WCF Fix-The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'NTLM'.

I thought I'd done a post on this error previously, but I double checked google and I obviously hadn't.

The Problem
When calling WSS / SharePoint web services (such as Lists.asmx) via WCF, you will normally get this error if you leave the settings as configured by the “Add Service Reference Wizard” :

“The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'NTLM'.”

The Solution

You must specify a non-anonymous impersonation level for your ClientCredentials. Just specifying a username and password for your WCF Service reference's ClientCredentials.UserName.UserName and ClientCredentials.UserName.Password is not sufficient to resolve the problem.

In particular (When SharePoint server is on different domain):

ServiceReference1.ListsSoapClient client = new ServiceReference1.ListsSoapClient();
client.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential("username", "password", "domain");
client.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Identification;
client.GetListCollection();

Of course, when on same domain, don’t have to pass in the Windows.ClientCredential information. You can also set the above values in app.config configuration elements rather than code, but I won't cover that here.

You can use (with descending levels of security):
System.Security.Principal.TokenImpersonationLevel.Identification
System.Security.Principal.TokenImpersonationLevel.Impersonation
System.Security.Principal.TokenImpersonationLevel.Delegation

Details on these impersonation levels can be found at: http://msdn.microsoft.com/en-us/library/system.security.principal.tokenimpersonationlevel.aspx

Config Changes

<configuration>
  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="ListsSoap">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Ntlm" proxyCredentialType="None"
                realm="" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>
        </binding>
      </basicHttpBinding>    
    <client>
      <endpoint address="http://servername/_vti_bin/Lists.asmx"
             binding="basicHttpBinding" bindingConfiguration="ListsSoap"
             contract="ServiceReference1.ListsSoap" name="ListsSoap1" />
    </client>
  </system.serviceModel>
</configuration>

Just Passed 70-541 - Technical Specialist: Microsoft Windows SharePoint Services 3.0 – Application Development

After the success of last week's exam (see http://ddkonline.blogspot.com/2009/01/just-passed-microsoft-exam-70-630-ts.html), I followed up with the Windows SharePoint services application development (WSS 3.0 development) exam. One of the main differences between the format of the 70-541 and 70-630 exam is that there is first a survey about (basically) how good you think you are at different areas of WSS development. I don't know if these affect the questions you are asked in the exam proper - but it is possible they use it as a way to choose the set of questions you recieve. Your guess is as good as mine, unless the folks at Microsoft/Prometric want to let us know how the application works...

The exam itself was slightly longer than the MOSS 2007 one (59 questions vs 51 questions) and as is typical for development exams - the difficulty level was a lot higher. You have to know some of your configuration basics PLUS the coding side of things. I came out of the exam after I got my score (900/1000) and was a little miffed that I answered the way I did for some of the questions. Many of the questions try to lead you up the garden path - and I probably was trying to anticipate what the exam creators were thinking a little too much.

I am considering Performance Point (70-556 - Technical Specialist: Microsoft Office PerformancePoint Server 2007, Applications) next as Oakton has some clients who are interested in using it - and skills in the area seem to be in short supply. One problem is that there are no recommended readings for the PeformancePoint exam, so it will largely be a Technet and MSDN study effort. I was in a similar situation for the ASP.NET 2.0 beta exams as well - so I should be OK.

"Command line error." when installing Web Part into WSS 3.0/MOSS 2007 with stsadm.exe

This is a bizarre problem - but if you get the stsadm.exe generic "command line error." whilst trying to install SharePoint web parts and your paths look fine, it may just be an encoding issue when you copy the commandline arguments between different apps. You do NOT need to have your wsp file in the same directory as stsadm.exe when installing parts to your site. You see, different apps interpret hyphens differently. If you copy a hyphen from a web site, it may just be a unicode representation of a hyphen and not a "real" hyphen. For more detail, see:

http://weblogs.asp.net/soever/archive/2007/12/22/sharepoint-stsadm-exe-and-the-infamous-quot-command-line-error-quot.aspx
and
http://www.celestialsoftware.net/support/forums?ubb=get_topic%3bf=1%3bt=000048

A simple solution is just to make sure you type all your stsadm.exe command parameters in manually and not copy and paste them into your DOS prompt.