GetUserInfo Unauthorized error with current Windows user's token

MIP
,
1

Hi!

We are using Milestone Protocol integration to validate user token received from Plug-in integration.

In most cases it works fine, but on a specific customer’s environment, when user authorizes as current Windows user, he’s getting Unauthorized (401) error.

Are there any cases when soap protocol integration can’t validate current Windows user’s token? Or there are any ways to debug it?

Plug-in integration code (getting of token):

Platform.Login.LoginSettings ls = Platform.Login.LoginSettingsCache.GetLoginSettings(Platform.EnvironmentManager.Instance.MasterSite);
 
return ls.Token;

Protocol integration code (validation of token):

[System.Web.Services.WebServiceBindingAttribute(Name = "ServerCommandServiceSoap", Namespace = "http://videoos.net/2/XProtectCSServerCommand")]
public partial class ServerCommandService : System.Web.Services.Protocols.SoapHttpClientProtocol
{
    public ServerCommandService(string url) : base()
    {
          this.Url = url;
	  this.Credentials = CredentialCache.DefaultNetworkCredentials;
    }
 
[System.Web.Services.Protocols.SoapDocumentMethodAttribute(Action = "http://videoos.net/2/XProtectCSServerCommand/GetUserInfo", RequestNamespace = "http://videoos.net/2/XProtectCSServerCommand", ResponseNamespace = "http://videoos.net/2/XProtectCSServerCommand", Use = System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle = System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
     public UserInfo GetUserInfo(System.Guid instanceId, string token)
     {
         object[] results = this.Invoke("GetUserInfo", new object[] {instanceId, token});
         return ((UserInfo)(results[0]));
     }
}

Thanks in advance.

2

It is not a scenario I have ever come across taking a token from one process in a plugin and using it in another process, so I cannot say there is any experience with this. I might be in the dark but..

You are initializing the SOAP service with the current Windows user. Is that as user known to XProtect (in the users configured in the Management Client)? Does it make a difference if that user is known? (Test adding the user to a Role.)