Re: SoapClient authentication

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Pablo Cibraro" <pcibraro@xxxxxxxxxxx>
Date: Fri, 30 Sep 2005 10:43:30 -0300

Hi Lucas,
The answer is yes. First all, your service must derive from SoapService in
order to make it independent from the transport protocol as well.
Regarding to the authentication question, you can do that using an
UsernameToken as client token.
The default UsernameTokenManager shipped in WSE authenticates user against a
valid windows account (Using the API "LogonUser" ),
so in that case it works as Windows authentication.

Regards,
Pablo Cibraro
www.lagash.com

"LucasC" <msdn@xxxxxxxxxxx> wrote in message
news:51E4B6A9-1506-418F-A8AD-F3E3AD3E0737@xxxxxxxxxxxxxxxx
> Hi,
> I'm trying to use WSE through a Proxy class generated with WseWsdl2 in
> order
> to be independent from the transport protocol. My service is implemented
> through a ASP.Net Web Service (with WSE).
> I'm trying to authenticate users (like I used to do with Intergrated
> Security in IIS and Network Credentials in the client for the standard Web
> Services).
> Is there any way to do that? Ijust want to allow only Windows
> authenticated
> users to use my service but without loosing the flexibility of the
> trsnaport
> protocol independence.
>
> Thanks a lot
> --
> LucasC

.

Prev by Date: Re: WSE 3.0 Username and Password - authenticate against db on ser
Next by Date: Re: WSE 3 Method returning Dataset
Previous by thread: Re: WSE 3.0 Username and Password - authenticate against db on ser
Next by thread: Re: SoapClient authentication
Index(es):
- Date
- Thread

Relevant Pages

Re: Authentication in WSE
... WSE does not have builtin support for these best practices? ... You control the creation of the SCT on ... > the server side and can use LogonUser api or custom DB login if you wish. ... >> the usual best practices for secure authentication, ...
(microsoft.public.dotnet.framework.webservices.enhancements)
Re: kerberos authentication
... I am trying to secure a WS using WSE 3.0 and kerberos. ... I used the "WSE 3.0 settings" from VS2005 with my own WS. ... WS/IIS and AD on the Windows 2003 server ... Kerberos is a NETWORK authentication protocol, that is, it only works across networks, your client and server are running on the same server, that means Kerberos won't be used, more, there is probably no authentication handshake needed, the client may be already authenticated and have his token cached by the local LSA (provided he's Kerberos ...
(microsoft.public.dotnet.languages.csharp)
RE: UserName token Access denied smart client
... I think what is happening is that you are trying to get a WSE username ... token security to interop with basic authentication. ... Username Tokens are not authenticated ...
(microsoft.public.dotnet.framework.webservices.enhancements)
Re: WSE 2.0, smart client, Username authentication, no x.509
... I also prefer SCTs over UserTokens for authentication, ... > I dont know if WSE 2.0 SP 3 allows this I think it is only with the new ... > web services WSE 3.0 hosts them without a web server for you (read the WSE ...
(microsoft.public.dotnet.framework.webservices.enhancements)
Re: Trying to determine best strategy for web service security
... I would check out the Hands On Labs for WSE 2.0. ... > I have a group of web services which provide a facade for a COM+ ... The only clients of the web services will be ASP.NET ... > What I would like to have is an authentication web service that would ...
(microsoft.public.dotnet.framework.webservices.enhancements)