Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / November 2005

Tip: Looking for answers? Try searching our database.

Confused about role based security configuration.

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Ken Varn - 31 Oct 2005 16:38 GMT
I am configuring my web service with Web.config using windows
authentication.  I want to limit the web service permissions by using the
allow / deny roles authorization.  I have added the following in my
web.config:

  <authentication mode="Windows" />
   <authorization>
     <allow roles="Administrators"/>   <!-- I am assuming this can be
specified as a windows user group -->
     <deny users="*" />
  </authorization

When my application tries to make a call to the web service, I get a 401
error.  I have set the credentials on the request to use DefaultCredentials,
which I am assuming uses the logged on credentials.  The logon that I am
calling from is an Administrator calling the web service locally.  Why am I
getting a 401 error?  Is there something more that I need to do to allow my
logon to be able to call the local web service?

Signature

-----------------------------------
Ken Varn
Senior Software Engineer
Diebold Inc.

EmailID = varnk
Domain = Diebold.com
-----------------------------------

Reply to this Message
Peter Kelcey - 01 Nov 2005 04:54 GMT
Ken,

Use the following web.config settings instead of the ones you've got.

<authorization>
 <allow roles="BUILTIN\Administrators" />
 <deny users="*" />
</authorization>

Hope that helps.

Peter Kelcey
Reply to this Message
Ken Varn - 02 Nov 2005 15:57 GMT
Thanks for your help.  That worked!

Just one other question.  Do all Windows groups need to be preceded by
BUILTIN\ when specifying roles?  I have seen this with SQL Server user role
settings, but I was unaware that it carried over to the web.config roles as
well.

Do you know if this is documented somewhere?

Signature

-----------------------------------
Ken Varn
Senior Software Engineer
Diebold Inc.

EmailID = varnk
Domain = Diebold.com
-----------------------------------

> Ken,
>
[quoted text clipped - 8 lines]
>
> Peter Kelcey
Reply to this Message

 Rate this thread:







Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.