Re: WCF and Integrated Windows Authentication
- From: "Larry" <adcoder@xxxxxxxxxxxxxxxx>
- Date: Fri, 24 Apr 2009 10:43:48 -0600
Steven,
Thanks for the reply. Unfortunately, what you mentioned in your last
response is how I am already doing things. You can see my config from my
original posting. The web application and the web services all run under an
application pool with a domain administrator. I also have to disable
anonymous access in IIS. If I enable anonymous access, what I've done and
what you mention works. But, it is a requirement to not allow anonymous
access. Can I get this to work with windows authentication and message
level security?
Larry
The problems is that as I stated in my original question, I can't allow
anonymous access in IIS. What I
""Steven Cheng"" <stcheng@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:43mq5WJxJHA.5104@xxxxxxxxxxxxxxxxxxxxxxxxx
Thanks for your reply Larry,
So let's just assume the server topology to be remote based (asp.net web
app and webservice hosted on separate machine).
For IIS6, the worker process account should be the application pool
account(configured for your application virtual directory), since you 're
using a domain account(with out impersonate), then this domain account
should be used as the security identity when your ASP.NET web app calling
the remote WCF service(which use wshttpBinding and default message layer
security).
Also, if you found that the above behavior is what happened in your case,
you can try explicitly specify a client credentials (when calling the WCF
service in ASP.NET page) to see whether it works. e.g.
===============
static void CallService()
{
ServiceReference1.WSHttpServiceClient client = new
IISHostClientApp.ServiceReference1.WSHttpServiceClient();
//use the current security identity
client.ClientCredentials.Windows.ClientCredential =
System.Net.CredentialCache.DefaultNetworkCredentials;
//explicitly specify a credential
//client.ClientCredentials.Windows.ClientCredential = new
System.Net.NetworkCredential("username", "password", "domain");
string ret = client.SayHello("steven");
Console.WriteLine(ret);
client.Close();
}
===============
You can also test the behavior via a console client(running on that
ASP.NET
web application host server) to watch the difference. If there is any
findings or anything unclear on this, please feel free to post here.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx
--------------------
From: "Larry" <adcoder@xxxxxxxxxxxxxxxx><UP9vErzwJHA.6056@xxxxxxxxxxxxxxxxxxxxxx>
References: <#BXvwdxwJHA.6068@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: WCF and Integrated Windows Authentication
Date: Wed, 22 Apr 2009 10:06:35 -0600
Thanks for the reply Steven.usually
With the product installation, the web app and the WCF services will
be on separate machines, though it can be on single machines (especiallyfor
demos). The IIS version currently is 6.0, though I'm trying to get it toother,
work on 7.0 as well (I've got IIS 6 management compatibility installed).
The current security account is a domain user in the administrators group.
Impersonate is not enabled (I also have web services talking to each
so if this needs to be done, I need to do it between services as well).
Larry
""
.
- References:
- WCF and Integrated Windows Authentication
- From: Larry
- RE: WCF and Integrated Windows Authentication
- From: "Steven Cheng"
- Re: WCF and Integrated Windows Authentication
- From: Larry
- Re: WCF and Integrated Windows Authentication
- From: "Steven Cheng"
- WCF and Integrated Windows Authentication
- Prev by Date: Re: WCF and Integrated Windows Authentication
- Next by Date: Re: How to Save to Client Machine
- Previous by thread: Re: WCF and Integrated Windows Authentication
- Next by thread: How to Save to Client Machine
- Index(es):
Relevant Pages
|
