HttpContext user/authentication info disappears randomly

A

Aaron Meyers

I have a call within one web service that calls another
web service using an authenticated connection. For some
reason, the second web service call doesn't always get
the user authentication info in HttpContext (i.e.,
HttpContext.Request.IsAuthenticated is false and
HttpContext.User.Identity.Name is blank), although it
appears to have authenticated at least somewhat, because
the Windows execution context (WindowsIdentity.GetCurrent
()) is the authenticated user (rather than service user,
i.e. NT AUTHORITY\NETWORK SERVICE).

I am running Windows Server 2003 (IIS 6); both web
services are authenticated with Windows authentication
and have impersonation turned on (authentication
mode=Windows, identity impersonate=true).
UnsafeAuthenticatedConnectionSharing is used for
performance reasons (setting the ConnectionGroupName as
recommended to make it secure).

Both web services are on the same machine.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,994
Messages
2,570,223
Members
46,813
Latest member
lawrwtwinkle111

Latest Threads

Top