Re: client impersonation

Hi Matthias

Thanks for your answers.

why not present all available lines to the user?
On one customer site there are a few thousand lines. The very stupid users
probably don't know what to select there. Those lines look a bit like IP
addresses (only numbers), so even advanced users would have difficulties to
select "their" phone line. And moreover: if a user selects a wrong line,
then later it would simply not work, because of an access denied error. Our
TSP starts dialing through a webservice call. So for dialing it needs to
impersonate the client user to have the appropriate rights on the webservice
(anonymous isn't allowed there, only to enumerate the lines).

I guess your scenario should also work for
multiple users which are logged in simultaneously?
Yes, it should, if possible. Although I expect this not to be an often
requested feature.
Your demur about the line owner is important for the future. But currently
we don't support hang up, so currently the TSP returns that the call has
ended although it's still going on. If multiple users would use the same
line you're right; this wouldn't work anymore. And because we want to
support hang up in future, this is no good idea. You're right.

dial prefix...
This is another good idea. But unfortunately it doesn't work either, for two
reasons:
1. This would mean that we had to configure this somehow. And a client
rollout would be much more complicated. We don't want to configure this for
every single user. This must be done somehow automatically. Ok, only a
difficulty, not a real problem.
2. Because the actual dialing is done on a server somewhere else, locally
there are other modem settings (which cannot be changed just for our TSP).
The users sometimes need these settings for their local modems, etc.

So these main problems remain:
- To start a call, the TSP must make an authentication on the webservice.
This can only be done when impersonating the TAPI client application user.
Ok, we could change the webservice authentication mode to anonymous and do
some other kind of authentication.
- Somehow we need to filter the lines list based on the actual TAPI client
application user to not confuse him with too many lines where he has no
access.
- When starting a call, the user may use only certain lines where he has the
rights to do so.

Any ideas to solve these problems, especially the last one?

Regards,
Eric


.

Relevant Pages

  • Re: HTTP Statuscode 401 (unauthorized) when accessing secured webservice
    ... The 3rd party webservice is hosted on linux. ... Using the CredentialCache to specify basic authentication didn't help. ... you can use CredentialCache class to construct client credentials and specify authenticaiton type. ... We welcome your comments and suggestions about how we can improve the support we provide to you. ...
    (microsoft.public.dotnet.framework.webservices)
  • RE: HTTP Statuscode 401 (unauthorized) when accessing secured webservice
    ... \par From your description, you're encountering some problem when accessing an external/3rdparty webservice in your .net application, the error is specific to security authentication, correct? ... \par ** that's the external webservice's authenticatino mode(integrated windows or basic authentication) or whether it is hosted on IIS server ot not? ... \par From: Anton ...
    (microsoft.public.dotnet.framework.webservices)
  • RE: User Security?
    ... The authentication is "Integrated Windows Authentication". ... Currently I am trying to access the web service thru IE6. ... you're developing an ASP.NET webservice which hosted ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.webservices)
  • RE: Simple authentication and authorization between applications?
    ... will be called by 3--5 clients in the same local intranet. ... webservice will connect SQL Server to execute query(require ... you can consider either of the following authentication ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.webservices)
  • Re: How do make the best colorpicker option ... hopefully with AJAX
    ... Since I dont have the SesssionID or anything at the webservice? ... and it works, but since I dont have access to the Session object in the webservice, I can't do any authentication. ... so I may have a string like this ...
    (microsoft.public.dotnet.framework.aspnet)
Loading