Authentication / Impersonation With Call To WCF Service
Nov 3, 2010
I have a web page that calls a WCF service that makes a sql database call using Integrated Security. I get an error saying, "Login failed for user 'CorpDomainServerName01$'". I want it so that it all layers will execute under the user's AD credetials (working in an intranet), ie: "CorpDomainAlbert". On the server (Win 2008/IIS 7), I have Windows Authentication turned on and everything else off (including Anonymous) under Authentication for both the web client and the WCF service. Here's my client web.config:
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<authentication mode="Windows"/>
<identity impersonate="true"/>
<customErrors mode="Off"/>
</system.web>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_IMyService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10" maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
<!--<security mode="Transport">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />...........................
View 1 Replies
Similar Messages:
Jul 30, 2010
I'm having problems with impersonation in WCF. Namely, I'm calling a named pipe service from within ASP.NET with impersonation turned on. This fails (due to permissions on the pipe blocking anyone from the network). So, is there any way I can make the call outside of the impersonation context? I don't need to be impersonating to make this call, but can't see any way of doing this.
PS. I need to do this declaratively, through config...
View 1 Replies
Dec 30, 2010
We are gonna call web service with username and password. how to implement this on a web service client?
View 1 Replies
Oct 25, 2010
I'm trying to enable passthrough or impersonation authentication inside an ASP.NET website that uses the TFS2010 API.I've got this working correctly with Cassini, however with IIS 7.5 (Windows 7) something is going wrong.I found this blog post on the subject, and tried the following:
private static void Test()
{
TfsTeamProjectCollection baseUserTpcConnection =
[code]...
View 2 Replies
Oct 12, 2010
I have an Intranet which is on IIS 7.0. I want to authenticate my users and know who is logged in. What options do I have to set in IIS Authentication part that my users do not need to type their user name and password to login to Intranet. I have set the Authentication to Basic and Impersonation, but it is asking user name and password.
View 3 Replies
Mar 1, 2011
I have been looking for code samples on how to do impersation with forms authentication for the current logged on user. I have found samples on the internet and this site and most seem to refer to windows authentication not forms. I am wanting to run specific blocks of code under the current user's credentials to access lists of files on servers on the internal network and display them in the page.I found this article on MSN for using impersonation in various ways, http://support.microsoft.com/kb/306158 and I was able to use the section of code where it describes how to Impersonate a Specific User in Code. This works quite well with forms authentication but requires a service account in AD with login and password. One the same page is a sample of how to impersonate the authenticated user in code, but this only seems to work with windows authentication. As have all other samples I could find, such as the article here,http://www.codedigest.com/codedigest/9-identity-impersonate-at-code-level-in-asp-net.aspx. But trying those with forms authentication results in the error "Unable to cast object of ype 'System.Security.Principal.GenericIdentity' to type 'System.Security.Principal.WindowsIdentity'" Since there is no windows identity with forms authentication.Can anyone point to an article that describes how to do impersonation with forms authentication at the code level?
View 4 Replies
Feb 12, 2010
I been strugling with this for 2 days now without comming any closer to solution. I have read 20-30 threads alteast and stil can not resolve this.I have disable anonymous authentication, enable asp.net impersonation.I have added <identity impersonate = "true" />I have added the a user to the security logins that is connected to the database I try to connect tThis is the connectionstring I use:
Data Source=IPTOSERVER;Initial Catalog=Phaeton;User Id=User;Password=Password;errormessage
View 6 Replies
Aug 31, 2010
I've written a small ASP.NET 3.5 application to allow users to update selected account attributes on their own. Everything works fine when I use Basic Authentication, but because the dialog that is presented is less than ideal, I'd like to use forms authentication to give the users more instruction on how to log in. My problem is that in order for the user to update their account information, I have to have the application impersonate them for the update actions. I've scoured the internet trying to find a solution to my issue, but nothing fits or works. I have tried setting the web.config:
[Code]....
I also tried using the LogonUser method to create a user token and backend the authentication that way, and it doesn't work either.
[Code]....
View 2 Replies
Apr 9, 2010
I have a service account SvcAcc to manage contacts (add/update/delete contacts) for all the exchange users. I Impersonate using the below cmdlet to manage contacts but it also allows SvcAcc to perform other functions (such as send email etc) on behalf of the user.
cmdlet
New-ManagementRoleAssignment -Name:impersonationAssignmentName -Role:ApplicationImpersonation -User:serviceAccount
//impersonation code
service.Credentials = new NetworkCredential(ServiceAccountUserName, ServiceAccountPassword, domain);
service.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, userEmail);
View 3 Replies
Mar 29, 2010
How to call Synchronous service call for combo boxes? As I know Synchronous calls do not create a good user experience because the application is hung waiting for the Web service call to return. Then it is my requirement.
View 1 Replies
Jan 23, 2010
I am writing two ASP.NET apps. One is a web service that provides xml data and the other is a web client that will use the service to display and manipulate data. I would like for the web service to do the membership authentication and authorization. Is there any way to simply point the login controls in my client application to the web service instead of to a database. I assume I would have to provide the necesarry methods in my web service interface, which would then use the membership provider database I created and pass the results back through to the client.
Is this possible? I have seen many articles on security provisioin from a web service but none has really been what I am looking for. I was hoping that, since my service and my client are both written in ASP.NET, there might be some built functionality that would benefit me.
View 8 Replies
May 18, 2010
whether its possible to call an web service on a private corporate network from a web service located in a dmz?
View 2 Replies
Aug 4, 2010
i have created a normal web service and i want to host it outside IIS. one idea i got is to use window service as hosting environment. i have created a web service and hosted it window service and its window service is running now.would anybody please let me know that how can i call web service hosted in window service binded over soap.tcp. here is my sample code.
[Code]....
[Code]....
View 1 Replies
Aug 23, 2010
I need to create an application (ASP.NET or WinForms or Windows Service, not sure) that needs to make a call to a url including username and password for basic authentication and have the url return a csv file. I then need to use the csv file in the application. I don't know how to do this. How do I call the url in my app. There can be no user interaction, it needs to be completely automated in the returning of the csv file.
View 2 Replies
Feb 8, 2010
I need to call a Rest service but would like to do so without having to redirect. Here is my dilemma. The Rest service we are trying to integrate offers the option to sign up for a subscription but does not allow us to upgrade an existing subscription. So if a user wants to upgrade an existing subscription we have to first cancel and then have the user sign up for a brand new subscription. I don't know how I can make this so it flows nicely in my code. I ideally I would like to do something like this
User decides to upgrade
Click upgrade button
Existing account is being cancelled, if cancellation was successful
New account is being created
How can I do this with a Rest service? Here is a sample URI/URL
https://someservice.com?
Action=CancelSubscriptionAndRefund
&AWSAccessKeyId=AKIAIIFXJCFIHITREP4Q
&CallerReference=CallerReference07
&CancelReason=MyWish
&RefundAmount.CurrencyCode=USD
&RefundAmount.Value=1
&SignatureMethod=HmacSHA256
&SignatureVersion=2
&Signature=1uFUSSFvau1zadnSzKRS5ZchuLMn9p5M3ifaHGHie7M%3D
&SubscriptionId=17d62772-c53e-4bdb-9667-65d7b7841cfc
&Timestamp=2009-10-06T08%3A05%3A13.296Z
&Version=2008-09-
Could anybody give me some ideas how to make this work in an elegant manner. We thought we could keep the old subscription and then just sign the user up for a new subscription for the difference of the money. For example the first subscription would be 2.95 and the second one would be 2.00 which would amount to a subscription of 4.95. I think it is not elegant and the user would see 2 charges on the credit card, weird, I think. Since I don't know much about Rest maybe there is a way that this can be solved.
View 1 Replies
Sep 15, 2010
I am new to Web services and .NET. I have to authenticate a web service that is being accessed using http post. I tried putting a custom soap header and sending it to the service and checking the header in service but the header object is always null in the service.also if i put the user and password options in http headers how can i validate them on the server ? Client code:
private void button1_Click(object sender, EventArgs e)
{
HttpWebRequest request;
[code]...
View 1 Replies
Feb 9, 2011
I am invoking a WCF web service (.NET 4.0) via jQuery $.ajax() from an ASP.NET page. How can I secure the WCF service such that only authenticated ASP.NET users can invoke the service's methods? Do I need to imperatively check the forms authentication cookie manually in each service method, or is there a more declarative approach?
View 1 Replies
Mar 3, 2011
I have a production web application that uses <authentication mode="Windows"/> I have added an .asmx page with a method in it. I'd like to test making calls to it from a separate client web app. When I do this I get the error: The request failed with HTTP status 401: Access Denied What do I need to do in my client app to access this webservice?
View 2 Replies
Sep 13, 2010
I tried to take advantage of jQuery AJAX call to enhance user experience but I am facing a tricky problem.
When the user does nothing for a period of time, e.g. 30 minutes to reach authentication timeout, making AJAX call becomes the problem. The server side will return login page and display in my target div section. The simplest solution I can think of is to inject a dummy tag in login page, and when detecting such dummy tag then use javascript to redirect to login page. But this means that I have to do that every time I make AJAX call.
View 1 Replies
Feb 11, 2010
What does the using statement do? Is it actually needed?
using (MyWebservice x = new MyWebservice())
{
//random code
}
View 4 Replies
Feb 10, 2011
how to publish a service with authentication
View 2 Replies
Jul 2, 2010
I have a webservice that's behind form's authentication. The site that hosts the service also serves as a site that requires a user to log in via the login page.I have a second site that needs to be able to access the service that the first site hosts. However, when attempting to access the service, it fails because the service requires that the user is logged in.
View 1 Replies
Aug 11, 2010
I have created a WCF service that will serve as authentication service for Silverlight client.The problem is that when I make a call to FormsAuthentication.SetAuthCookie in the Login method below, I get a null reference exception. I am following the 'Securing Applications Built on Silverlight and WCF' (http://www.componentart.com/community/blogs/milos/archive/2009/05/07/securing-applications-built-on-silverlight-and-wcf.aspx)
[Code]....
View 1 Replies
Dec 4, 2010
I want to create a web service that can authenticate user from my application. I will be sending user name and password from my app to the web service and that will deny or accept the user. I want to use form authentication using sql server. that this web service can be used by other team in my office so that they can just call the web service and the user will be authenticated.
Also, is it possible to use both form and windows authentication in my web service and authenticate the user both ways.
View 3 Replies
Feb 10, 2010
I am using .NET roles and membership model to manage user accounts in my system back-end.
If the request is come from within my web-app, I can authenticate through form.
But if the user is requesting from else where, maybe their own apps, how to I do authentication?
attach username and password (GET/POST) and then secure the line by SSL? is that what I should do?
View 3 Replies
