P
paul.rogan
Hi,
Having read lots of queries regarding problems with web service
security to no avail I will attempt to explain my problem and hope that
someone can help.
Part of the solution I am working on is an ASP.NET web site developed
in C#. This site uses "integrated authentication"
Extract from web.config file of the web site
<authentication mode="Windows" />
<authorization>
<allow roles="mydom\gp1"/>
<allow roles="mydom\gp2"/>
<allow roles="mydom\gp3"/>
<deny users="*"/>
</authorization>
I am not using impersonation, ie. you will NOT find the line <identity
impersonate="true"> in my web.config file and I dont want to add it.
In code for the web application I can get the current user as an
IPrincipal
I then have a web service and have the site set up the same i.e. no
anonymous access only integrated authentication and the authentication
mode and authorisation roles are the same.
Therefore to add the line:
myService.Credentials = System.Net.CredentialCache.DefaultCredentials;
will NOT work as the user credentials for this will be
machinename\ASPNET, I need the already authenticated user details.
I do not want and do not see why I have to then manually set the
credentials manually
e,g
myService.Credentials = new NetworkCredentials("user","pwd","domain");
Im sure there is something simple I must be missing, please enlighten
me!! My first thought would be that I should be able to use the
IPrincipal to constuct some kind of ICredentials interface thingy.
Thanks for your time.
Having read lots of queries regarding problems with web service
security to no avail I will attempt to explain my problem and hope that
someone can help.
Part of the solution I am working on is an ASP.NET web site developed
in C#. This site uses "integrated authentication"
Extract from web.config file of the web site
<authentication mode="Windows" />
<authorization>
<allow roles="mydom\gp1"/>
<allow roles="mydom\gp2"/>
<allow roles="mydom\gp3"/>
<deny users="*"/>
</authorization>
I am not using impersonation, ie. you will NOT find the line <identity
impersonate="true"> in my web.config file and I dont want to add it.
In code for the web application I can get the current user as an
IPrincipal
I then have a web service and have the site set up the same i.e. no
anonymous access only integrated authentication and the authentication
mode and authorisation roles are the same.
Therefore to add the line:
myService.Credentials = System.Net.CredentialCache.DefaultCredentials;
will NOT work as the user credentials for this will be
machinename\ASPNET, I need the already authenticated user details.
I do not want and do not see why I have to then manually set the
credentials manually
e,g
myService.Credentials = new NetworkCredentials("user","pwd","domain");
Im sure there is something simple I must be missing, please enlighten
me!! My first thought would be that I should be able to use the
IPrincipal to constuct some kind of ICredentials interface thingy.
Thanks for your time.