Authentication

S

Steve Allen

I have a web service that makes IO calls (file read, write, etc.) to files
on a network server.

Authentication works successfully when the web service is called from the
browser (IE) on the same server that hosts the web service. (ie both IE and
web service are on the same box)

When I call the same web service from a browser on another computer, I get
"access denied" errors when making IO calls.

Settings for IIS:
Anonymous access - unchecked
Integrated Windows authentication - checked

Settings for web.config
<authentication mode="Windows" />
<identity impersonate = "true"/>

I added a webmethod which returns the current user name. Both scenerios
returns my NTLogin name, so it appears my credentials are being passed
through.

Any ideas?

Thanks much!
Steve
 
M

Mike Moore [MSFT]

Hi Steve,

I have reviewed your issue. Due to the nature of your issue I need to do
additional research to determine the best way to provide assistance. I will
contact you as soon as possible.

Thank you, Mike
Microsoft, ASP.NET Support Professional

Microsoft highly recommends to all of our customers that they visit the
http://www.microsoft.com/protect site and perform the three straightforward
steps listed to improve your computer’s security.

This posting is provided "AS IS", with no warranties, and confers no rights.


--------------------
 
D

David Qiu

Hi Steve,
When I call the same web service from a browser on another computer, I get
"access denied" errors when making IO calls. It is expected unless you are
using delegation.

For a good discussion on why we recommend "trusted subsystem" vs.
"impersonation/delgation":
Building Secure ASP.NET Applications: Authentication, Authorization, and
Secure Communication, Chapter 12: Data Access Security
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/SecNetch12.asp

For info on how to set up delegation:
283201 HOWTO: Use Delegation in Windows 2000 with COM+
http://support.microsoft.com/?id=283201

810572 HOW TO: Configure an ASP.NET Application for a Delegation Scenario
http://support.microsoft.com/?id=810572

This posting is provided "AS IS", with no warranties, and confers no rights.

Thanks,
David
Microsoft Developer Support
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Proxy authentication problem WPF browser app calling WCF service 0
WCF authentication problems 0
HTTP Status 407: Proxy Authentication Required 2
Weird Windows integrated authentication problem between Web serviceand SQL Server 0
WCF and Integrated Windows Authentication 7
Windows Authentication problems 0
401: Unauthorized. Problem calling web service from forms authenti 1
create a file in web service 0

Members online

Total: 56 (members: 3, guests: 53)
Robots: 479

Forum statistics

Threads
473,994
Messages
2,570,223
Members
46,813
Latest member
lawrwtwinkle111

Latest Threads

Top