Now I have a web application, a web service and a SQL Server database.

      The Web application will invoke the web service, the web service
invokes the SQL Server stored procedure.

      I let the web service run in an application pool which runs under a
domain user, this domain user has permissions of accessing database and the
connection to database is trusted connection. All these work well.

      The web application will be used in internet (not in the intranet),
but the web service can only be used in intranet so I want to use the
integrated windows authentication for the web service, can I?

      No I want to let the web application use the “Enable anonymous
access” and web service use the “integrated windows authentication”. If so,
when I use the web application to invoke the web service, I will receive the
“The request failed with HTTP status 401: Unauthorized.     at
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage
message, WebResponse response, Stream responseStream, Boolean asyncCall)”

     

      I already used the following two ways in my web application code when
invoking web service:

      Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials;

(this method works only when the web application and web service are in the
same box, when I deployed the two in different computer, I still got the
error “The request failed with HTTP status 401”)

    Or

    System.Net.CredentialCache cache = new System.Net.CredentialCache();

    cache.Add(new Uri(Proxy.Url), "Negotiate", new
System.Net.NetworkCredential("username", "pass", "domain"));

      Proxy.Credentials = cache;



      Could you please tell me if I use the “integrated windows
authentication” for the web service, how does the user’s certificate be
conveyed to web service? (the application user will be anyone in the
internet, will the web service know him)

Sincerely waiting for your feedback!