Re: Web service with expiring passwords
- From: JeffJ <JeffJ@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 11 Mar 2009 07:17:02 -0700
That would also be something that it should do.
But it will need to deal with expired too. Harder to test soon expiring as
need to have account that falls into that. Expiring in a few days isn't
something you can set on account. Need a full test domain to adjust max
password age.
"Patrice" wrote:
What if you set an expiration delay rather than immediately asking for a new.
password ?
Search around http://support.microsoft.com/kb/297121/en-us. It seems owa
does this but it is unclear if it works once the password expired. The idea
would be then to have an expiration delay and to check this expiration so
that you can ask the user to change his password *before* expiration...
A generic message could include a link to the change password page (have you
checked if you are allowed to change your password after it has expired ?)
--
Patrice
"JeffJ" <JeffJ@xxxxxxxxxxxxxxxxxxxxxxxxx> a crit dans le message de groupe
de discussion : AC5E8874-C15E-438B-9BB7-E76F37C83C9E@xxxxxxxxxxxxxxxx
At least on IIS on XP the web service just returns error 401: Access
Denied.
I was looking for help to actually notify user password was expired and
then
ability to change it. The users will ONLY ever interact via the web
service
so no other way for them to ever know there password is or going to
expire.
Sounds like someone else here has had different responce with 2003 server.
May have actually did a redirect at least. I haven't tried it.
Jeff
"Patrice" wrote:
A bit unclear. Do you mean it still doesn't work if the user change the
password ? Have you tried to change the password as required to see if
the
service then works ?
Or would you like that the user has to change its password but that the
web
service can work with the user account "old" password (IMHO you can't).
--
Patrice
"JeffJ" <JeffJ@xxxxxxxxxxxxxxxxxxxxxxxxx> a crit dans le message de
groupe
de discussion : 0980A09F-ABC0-4AFB-8697-7D0E50104D61@xxxxxxxxxxxxxxxx
I have simple "Hello World" web service created by web service wizard.
I have put it onto IIS server. Remove Anonymous access.
Call it via a windows .net app:
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Load
Dim x As New WindowsApplication1.hellow.Service1
Dim cache = New System.Net.CredentialCache
cache.Add(New Uri(x.Url), "Negotiate", _
New System.Net.NetworkCredential("user", "pword", "domain"))
x.Credentials = cache
TextBox1.Text = x.HelloWorld
End Sub
Works great until I set password must be reset on next logon. Then get
401:
Access Denied.
I have PasswordChangeFlags set 1.
I have IISadmpwd up and working in IIS.
So my question is. Is there a way to get web services to work with
PasswordChangedFlags and IISADMPWD?
We need to be able to force periodic password changes for use of our
webservice.
Thanks,
Jeff
- Follow-Ups:
- Re: Web service with expiring passwords
- From: Patrice
- Re: Web service with expiring passwords
- References:
- Web service with expiring passwords
- From: JeffJ
- Re: Web service with expiring passwords
- From: Patrice
- Re: Web service with expiring passwords
- From: JeffJ
- Re: Web service with expiring passwords
- From: Patrice
- Web service with expiring passwords
- Prev by Date: Re: Web service with expiring passwords
- Next by Date: Re: Web service with expiring passwords
- Previous by thread: Re: Web service with expiring passwords
- Next by thread: Re: Web service with expiring passwords
- Index(es):
Relevant Pages
|
