 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / August 2003Why are the System.Net.CredentialCache.DefaultCredentials always empty in and ASP application?
We have an anonymous web application trying to talk to a windows authenticated webservice. This is currently failing with 401 Access Denied errors. We have found that we can get this to work by writing the following code in the web application before calling the webservice: WebServiceInstance.Credentials = new NetworkCredential("username", "password","domain"); We don't want to have to do this because it means having to retrieve the username and password again. When searching for an answer, the following line constantly appears as the correct solution: WebServiceInstance.Credentials = CredentialCache.DefaultCredentials; Unfortunatley the DefaultCredentials are empty. Why is this? We were originally thinking (informed by a Microsoft Document) that because both IIS machines have the same ASPNET account and password the Windows authentication on the webservice side would be satisfied, but this doesn't seem to be the case. Please help we've been trying to get this working for almost 3 days now... Thanks, Craig you need to make sure that the credentials you?re passing to the end service are valid for that machine. Unless your web service client is impersonating a valid user for that end service, CredentialCache.DefaultCredentials won?t be valid.For example, you can impersonate it as domain user which also have permission on the end server. For more information on impersonante, you can refer to: INFO: Implementing Impersonation in an ASP.NET Application http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q306158 Luke "Microsoft Security Announcement: Have you installed the patch for Microsoft Security Bulletin MS03-026?? If not Microsoft strongly advises you to review the information at the following link regarding Microsoft Security Bulletin MS03-026 http://www.microsoft.com/security/security_bulletins/ms03-026.asp and/or to visit Windows Update at http://windowsupdate.microsoft.com to install the patch. Running the SCAN program from the Windows Update site will help to insure you are current with all security patches, not just MS03-026." Turns out there was a restart required after setting the ASPNET passwords. My fault, all is well. Simply by setting the webservice.Credentials to the DefaultCredentials allows the public webapp to call the windows auth webservice. Thanks for you help. Craig > you need to make sure that the credentials you?re passing to the end > service are valid for that machine. Unless your web service client is [quoted text clipped - 17 lines] > Update site will help to insure you are current with all security > patches, not just MS03-026." Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.