PSI authentication only returns 401

Question

I'm developing a web-service that is going to be a "gatekeeper" between many apps and the PSI. the thing is that the "many apps" will supply a login/password and the web-service must authenticate them against the PSI. But whatever i do i always get a 401 Unauthorized error when i call the "PSIFormsLogin.Login(user,password)" method... ive used even the user that runs the farm...

ive also already followed the following MS tutorial: http://msdn.microsoft.com/en-us/library/ff181538.aspx

in the end all i wanna do is validate the account/password supplyed using the PSI web-Services, can anyone pls tell me what am i doing wrong???

PS: not the WCF

New Info: something funny happened. I intentionally switched the URL to a non-existent on: http://myserver/pwa/_vti_bin/psi/bla.asmx but i still got a 401...

Answer 1

Make sure you have modified the web.config of your application like this. Just overwrite the security node in the binding node:

<binding name="WssInteropSoap">
  <security mode="TransportCredentialOnly">
    <transport clientCredentialType="Ntlm" proxyCredentialType="Ntlm"
        realm="" />
    <message clientCredentialType="UserName" algorithmSuite="Default" />
  </security>
</binding>

Now you can authenticate without a special account (passtrough from windows) or with this code, you can specify an account:

//credential impersonation (just if you changed your binding settings)
projectSvc.ClientCredentials.Windows.ClientCredential = new NetworkCredential("username", "password", "domain");
projectSvc.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;

I hope it will help :)

But, I've never heard of a function which is called: "PSIFormsLogin.Login"

Maybe my blog entry for setting up a connection to the PSI with C# is interesting for you: Read Project Server 2010 CustomFields over PSI