Re: Windows authentication for web service client??



"solex" <solex@xxxxxxxxxxxxx> wrote in message
news:%23sSDjOSQFHA.244@xxxxxxxxxxxxxxxxxxxxxxx
> I'm having a similar problem
>
> I have a web service that make a webDav request to Exchange.
>
> I have impersonation on but when I use the defaultCredentials in the web
> services to make the webdav reqeust I get an Unauthorized 401 error. My
> credentials have rights to make this request and I'm at my wits end trying
> to figure it out.
>
> The service works if I hard code my Network credentials in the service but
> does not otherwise.

Hardcoded into your code? create a credential instead of using the
defaultcredentials?

I thought one can only create credential for "basic" or "digest"
authentication mode.

I try implicit impersonation, it won't work, even if you are impersonating,
the web service has to
put the credential on the soap message in order for it to be authenticated,
because that's
all the hosting service see when interacting with each other. don't want to
do explicit impersonation.


in .net 2.0, there will be a better support or even WSE 2.0, but this is not
my options here.
since if we were to use WSE 2.0, there will be a long process of paper work
and testing and questioning.....





>
> Any help with this would also be appreciated.
>
> Thanks,
> Dan
>
>
> "Kevin Yu" <koo9@xxxxxxxxxxx> wrote in message
> news:eOariLKQFHA.1476@xxxxxxxxxxxxxxxxxxxxxxx
> > but the problem with impersonation in the code is after LogonUser()
win32
> > call, will the defaultcredentials be set to the new credentials then?
> >
> >
> >
> >
> >
> > "Kevin Yu" <koo9@xxxxxxxxxxx> wrote in message
> > news:OEbaAMIQFHA.2356@xxxxxxxxxxxxxxxxxxxxxxx
> >>I think impersonation will do , enable impersonation but don't specified
> >>the user, use code call the web service with a different
> >>username/password.
> >>
> >>
> >>
> >> "Brock Allen" <ballen@xxxxxxxxxxxxxxxxx> wrote in message
> >> news:453919632490103600068528@xxxxxxxxxxxxxxxxxxxxxxx
> >>> The ASPNET account is a local account, so the other machine or domain
> >>> wouldn't know about it. You can either run you web app under a
different
> >>> account, but that affects the rest of the code in there too. The other
> >>> approach is to have a dedicated account (instead of using the current
> >>> identity of ASPNET) that you can use to do the authentication and then
> >>> use those credentials from the client.
> >>>
> >>> -Brock
> >>> DevelopMentor
> >>> http://staff.develop.com/ballen
> >>>
> >>>
> >>>
> >>>> hi all
> >>>>
> >>>> got a question here, a web service secure mode is set to "windows",
on
> >>>> the client side
> >>>>
> >>>> when supplying the credentials, it's like this:
> >>>>
> >>>> somewebservice.Authentication ssoAuth = new
> >>>> somewebservice.Authentication();
> >>>>
> >>>> ssoAuth.PreAuthenticate = true;
> >>>>
> >>>> ssoAuth.Credentials = System.Net.CredentialCache.DefaultCredentials;
> >>>>
> >>>> from the info here
> >>>>
> >>>>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref
> >>>> /html/frlrfSystemNetCredentialCacheClassDefaultCredentialsTopic.asp
> >>>>
> >>>> the defaultcredential should supply the current security context that
> >>>> the client is running, but in my case the client is another web
> >>>> service running
> >>>>
> >>>> on another server, now by default the account that the client(the
> >>>> calling web service) is running under ASPNET account,
> >>>>
> >>>> so on the host(somewebservice), I should add the clientdomain\ASPNET
> >>>> account into the windows account?
> >>>>
> >>>
> >>>
> >>>
> >>
> >>
> >
> >
>
>


.

Relevant Pages

  • Re: ASPNET and Impersonation
    ... > not through any additional configuration using the ... > file (instead of being localized to the single Web Service ... > using Impersonation or changing the process identity, ...
    (microsoft.public.dotnet.security)
  • Re: ASPNET and Impersonation
    ... > not through any additional configuration using the ... > file (instead of being localized to the single Web Service ... > using Impersonation or changing the process identity, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Why Must Impersonation be Used?
    ... It must consume to a web service we are publishing on ... also running under Integrated Windows Authentication. ... I understand why you would have to set the credentials on the web ... impersonation to get this to work. ...
    (microsoft.public.dotnet.framework.webservices)
  • Re: Windows authentication for web service client??
    ... I have a web service that make a webDav request to Exchange. ... I have impersonation on but when I use the defaultCredentials in the web ... credentials have rights to make this request and I'm at my wits end trying ... >>> The ASPNET account is a local account, so the other machine or domain ...
    (microsoft.public.dotnet.framework.aspnet.webservices)
  • Can it work...? - ASP.NET Impersonation with Remoting
    ... I have an ASP.NET Web Page / Web Service that runs on IIS and uses ... Server expects a Principal token not a cheapo Impersonation token ... request it do the work (The Service will check the credentials and ...
    (microsoft.public.dotnet.framework.remoting)