Calling Secure Web Service From Anonymous Website?

Feb 1, 2011

I have a web service that is set as secure via the web config:

<authentication mode="Windows" />
<authorization>
<allow roles="METWeb-Admin"/>
<deny users="*"/>
<allow users="METJoeUser;METJoeSmith"/>
</authorization>

And also in IIS 7 (Windows Server 2008) it has the following set for Authentication:

Anonymous Authentication:Disabled
ASP.NET Impersonation: Disabled
Basic Authentication Disabled
Forms Authentication: Disabled
Windows Authentication: Enabled

The anonymous site I am calling it from in IIS7 is:

Anonymous Authentication:Enabled
ASP.NET Impersonation: Disabled
Basic Authentication Disabled
Forms Authentication: Enabled
Windows Authentication: Disabled

In the Anonymous web site, I call the secure web service via:

moms.momService myMom = new moms.momService();
NetworkCredential netCred = new NetworkCredential(@"username", "password");
strStatus = myMom.createBackupDirectoryAndPrivs(sData);

Everytime I run this, it returns as Unauthorized. I have made sure this user is in the Web-Admin AD Group. I also tried adding the user as an Allow User but still unauthorized. I am pretty sure the problem lies somewhere in IIS but not sure what else to check.

BTW: For what it's worth, if I run the Anonymous site via VS2010 development on my dev box, and call the secure site using above code, it works fine. This is why I am thinking IIS on the PROD server.

View 1 Replies


Similar Messages:

C# - How To Secure Web Service To Only Allow Relative Path Calling

May 19, 2010

I have ASMX services for my web application that I would only like available to the same application.Is there a way for the web service to only be accessible by the same application, such as relative/absolute path restrictions?

View 3 Replies

C# - Calling Modal Window From Secure Website Links?

Jan 28, 2011

I currently have a asp test site setup which when the user clicks on the login link it opens the standard asp.net login page (login.aspx) within a modal telerik RadWindow. I am calling this page using javascript and this works fine.

The challenge I have now is when a user clicks on a link within the page if that link points to a secure section the login screen loads in the main frame of the site vs. a pop-up. I realize why (aka my js funciton is not being called) my question is to work around this would the correct/acceptible approach be to call a method from each link/button that tests for user authenticaiton? If the user is authenticated then redirect to the page otherwise call the javascript funciton to open the window?

[code]....

View 1 Replies

WCF / ASMX :: Unable To Get The Credentials Of A Website Calling A WCF Service?

Mar 31, 2011

I have a website(X) hosted on a Windows server .

This Website is running under a AppPool= "CustomAppPool" ( Im using a specific AD Username and Password as the credentials for the apppool)

Website Is running under Credentials "DomainNameUsrName"

This Website should access a WCF service which is running under "MAchineNameASPNET" process

When i try to get the details of the calling method (UsrName) from the client calling the WCF ..... Im unable to to do so

I am always gettting the MachineNameASPNET as the credentials

How can i get the "DomainNameUsrName" from the callign website

View 1 Replies

WCF / ASMX :: Calling A Web Service On A Remote Server From A ASPX Page (website Project VS2005)?

Aug 30, 2010

I am maintaining a web site project in VS2005 and have to call a new web service on a remote server. I've done add web reference, and created the .wsdl and .discomap files in the app_webReference folder. When I try to create a object representing the web service in the code ( wsnamespace.serviceName ws = new wsnamespce.serviceName(); ) the code wouldn't compile.

The web site project is already calling other web services. When I right click on the type representing the web service and "go to definition" it takes me to a proxy class (derived from of course SoapHttpClientProtocol) in the metadata. I think this is what's missing for the new web service i'm trying to call. Have I missed any steps?

View 1 Replies

State Management :: Get The Calling Url Referrer From A Secure Site?

Jul 14, 2010

I need to get the calling page url referrer and host name. I works for me if the calling pages are within the same network. When a page is called from an internal site that are outside of my network, I got the following error:

Object reference not set to an instance of an object.

It failed on this line:

string userURL = Request.UrlReferrer.ToString();

View 1 Replies

C# - Calling A Web Service - Code For Consuming A Service Is Not Working ?

Mar 16, 2011

I have the following code for consuming a service that is not working for me. what I can do to narrow down whats going wrong?

The address is: http://localhost:57667/ExampleService.svc/

When visiting directly I get the 'You have created a service... message'

The code that goes wrong is here. It causes the following error:

_url = "http://localhost:57667/ExampleService.svc";
TextReader textReader = new StringReader(HttpPostClient.Post(new Uri(_url), bodyData.ToString(), _exampleServiceRequestEncoding, Properties.Settings.Default.HttpPostClientExampleAvailabilityTimeout));

ERROR MESSAGE:When visiting this URL directly: http://localhost:57667/ExampleService.svc/ProcessRequest

The exception message is 'No component for key example.ExternalWebServiceStubs.Example.ExampleService was found'.
Castle.MicroKernel.DefaultKernel.get_Item(String key) at Castle.Facilities.WcfIntegration.WindsorInstanceProvider.GetInstance

View 2 Replies

WCF / ASMX :: How To Create Secure Web Service

Jul 20, 2010

I am developing web service for my windows mobile application..! But the new requirement is the web service must be an secure..! for example : My web service name is [URL] Instead of that , client wants to [URL] How I create https web service..! I am using visual studio 2008. windows 7

View 1 Replies

How To Secure A Web Service Consumed With AJAX

Sep 23, 2010

When a web service is consumed from server side, the web service may be implemented in a way to check credentials of the caller. In the case of calling the web service from javascript, how to secure the service since no credentials can be passed into a javascript function becuase of the visibility in source view?

View 7 Replies

C# - How To Secure A Web Service That Has Forms Authentication

Jul 2, 2010

I have a webservice that's behind form's authentication. The site that hosts the service also serves as a site that requires a user to log in via the login page.I have a second site that needs to be able to access the service that the first site hosts. However, when attempting to access the service, it fails because the service requires that the user is logged in.

View 1 Replies

How To Secure Ajax Web Service Using Javascript

Jan 18, 2011

In my web site i'm using Asp.net web service (using javascript) to update certain values to DB. I'm concered about the security threats. How can i secure ASP.net Ajax web service using javascript

View 6 Replies

WCF / ASMX :: How To Secure Web Service Hosted In IIS

Oct 16, 2010

I need advice on how to secure my WCF web service hosted in IIS. I am new to WCF and would appreciate any sample code, articles to help me restrict access to my WCF service.

I am in the process of testing and deploying a WCF service that will be available on the internet. I need to secure the web service so that only authorized clients can use the service. I need to be able to detect who the client is making the call to the service. The group I am building this service for wants to use Certificate authentication or IP address to Identify the themselves to call my web service. They do not want to use user name and password.

I have found several articles and code snippets for getting the IP address of the client and Certificate authentication. The problem I found using trying to get the IP address of the client is that since my web service his hosted behind a F5 or some type of reverse proxy I cannot get the true IP of the client. The IP that the web services get is the IP of the F5 or the reverse proxy.

For Certificate Authentication I followed the directions from the 9 simple steps to enable X.509 certificates on WCF located here

http://www.codeproject.com/KB/WCF/9StepsWCF.aspx?msg=3181718. I had a few problems using this setup for my web service. 1) To me it seemed like as long as the user presented a valid Certificate they would be able to call my web service.

2) Does Certificate Authentication work when the security mode is set to Transport? In my production environment only HTTPS traffic is allowed through. I setup a Certificate authention on my service following the steps outlined in the article. I used the SSL certificate assigned to my server for the web services. For the client outside the network the service is hosted on, I used one of the certificates I generated when i tested the code locally. I changed the authentication mode of the certificate to chain trust for both the client and the server. I was able to call the service and recieve a message. I thought that since my certificate was self generated using the makecert command that the web services would not authenticate the client for the service.

how I can secure my services to only allow a few approved clients to call call the service.

View 17 Replies

C# And Anonymous Types - Iterate Through A DataTable While Manually Building An Anonymous Type

Jan 18, 2010

I am currently implementing a client-side paging solution using ASP.NET, jQuery and JSON.

I have been following the excellent article from encosia: http://encosia.com/2008/08/20/easily-build-powerful-client-side-ajax-paging-using-jquery/

In my Web Method I retrieve my data from the database as a DataTable:

DataTable categoryProducts = ProductViewerAccess.GetCategoryProducts
("AA", 4, 0, Page.ToString(), out howManyPages, "FALSE", 0, "CostPrice", "asc", destinationList);

I then retrieve the data from the DataTable into an anonymous type:

var feeds =
from feed in categoryProducts.AsEnumerable()[code]....

This all works great.

However, I would like to extend the code to perform some evaluation checks (e.g., check that various columns in the DataTable are not NULL) and other pre-processing (e.g., call various functions to build the image URL based on the image ID - which is another column in the DataTable not shown in the code fragment) before I return the resulting rows of the DataTable as an anonymous type to the client-side.Basically, I want to iterate through the DataTable, perform the evaluation checks and pre-processing, while building my anonymous type manually as I go. Or maybe there is a better way to achieve this?

View 2 Replies

C# - Customize Website For Anonymous Users And Remember Settings And Information?

Mar 2, 2011

I have a E-Shop Site and I need some customization for my users like following :

Store favorite products in their own basket.Customize products list in order to what are their favorite. It must remember their basket next time they want to visit our site.

my question is how I can store information for my customers who are new to my web site also most of customers don't like to have username and password then login first they like to buy during a week and at the end of week pay for them then we can send some products to their locations.

I have already written my application using asp.net with framework 4.0.

View 3 Replies

WCF / ASMX :: How To Secure A WCF Web Service / Using Traditional "connection String In Web.configâ€

Aug 2, 2010

How do you secure a WCF web service when you are using the traditional "connection string in the web.config"?

I have added a WCF service to an application which uses a JQuery post and returns JSON. The request happens on the client side. The purpose of this service is to return search information while the person is typing text into a textbox.

It works well, but there is a problem because the application will be used by a number of people and I am maintaining a role based security within the applications MS SQL database. The connection string to the database is in the web.config file.

In order to run the JQuery call to the web service the user must have at least read access directly to the database. I want to allow the application to control the access, but removing all security to the WCF service opens the application up for external access by unauthorized users.

View 3 Replies

Want To Put Secure Payment Gateway For Website

Feb 24, 2011

i want to put secure payment gateway for website.

View 3 Replies

VS 2005 - How To Secure Website Using Default Certificate

Jun 7, 2010

I want to secure my certain web page of site, Displaying lock icon at status bar of browser. How do I achieve this in 2.0 using any default certificate?

View 6 Replies

Download Files From Secure Website Programmatically (c#)?

Dec 3, 2010

I've to download files from our 38 clients secure websites. They are our data resources. Currently data collection process is manual. Logon to the site, login with username and password, then download files, save to local folder, close window once download is completed. We are trying to automate download process. Plan is to handle login part with code and directly show list of filename to User with check box , so User can select files and click to save.

Rest all will be handled programtically. Once download is complete the status for that file will change to "Saved" or "Download Complete. I'm working on Window 7, VS2008(C# asp.net). Trying to make it work with WebClient class. It'll be great if you can post some source code or guide me to link or post for solution.

View 2 Replies

Security :: Secure Admin Exception In Website

Jun 10, 2010

I have a secure admin section in my website, only logged in users can gain access to this section, its controlled from the web.config file like this

[Code]....

This has all works perfectly well until now. Ive created a page that has an accordian control on it from the ajax control toolkit, as soon as I place this control on a page and run the web page, I get this error

View 1 Replies

Security :: HTML Reader Working On A Secure Website?

Jan 7, 2010

I am working on an application to read some data from a website that requires a login.

I am using the WebClient class to read the page.

For example if I have a page http://www.something.com it can read the page fine.

However If I have a page https://www.something.com/secure/ than it requires authentication.

I have the username/password required I just need to know how to pass it in using C# .net.

View 4 Replies

Calling WCF Service From Silverlight?

Jan 7, 2010

I am new to Silverlight. In Silverlight, we can get data from server using ASP.Net (using WebClient and HTTPWebRequest classes in Silverlight) and using WCF Service.

Assuming that I do not need the cross domain capability, what is a good option in terms of Security and ease of development?

View 1 Replies

JQuery Calling WCF Service

Mar 11, 2011

I am in the process of implementing jQuery calling WCF service which is hosted in the same domain. My application uses Win Auth that works fine with ASP.NET app. I would like to know from the team if the user calls the WCF service from the ASP.NET what is the security context in which the service runs? Or it uses the web.config security which is specified? Are there any links related to this where i can get some information.

ASP.NET 4.0, jQuery and WCF 4.0 in same web application

View 1 Replies

Calling Wcf 4.0 Service From Jquery

Feb 7, 2011

I have a simple wcf service developed in vs2010

[ServiceContract]
public interface IService1
{
[OperationContract]
string GetData(int value);
// TODO: Add your service operations here
}
public class Service1 : IService1
{
public string GetData(int value)
{
return string.Format("You entered: {0}", value);
}
}

the following call is working

protected void Button1_Click(object sender, EventArgs e)
{
ServiceReference1.Service1Client p = new ServiceReference1.Service1Client();
Label1.Text= p.GetData(5);
}

but when I am trying to call it from jquery its not working

$(".test").live("click", function () {
$.ajax({
type: "post",
url: "[URL]",
data: {value:'1'},
contentType: "application/json; charset=utf-8",
timeout: 10000,
processData: true,
dataType: "json",
success: function(d) {
alert(d);
},
error:function (xhr, ajaxOptions, thrownError){
alert(xhr.status);
alert(thrownError.toString());
}
});

View 1 Replies

Mobiles :: Web Service Calling From PDA?

Jun 24, 2010

I am developing application for PDA. The Sql Server compact edition is installed on PDA. The data is stored on PDA's DB as well as the Server Database through wifi.

If the server is available,the data will be stored through web service, If not available ,the data should be inserted when the server is connected to the data.

which is better to transfer data whether the web service or windows service?

If web service means, how could i transfer the data to server database?

View 3 Replies

ASP Webservice Calling WCF Service?

Oct 27, 2010

I have almost the same problem as you have described in [URL] service. I have a asp.net webservice that calls a WCF service. On my development machine this is working fine. But if i deploy my ASP.net Webservice it is not working. Both the ASP Webservice en WCF service needs my cridentials. How did you solved your problem. In the logging of the WCF service I see that my credentials is not passing to WCF.

View 1 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved