A
Aaron Meyers
I have a call within one web service that calls another
web service using an authenticated connection. For some
reason, the second web service call doesn't always get
the user authentication info in HttpContext (i.e.,
HttpContext.Request.IsAuthenticated is false and
HttpContext.User.Identity.Name is blank), although it
appears to have authenticated at least somewhat, because
the Windows execution context (WindowsIdentity.GetCurrent
()) is the authenticated user (rather than service user,
i.e. NT AUTHORITY\NETWORK SERVICE).
I am running Windows Server 2003 (IIS 6); both web
services are authenticated with Windows authentication
and have impersonation turned on (authentication
mode=Windows, identity impersonate=true).
UnsafeAuthenticatedConnectionSharing is used for
performance reasons (setting the ConnectionGroupName as
recommended to make it secure).
web service using an authenticated connection. For some
reason, the second web service call doesn't always get
the user authentication info in HttpContext (i.e.,
HttpContext.Request.IsAuthenticated is false and
HttpContext.User.Identity.Name is blank), although it
appears to have authenticated at least somewhat, because
the Windows execution context (WindowsIdentity.GetCurrent
()) is the authenticated user (rather than service user,
i.e. NT AUTHORITY\NETWORK SERVICE).
I am running Windows Server 2003 (IIS 6); both web
services are authenticated with Windows authentication
and have impersonation turned on (authentication
mode=Windows, identity impersonate=true).
UnsafeAuthenticatedConnectionSharing is used for
performance reasons (setting the ConnectionGroupName as
recommended to make it secure).