RE: Anonymous & Authenticated Access (Together?)

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Gary K (GaryK_at_discussions.microsoft.com)
Date: 10/27/04 

Date: Tue, 26 Oct 2004 17:19:01 -0700

Never mind. I found it! Silly me did not think to look at the generated code
from the web reference tools and then backtrack the classes looking at all
members until I found the Credentials property.

"Gary K" wrote:

> I'm trying to create a web service that contains functions available to both
> Anonymous & Authenticated access. Now I am having problems with security
> access. The plan was to allow anonymous access to the web service, and
> control user credentials through code impersonation. (It's the webservice
> functions job to filter security roles, etc)
> Unfortunately I am suffering from the VS2002 bug, where you HAVE to set the
> internet explorer security zone, Logon setting to 'Automatic with username &
> password' before you can debug. (Otherwise even admins get debug permission
> errors)
> I also cannot get the debugger to debug across webservice calls
> (app<->service), which means that I have to debug the webservice with
> anonymous access turned off, and allow the administrator role to slip through
> function security checks, and when debugging the application I have to turn
> anonymous access back on and try using impersonation.
> The real problem I'm having (i got to the point eventually), is that my
> application appears to be 'logging' into the service anonymously, regardless.
> Is it possible to somehow send the user details to the service and have it
> use those, or will I have to create two seperate yet intertwined projects
> (one secure, one not)?
> My goal is to have ONE service (cut's down on management & server overhead)
> with a controller application able to run on any computer/location, that uses
> a user inputed username/password for logon to the service. And to make things
> even more complicated, the user logon will need to be done through the
> server's ActiveDirectory services.

Relevant Pages

  • Re: User ASPNET in SQL Server 2000
    ... and turn off anonymous access. ... a logon box will pop up if the user cannot ... >While I love integrated security in SQL Server, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: WCF and Integrated Windows Authentication
    ... anonymous access in IIS. ... should be used as the security identity when your ASP.NET web app calling ... you can try explicitly specify a client credentials (when calling the WCF ... You can send feedback directly to my manager at: ...
    (microsoft.public.dotnet.framework.aspnet.webservices)
  • Re: User get access denied error when prompted to change password adte Reset
    ... restrictions for anonymous access" was changed to "no ... access without explicit anonymous permission". ... >Domain Controller Security Policy, you may find useful ...
    (microsoft.public.win2000.security)
  • Re: 401.1 Error w/ Anonymous Access
    ... > - I've set up a local account on the machine (Win2000 Professional, ... > - In the local machine's Local Security Policy I've allowed SiteUser to ... I am under the impression that if Anonymous Access is ... IIS will treat the request as if it is coming from the user ...
    (microsoft.public.inetserver.iis.security)
  • Re: SPS vs. WSS and webpublishing
    ... or outside the firewall with anonymous access, ... site level can be on the inside of the firewall? ... >and another level of security at a sub-site level. ...
    (microsoft.public.sharepoint.windowsservices)