Address Translation,是修改网络包源ip地址的.DNAT: Destination Network Address Translation, ...

  10. 18-(unicode error) 'unicodeescape' codec can't decode bytes in position 16-17: truncated \uXXXX escape

    读取文件时碰到问题: 1.(unicode error) 'unicodeescape' codec can't decode bytes in position 16-17: truncated \ ...