Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / July 2005

Tip: Looking for answers? Try searching our database.

soap.tcp kerberos policy example

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
BenW - 19 Jun 2005 13:29 GMT
Does anyone know of a Keberos policy example for soap.tcp?
Reply to this Message
Sidd [MSFT] - 23 Jun 2005 07:17 GMT
Hi Ben,

   Are you referring to a sample for KerberosToken, or KerberosToken2 for
tcp? If you are referring to KerberosToken2, then there is a good reason
why WSE did not ship with a sample. Well, in order to run a KerberosToken2
sample on soap.tcp, you would
   a) need to map the account that you are running the server executable to
the appropriate machine - this can be done using a tool called setspn.exe
   b) need to be running on a private domain

In order for you to run (a), you need to be domain administrator of your
domain. This is because WSE2 supports only one-shot kerberos. In WSE3, there
is support for user to user kerberos, which means that you don't have to go
through the hassle of running setspn.

   The actual sample for KerberosToken2 is exactly the same in tcp as it
looks like in ASMX, with the additional steps highlighted above. For
KerberosToken, the sample should
run by default out of the box with no needed changes. The only caveat is
that this behavior changes in Win2K3 SP1 where even this scenario stops
working.

   Please let me know if you have any more questions.

Thanks,

Sidd [MSFT]

> Does anyone know of a Keberos policy example for soap.tcp?
Reply to this Message
BenW - 23 Jun 2005 20:20 GMT
Hi Sidd, thanks for the reply, actually I was refering to WSE 3.0 which I'm
having a crack with, which I think there there is only one KerberosToken now,
if I remeber the notes.  The samples are biased to http but I would of
thought a lot of peole not wanting to start going down the Remoting route
would like to know how to do secured soap.tcp messaging with WSE 3.0 and
using policy.  I see it as becoming a very powerful technology.

> Hi Ben,
>
[quoted text clipped - 25 lines]
>
> > Does anyone know of a Keberos policy example for soap.tcp?
Reply to this Message
Sidd - 06 Jul 2005 07:53 GMT
Currently if you need to use kerberos with soap.tcp then you have to either
do
a) be on a private domain, where you can set the service principal name of
the service
b) use the low level kerberosClientContext and KerberosServerContext to do
user to user authentication. This will enable you to do user to user
authentication, in which case (a) not be necessary.

If you want to do (a) above, there is a little bit of work setting up te
dmain.

Please let me knowi if the babove makes sense.

Thanks,

Sidd [MSFT]

> Hi Sidd, thanks for the reply, actually I was refering to WSE 3.0 which I'm
> having a crack with, which I think there there is only one KerberosToken now,
[quoted text clipped - 32 lines]
> >
> > > Does anyone know of a Keberos policy example for soap.tcp?
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.