 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / Windows Forms / WinForm General / April 2005simulating asp.net impersonation
i have win app that access web services for information.I want to lock down web services. I want to add users or groups to authorization tag to restrict access to only a few users. The only way i know to do this is to: add each person separetely - this means i have to maintain this section when someone changes jobs add group of persons needing access - this means i have to create a new group in AD to house these specific individuals impersonate any user who uses windows application as a single user and add this user to authorization tag - have to write code to do this? These are the only three options i know of, If there are others, let me know. Which one do you recommend I don't have access to ad, so it would be in my power to do the impersonation thing i was talking about. thanks Hi TS, Welcome to MSDN newsgroup. From your description, you have a winform app which consumes an ASP.NET webservice. Also you'd like to protect the service from being used by unauthenticated users. So you're currently wondering the best means to let the client winform app attach the proper user's credential, yes? Based on my experience, the <authorization> schema element in asp.net 's configuration is mainly used by asp.net web application rather than asp.net webservice(though this is also ok which can use to protect the asmx's accessing). And this will depend on the client credential passed from the IIS which do the authentication( basic or integrated windows(NTLM/kerberos...) , webservice dosn't support interactive auhentication like Forms authenticaiton). OK, then as for how to provide such credential at clientside: if you're using the .net generated webservice client proxy class (through VS.NET's add webreference or wsdl.exe tool), we can provide our credential through the proxy class's Credentials property and specify the authentication schema( BASIC , NTLM ...) . For example: ============ MyService.MyService ms = new AuthClient.MyService.MyService(); System.Net.NetworkCredential nc = new System.Net.NetworkCredential("username","password","domainname"); System.Net.CredentialCache cc = new System.Net.CredentialCache(); cc.Add(new Uri(ms.Url),"NTLM",nc); ms.Credentials = cc; ms.Execute("dfdsfds"); ============ In addition, we can also use the SoapHeader in the webservice's SOAP Message to contain our custom authentication info. This is a good approach if we don't want to reply on the IIS's authentication support. However since the SOAP message is plain XML text, we need to encrypt the credential info (soapHeader) if we use this means. Here is the MSDN reference which has mentioned all the general authentication means for asp.net webservice, I think it'll be helpful to you: #Securing XML Web Services Created Using ASP.NET http://msdn.microsoft.com/library/en-us/cpguide/html/cpconsecuringaspnetwebs ervices.asp?frame=true Steven Cheng Microsoft Online Support  SignatureGet Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.) Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.