Kerberos Double-Hop Issue between IIS and SSAS [du

2019-09-10 22:49发布

问题:

Possible Duplicate:
Can I turn off impersonation just in a couple instances

I've created an application that, when uploaded to my server throws the following exceptions:

[Win32Exception (0x80004005): No credentials are available in the security package]
[AdomdConnectionException: Authentication failed.]

Here is my connection string:

public AdomdConnection conn = new AdomdConnection("Data Source=BTN-SQL1;Initial Catalog=BTNTurboAnalysisServices;Integrated Security=SSPI;SSPI=Kerberos;Persist Security Info=False;");

Its worth noting that BTN-SQL1 is on a different server to my web server and I'm also using Windows Authentication with Impersonation enabled.

Below is my stack trace:

[Win32Exception (0x80004005): No credentials are available in the security package]
   Microsoft.AnalysisServices.AdomdClient.NTAuthentication.GetOutgoingBlob(Byte[] incomingBlob, Boolean& handshakeComplete) +424
   Microsoft.AnalysisServices.AdomdClient.XmlaClient.Authenticate(ConnectionInfo connectionInfo, DateTime startTime) +175

[AdomdConnectionException: Authentication failed.]
   Microsoft.AnalysisServices.AdomdClient.XmlaClient.Authenticate(ConnectionInfo connectionInfo, DateTime startTime) +1308
   Microsoft.AnalysisServices.AdomdClient.XmlaClient.OpenTcpConnection(ConnectionInfo connectionInfo) +498
   Microsoft.AnalysisServices.AdomdClient.XmlaClient.Connect(ConnectionInfo connectionInfo, Boolean beginSession) +1142
   Microsoft.AnalysisServices.AdomdClient.XmlaClientProvider.Connect(Boolean toIXMLA) +267
   Microsoft.AnalysisServices.AdomdClient.AdomdConnection.ConnectToXMLA(Boolean createSession, Boolean isHTTP) +235
   Microsoft.AnalysisServices.AdomdClient.AdomdConnection.Open() +973
   btn_intranet.Areas.Sales.Controllers.HomeController.CumulativeChart(String month, String year) in <path to file>/HomeController.cs:69
   lambda_method(Closure , ControllerBase , Object[] ) +182
   System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters) +264
   System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters) +39
   System.Web.Mvc.<>c__DisplayClass15.<InvokeActionMethodWithFilters>b__12() +129
   System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodFilter(IActionFilter filter, ActionExecutingContext preContext, Func`1 continuation) +798650
   System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodWithFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor, IDictionary`2 parameters) +314
   System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName) +798704
   System.Web.Mvc.Controller.ExecuteCore() +159
   System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext) +335
   System.Web.Mvc.<>c__DisplayClassb.<BeginProcessRequest>b__5() +62
   System.Web.Mvc.Async.<>c__DisplayClass1.<MakeVoidDelegate>b__0() +20
   System.Web.Mvc.<>c__DisplayClasse.<EndProcessRequest>b__d() +54
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +469
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +375

Any help would be appreciated, thanks!

回答1:

I've managed to solve the problem. Basically I just disabled impersonation for the specific methods that were causing the problem by using the solution found here:

Can I turn off impersonation just in a couple instances