had to elevate ASPNET account user rights assignment

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: "chriss" <chriss@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 23 May 2005 17:51:14 -0700

Hi,

I have a client running in our office and asp.net web service
configured at out data center.

I finally got the wse 2.0 enabled asp.net web service (hello world)
to accept my wse 2.0 enabled client applications method call.

To get it to work, i had to assign the ASPNET account on the
IIS server the "Act as part of the operating system" user right
using the Local Policies snap-in.

The client is using a UserNameToken constructed with
a domain name (domain\username) and password (in cleartext).

Here are the relevant statements:

UsernameToken myUsernameToken = null;
myUsernameToken = new UsernameToken(
myName,
myPwd,
PasswordOption.SendPlainText);
myContext.Security.Tokens.Add(myUsernameToken);
myContext.Security.Elements.Add(
new MessageSignature(myUsernameToken));

1) Can anyone explain why i had to elevate the user rights
for the ASPNET account ? None of the samples i found
tell you to do this !

2) What are the security risks associated with leaving
this user right assigned to the ASPNET account?

3) Is there another way to get wse 2.0 to automatically
authenticate my username and password as cleartext?

Thanks so much in advance!

.

Prev by Date: renewal of Certificates
Next by Date: eX509 in VB.NET
Previous by thread: renewal of Certificates
Next by thread: eX509 in VB.NET
Index(es):
- Date
- Thread

Relevant Pages

Re: How to call Web Service Securely
... Maybe I am complicating WSE too much - can you point me to a simple ... you could provide a logon screen in the client app and create a NetworkCredential ... tokens - but that is tied to .NET 2.0 ... make a web method via dialup to my IIS Web Service. ...
(microsoft.public.dotnet.framework.aspnet.security)
WSE3 web farm problem: "Key not valid for use in specified state"
... I have a web service in ASP.NET 2.0 and WSE 3.0. ... server1, and the actual request went to server2, like the following ... Client output: RST ...
(microsoft.public.dotnet.framework.webservices.enhancements)
Re: Web Services, Security, X.509
... We have a smart client application which consumes an internet-facing ... (At this time the web service and the client use ... WSE 3.0 and it is working ... Finally, if a X.509 certificate is required, which certificate is the ...
(microsoft.public.dotnet.framework.webservices.enhancements)
RE: WSE 3.0 UsernameOverTransport Problem
... I am fairly new to WSE, in general, however I have read several ... working on integrating WSE 3.0 into an web service. ... I have verified that the client is in fact sending the Username token ... the the server side does in fact see a security header, ...
(microsoft.public.dotnet.framework.webservices.enhancements)
Re: Implementing WSE
... If they match return the client supplied pwd as the return. ... Else return a predefined pwd that does not match the client supplied pwd. ... Another step you need to do is to configure the username token manager in the web.config. ... Regular web services work great and I could use them all day long but using them with WSE I get stuck. ...
(microsoft.public.dotnet.framework.webservices.enhancements)