Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / October 2003

Tip: Looking for answers? Try searching our database.

Authentication

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Steve Allen - 02 Oct 2003 14:52 GMT
I have a web service that makes IO calls (file read, write, etc.) to files
on a network server.

Authentication works successfully when the web service is called from the
browser (IE) on the same server that hosts the web service. (ie both IE and
web service are on the same box)

When I call the same web service from a browser on another computer, I get
"access denied" errors when making IO calls.

Settings for IIS:
Anonymous access - unchecked
Integrated Windows authentication - checked

Settings for web.config
<authentication mode="Windows" />
<identity impersonate = "true"/>

I added a webmethod which returns the current user name. Both scenerios
returns my NTLogin name, so it appears my credentials are being passed
through.

Any ideas?

Thanks much!
Steve
Reply to this Message
"Mike Moore [MSFT]" - 03 Oct 2003 21:33 GMT
Hi Steve,

I have reviewed your issue. Due to the nature of your issue I need to do
additional research to determine the best way to provide assistance. I will
contact you as soon as possible.

Thank you, Mike
Microsoft, ASP.NET Support Professional

Microsoft  highly recommends to all of our customers that they visit the
http://www.microsoft.com/protect site and perform the three straightforward
steps listed to improve your computer?s security.

This posting is provided "AS IS", with no warranties, and confers no rights.

--------------------
> From: "Steve Allen" <Steve.Allen@wwireless.com>
> Subject: Authentication
[quoted text clipped - 9 lines]
> Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
> Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.webservices:19687
> X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.webservices
>
[quoted text clipped - 24 lines]
> Thanks much!
> Steve
Reply to this Message
David Qiu - 03 Oct 2003 23:20 GMT
Hi Steve,
When I call the same web service from a browser on another computer, I get
"access denied" errors when making IO calls. It is expected unless you are
using delegation.

For a good discussion on why we recommend "trusted subsystem" vs.
"impersonation/delgation":
Building Secure ASP.NET Applications: Authentication, Authorization, and
Secure Communication, Chapter 12:  Data Access Security
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/SecNetch12.asp

For info on how to set up delegation:
283201 HOWTO: Use Delegation in Windows 2000 with COM+
http://support.microsoft.com/?id=283201

810572 HOW TO: Configure an ASP.NET Application for a Delegation Scenario
http://support.microsoft.com/?id=810572

This posting is provided "AS IS", with no warranties, and confers no rights.

Thanks,
David
Microsoft Developer Support
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.