 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / March 2005user Authentication through webservice
I have a webservice based app that a company has purchased to use internally. They want the authentication to integrate with their Active Directory. Is there anyway that the client portion of the application (which is a .NET WinForms app) can send some information about the logged in user so that I could athenticate that user before accessing the database? The database will not have individual user accounts but will authenticate using a table in the database. The reason that I need this is so that the company can push out the client app to it's users using Zenworks. So, the install must get the user data from the Active directory. Therefore I need to be able to use whatever information he can get from the AD and use it get the same info from the AD from the webserver code. One thing I was thinking of using was the AD object ID (a guid) but I don't know how I would pass that value to the DirectorySearcher's filter property and I don't know if that's a property that the ZenWorks install can grab anyway. So, to sum up the client app polls a webservice to get some data, I need to be able to get some user information (gleaned from the AD) from the client and authenticate the user, then connect to the database and retrieve teh requested data. Any ideas? Thanks. You could just use integrated security for the web service, and pass the default credentials from the client to the web service. proxy.Credentials = System.Net.CredentialCache.DefaultCredentials; where proxy is the proxy object to the web service.  SignatureManohar Kamath Editor, .netWire www.dotnetwire.com > I have a webservice based app that a company has purchased to use > internally. They want the authentication to integrate with their Active [quoted text clipped - 19 lines] > > Thanks. You could also use WSE and WS-Security and pass UsernameTokens or get SecurityContextToken and authenticate to AD using LogonUser API inside the Token verifier logic. WSE has a lot of security things you can do. SignatureWilliam Stacey, MVP http://mvp.support.microsoft.com > I have a webservice based app that a company has purchased to use > internally. They want the authentication to integrate with their Active [quoted text clipped - 19 lines] > > Thanks. This sounds interesting, do you have an more information on how to do this? I was looking for a LogonUser API and found nothing. My application consist of a desktop application (written in .NET) that polls a web serivice. I have a client that want AD integration. I need to pass the local users authenticated security token to the webservice and then be able to retireve the users login name so that I can then authenticate that against my application's database. I have already developed an AD scanning tool that runs as a windows service and creates accounts (using the SAMAccount name from the AD) in my database so I just need to get the authenticated user info from the client to match up with what's in my database. I've never worked with active directory integration in a webservice (or anywhere else for that matter) so I need a lot of info (quickly). --Buddy > You could also use WSE and WS-Security and pass UsernameTokens or get > SecurityContextToken and authenticate to AD using LogonUser API inside the > Token verifier logic. WSE has a lot of security things you can do. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.