IIS credentials when accessing a network service

I am calling a web service from an ASP.NET application.
The web application doesn't send any authorization information to
server it attaches.

<identity impersonate="true" /> in app's Web.config doesn't help.


Questions are:

1. How I can pass my credentials through web application? If I access
the web application, it should make requests using my account.

2. What account it is sending requests from by default and how to
change the default?
ks2 [ Fr, 30 September 2005 20:41 ] [ ID #991787 ]

RE: IIS credentials when accessing a network service

Take a look at NetworkCredential class and CredentialCache class in
System.Net namespace. You would need to create a NetworkCredential object
using the Windows login info and pass it on to the Webservice. The following
URL gives a good explanation --
http://www.dotnetjunkies.com/How%20To/6B31D299-347C-4B85-82C 5-954546165C80.dcik

Ayyappan Nair

"ks2 [at] anytamil.com" wrote:

> I am calling a web service from an ASP.NET application.
> The web application doesn't send any authorization information to
> server it attaches.
>
> <identity impersonate="true" /> in app's Web.config doesn't help.
>
>
> Questions are:
>
> 1. How I can pass my credentials through web application? If I access
> the web application, it should make requests using my account.
>
> 2. What account it is sending requests from by default and how to
> change the default?
>
>
AyyappanNair [ Fr, 30 September 2005 22:46 ] [ ID #991789 ]

Re: IIS credentials when accessing a network service

Thanks. Does that mean we have to hardcode the password or display a
dialog to accept the credentials? Can we not pass on the default
credential from the client to the ASP.NET application and have ISS
impersonate the user and pass it on the web servive?
We tried to set <identity impersonate="true" /> in app's Web.config
file, but it did not work.

Ayyappan Nair wrote:
> Take a look at NetworkCredential class and CredentialCache class in
> System.Net namespace. You would need to create a NetworkCredential object
> using the Windows login info and pass it on to the Webservice. The following
> URL gives a good explanation --
> http://www.dotnetjunkies.com/How%20To/6B31D299-347C-4B85-82C 5-954546165C80.dcik
>
> Ayyappan Nair
>
> "ks2 [at] anytamil.com" wrote:
>
> > I am calling a web service from an ASP.NET application.
> > The web application doesn't send any authorization information to
> > server it attaches.
> >
> > <identity impersonate="true" /> in app's Web.config doesn't help.
> >
> >
> > Questions are:
> >
> > 1. How I can pass my credentials through web application? If I access
> > the web application, it should make requests using my account.
> >
> > 2. What account it is sending requests from by default and how to
> > change the default?
> >
> >
ks2 [ So, 02 Oktober 2005 07:27 ] [ ID #993740 ]

Re: IIS credentials when accessing a network service

What you are asking to do is "delegation". You want to automatically
delegate user credentials from the web client to the WebService to access
some other network resource on that user's behalf.

Ability to delegate depends on the authentication protocol. Integrated
Authentication does not support this. Kerberos supports it securely. Basic
authentication supports it insecurely. You cannot simply "pass on the
default credential from the client" unless you do it insecurely.

<identity impersonate="true" /> has nothing to do with delegation but is
required since otherwise, the Web Service will run as process identity which
obviously is not the remote authenticated identity.

So, really, IIS has little to do with this situation. Here is URL on how to
set it up to access a remote network UNC share, which is the exact same
problem as your Web Service and the solution/understanding are similar.
http://www.microsoft.com/technet/prodtechnol/windowsserver20 03/technologies/webapp/iis/remstorg.mspx

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
<ks2 [at] anytamil.com> wrote in message
news:1128230873.317207.33460 [at] g49g2000cwa.googlegroups.com...
Thanks. Does that mean we have to hardcode the password or display a
dialog to accept the credentials? Can we not pass on the default
credential from the client to the ASP.NET application and have ISS
impersonate the user and pass it on the web servive?
We tried to set <identity impersonate="true" /> in app's Web.config
file, but it did not work.

Ayyappan Nair wrote:
> Take a look at NetworkCredential class and CredentialCache class in
> System.Net namespace. You would need to create a NetworkCredential object
> using the Windows login info and pass it on to the Webservice. The
following
> URL gives a good explanation --
>
http://www.dotnetjunkies.com/How%20To/6B31D299-347C-4B85-82C 5-954546165C80.dcik
>
> Ayyappan Nair
>
> "ks2 [at] anytamil.com" wrote:
>
> > I am calling a web service from an ASP.NET application.
> > The web application doesn't send any authorization information to
> > server it attaches.
> >
> > <identity impersonate="true" /> in app's Web.config doesn't help.
> >
> >
> > Questions are:
> >
> > 1. How I can pass my credentials through web application? If I access
> > the web application, it should make requests using my account.
> >
> > 2. What account it is sending requests from by default and how to
> > change the default?
> >
> >
someone [ So, 02 Oktober 2005 13:22 ] [ ID #993742 ]
Webserver » microsoft.public.inetserver.iis.security » IIS credentials when accessing a network service

Vorheriges Thema: Microsoft CA and CMC
Nächstes Thema: Getting access 403 access error from one computer but not from ano

[ Startseite ] [ Administrator ] [ Suche ] [ Hinweise ] [ Impressum ]

Powered by FudForum