D
deja
hi,
I'm not getting the results I expected when setting up authorization in
my web service. I have a web application that runs under an application
pool identity (with Windows authentication). This application then
calls a web service which is also setup to run under the same
application pool identity (a valid domain account) with Windows
authentication (anonymous user turned off in IIS).
I am getting status 401 unauthorized. At the moment my authorization
section has allow users=* in both the application and the web service.
I was assuming that the application would call the web service under
the Application pool identity and be authorized (as it is a windows
domain account).
If I could get this bit to work I would then change my web service
authorization section to only "allow users=serviceaccount" which will
ensure that only specific web applications will consume it rather than
users being able to get to the data directly.
When I switch the web service to allow anonymous user it works fine but
obviously this doesn't do what I want. Is it because of the way that
the account has been setup by the domain administrators? Could this be
why?
TIA
Phil
I'm not getting the results I expected when setting up authorization in
my web service. I have a web application that runs under an application
pool identity (with Windows authentication). This application then
calls a web service which is also setup to run under the same
application pool identity (a valid domain account) with Windows
authentication (anonymous user turned off in IIS).
I am getting status 401 unauthorized. At the moment my authorization
section has allow users=* in both the application and the web service.
I was assuming that the application would call the web service under
the Application pool identity and be authorized (as it is a windows
domain account).
If I could get this bit to work I would then change my web service
authorization section to only "allow users=serviceaccount" which will
ensure that only specific web applications will consume it rather than
users being able to get to the data directly.
When I switch the web service to allow anonymous user it works fine but
obviously this doesn't do what I want. Is it because of the way that
the account has been setup by the domain administrators? Could this be
why?
TIA
Phil