Authenticate to a webservice by WindowsIdentity

I know how to authenticate to a webservice using either of these
ways(Assuming that rService represents the webservice):

1) rService.Credentials = new
System.Net.NetworkCredential("username","password" ,"domainName");
2)rService.Credentials = System.Net.CredentialCache.DefaultCredentials;

My question is that is there a way to authenticate to a user using
WindowsIdentity ???

Thanks for your help

Hello ALI-R,
Both the methods you suggested use windows identity to authenticate! Only
they dont use ws security. They use IIS authentication.

HTH
Regards,
Dilip Krishnan
MCAD, MCSD.net
dkrishnan at geniant dot com
http://www.geniant.com
[color=blue]
> I know how to authenticate to a webservice using either of these
> ways(Assuming that rService represents the webservice):
>
> 1) rService.Credentials = new
> System.Net.NetworkCredential("username","password" ,"domainName");
> 2)rService.Credentials =
> System.Net.CredentialCache.DefaultCredentials;
>
> My question is that is there a way to authenticate to a user using
> WindowsIdentity ???
>
> Thanks for your help
>[/color]

what do you mean by they don't use windows security?

Thanks
"Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
news:222455632423579221519936@msnews.microsoft.com ...[color=blue]
> Hello ALI-R,
> Both the methods you suggested use windows identity to authenticate![/color]
Only[color=blue]
> they dont use ws security. They use IIS authentication.
>
> HTH
> Regards,
> Dilip Krishnan
> MCAD, MCSD.net
> dkrishnan at geniant dot com
> http://www.geniant.com
>[color=green]
> > I know how to authenticate to a webservice using either of these
> > ways(Assuming that rService represents the webservice):
> >
> > 1) rService.Credentials = new
> > System.Net.NetworkCredential("username","password" ,"domainName");
> > 2)rService.Credentials =
> > System.Net.CredentialCache.DefaultCredentials;
> >
> > My question is that is there a way to authenticate to a user using
> > WindowsIdentity ???
> >
> > Thanks for your help
> >[/color]
>
>[/color]

Hello ALI-R,
ws = web service. In your case web page as such is protected by IIS (read
transport level). WS-Security gives you message level authentication/integrity/confidentiality
(has nothing to do with IIS or http). When you set the credentials you are
actually using windows/basic authentication supported by IIS.

HTH
Regards,
Dilip Krishnan
MCAD, MCSD.net
dkrishnan at geniant dot com
http://www.geniant.com
[color=blue]
> what do you mean by they don't use windows security?
>
> Thanks
> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
> news:222455632423579221519936@msnews.microsoft.com ...[color=green]
>> Hello ALI-R,
>> Both the methods you suggested use windows identity to authenticate![/color]
> Only
>[color=green]
>> they dont use ws security. They use IIS authentication.
>>
>> HTH
>> Regards,
>> Dilip Krishnan
>> MCAD, MCSD.net
>> dkrishnan at geniant dot com
>> http://www.geniant.com[color=darkred]
>>> I know how to authenticate to a webservice using either of these
>>> ways(Assuming that rService represents the webservice):
>>>
>>> 1) rService.Credentials = new
>>> System.Net.NetworkCredential("username","password" ,"domainName");
>>> 2)rService.Credentials =
>>> System.Net.CredentialCache.DefaultCredentials;
>>>
>>> My question is that is there a way to authenticate to a user using
>>> WindowsIdentity ???
>>>
>>> Thanks for your help
>>>[/color][/color][/color]

Thanks ,I think I somehow underestood it.Correct me if I'm wrong please?
Since we have enabled windows integrated authentication in our web service
which is serverd by IIS ,using
[color=blue][color=green][color=darkred]
> >>> 1) rService.Credentials = new
> >>> System.Net.NetworkCredential("username","password" ,"domainName");
> >>> 2)rService.Credentials =
> >>> System.Net.CredentialCache.DefaultCredentials;[/color][/color][/color]

Infact we are using **WindowsIdentity** to authenticate to our
webservice,right?

What I was looking for is to authenticate to the webservice in something
like where "LogonUser" is an API which I can use in conjunction with the
WindowsIdentity class to create a new temporary identity to impersonate with
later :

public static WindowsIdentity CreateIdentity(string User, string Domain,
string Password)
{
// The Windows NT user token.
IntPtr tokenHandle = new IntPtr(0);

const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_NETWORK_CLEARTEXT = 3;

tokenHandle = IntPtr.Zero;

// Call LogonUser to obtain a handle to an access token.
bool returnValue = LogonUser(User, Domain, Password,
LOGON32_LOGON_NETWORK_CLEARTEXT, LOGON32_PROVIDER_DEFAULT,
ref tokenHandle);
if (false == returnValue)
{
int ret = Marshal.GetLastWin32Error();
throw new Exception("LogonUser failed with error code: " +
ret);
}

//The WindowsIdentity class makes a new copy of the token.
//It also handles calling CloseHandle for the copy.
WindowsIdentity id = new WindowsIdentity(tokenHandle);
CloseHandle(tokenHandle);
return id;
}

Thanks again,
Ali-R

"Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
news:227216632424123641457360@msnews.microsoft.com ...[color=blue]
> Hello ALI-R,
> ws = web service. In your case web page as such is protected by IIS (read
> transport level). WS-Security gives you message level[/color]
authentication/integrity/confidentiality[color=blue]
> (has nothing to do with IIS or http). When you set the credentials you are
> actually using windows/basic authentication supported by IIS.
>
> HTH
> Regards,
> Dilip Krishnan
> MCAD, MCSD.net
> dkrishnan at geniant dot com
> http://www.geniant.com
>[color=green]
> > what do you mean by they don't use windows security?
> >
> > Thanks
> > "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
> > news:222455632423579221519936@msnews.microsoft.com ...[color=darkred]
> >> Hello ALI-R,
> >> Both the methods you suggested use windows identity to authenticate![/color]
> > Only
> >[color=darkred]
> >> they dont use ws security. They use IIS authentication.
> >>
> >> HTH
> >> Regards,
> >> Dilip Krishnan
> >> MCAD, MCSD.net
> >> dkrishnan at geniant dot com
> >> http://www.geniant.com
> >>> I know how to authenticate to a webservice using either of these
> >>> ways(Assuming that rService represents the webservice):
> >>>
> >>> 1) rService.Credentials = new
> >>> System.Net.NetworkCredential("username","password" ,"domainName");
> >>> 2)rService.Credentials =
> >>> System.Net.CredentialCache.DefaultCredentials;
> >>>
> >>> My question is that is there a way to authenticate to a user using
> >>> WindowsIdentity ???
> >>>
> >>> Thanks for your help
> >>>[/color][/color]
>
>[/color]

Hello ALI-R,

Not sure I follow what you're trying to achieve... where do you hope to
call the Createidentity method?

HTH
Regards,
Dilip Krishnan
MCAD, MCSD.net
dkrishnan at geniant dot com
http://www.geniant.com
[color=blue]
> Thanks ,I think I somehow underestood it.Correct me if I'm wrong
> please? Since we have enabled windows integrated authentication in our
> web service which is serverd by IIS ,using
>[color=green][color=darkred]
>>>>> 1) rService.Credentials = new
>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
>>>>> 2)rService.Credentials =
>>>>> System.Net.CredentialCache.DefaultCredentials;
>>>>>[/color][/color]
> Infact we are using **WindowsIdentity** to authenticate to our
> webservice,right?
>
> What I was looking for is to authenticate to the webservice in
> something like where "LogonUser" is an API which I can use in
> conjunction with the WindowsIdentity class to create a new temporary
> identity to impersonate with later :
>
> public static WindowsIdentity CreateIdentity(string User, string
> Domain,
> string Password)
> {
> // The Windows NT user token.
> IntPtr tokenHandle = new IntPtr(0);
> const int LOGON32_PROVIDER_DEFAULT = 0;
> const int LOGON32_LOGON_NETWORK_CLEARTEXT = 3;
> tokenHandle = IntPtr.Zero;
>
> // Call LogonUser to obtain a handle to an access token.
> bool returnValue = LogonUser(User, Domain, Password,
> LOGON32_LOGON_NETWORK_CLEARTEXT,
> LOGON32_PROVIDER_DEFAULT,
> ref tokenHandle);
> if (false == returnValue)
> {
> int ret = Marshal.GetLastWin32Error();
> throw new Exception("LogonUser failed with error code:
> " +
> ret);
> }
> //The WindowsIdentity class makes a new copy of the token.
> //It also handles calling CloseHandle for the copy.
> WindowsIdentity id = new WindowsIdentity(tokenHandle);
> CloseHandle(tokenHandle);
> return id;
> }
> Thanks again,
> Ali-R
> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
> news:227216632424123641457360@msnews.microsoft.com ...
>[color=green]
>> Hello ALI-R,
>> ws = web service. In your case web page as such is protected by IIS
>> (read
>> transport level). WS-Security gives you message level[/color]
> authentication/integrity/confidentiality
>[color=green]
>> (has nothing to do with IIS or http). When you set the credentials
>> you are actually using windows/basic authentication supported by IIS.
>>
>> HTH
>> Regards,
>> Dilip Krishnan
>> MCAD, MCSD.net
>> dkrishnan at geniant dot com
>> http://www.geniant.com[color=darkred]
>>> what do you mean by they don't use windows security?
>>>
>>> Thanks
>>> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
>>> news:222455632423579221519936@msnews.microsoft.com ...
>>>> Hello ALI-R,
>>>> Both the methods you suggested use windows identity to
>>>> authenticate!
>>> Only
>>>
>>>> they dont use ws security. They use IIS authentication.
>>>>
>>>> HTH
>>>> Regards,
>>>> Dilip Krishnan
>>>> MCAD, MCSD.net
>>>> dkrishnan at geniant dot com
>>>> http://www.geniant.com
>>>>> I know how to authenticate to a webservice using either of these
>>>>> ways(Assuming that rService represents the webservice):
>>>>>
>>>>> 1) rService.Credentials = new
>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
>>>>> 2)rService.Credentials =
>>>>> System.Net.CredentialCache.DefaultCredentials;
>>>>>
>>>>> My question is that is there a way to authenticate to a user using
>>>>> WindowsIdentity ???
>>>>>
>>>>> Thanks for your help
>>>>>[/color][/color][/color]

I'd like to feed the output of this method which is of WindowsIdentity Type
to Webservice in a way.I just wondered if the following statements do the
same thing.[color=blue][color=green][color=darkred]
>>>>>> 1) rService.Credentials = new
>>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
>>>>>> 2)rService.Credentials =
>>>>>> System.Net.CredentialCache.DefaultCredentials;[/color][/color][/color]

thanks,
ALI-R

"Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
news:229175632424486603471104@msnews.microsoft.com ...[color=blue]
> Hello ALI-R,
>
> Not sure I follow what you're trying to achieve... where do you hope to
> call the Createidentity method?
> HTH
> Regards,
> Dilip Krishnan
> MCAD, MCSD.net
> dkrishnan at geniant dot com
> http://www.geniant.com
>[color=green]
>> Thanks ,I think I somehow underestood it.Correct me if I'm wrong
>> please? Since we have enabled windows integrated authentication in our
>> web service which is serverd by IIS ,using
>>[color=darkred]
>>>>>> 1) rService.Credentials = new
>>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
>>>>>> 2)rService.Credentials =
>>>>>> System.Net.CredentialCache.DefaultCredentials;
>>>>>>[/color]
>> Infact we are using **WindowsIdentity** to authenticate to our
>> webservice,right?
>>
>> What I was looking for is to authenticate to the webservice in
>> something like where "LogonUser" is an API which I can use in
>> conjunction with the WindowsIdentity class to create a new temporary
>> identity to impersonate with later :
>>
>> public static WindowsIdentity CreateIdentity(string User, string
>> Domain,
>> string Password)
>> {
>> // The Windows NT user token.
>> IntPtr tokenHandle = new IntPtr(0);
>> const int LOGON32_PROVIDER_DEFAULT = 0;
>> const int LOGON32_LOGON_NETWORK_CLEARTEXT = 3;
>> tokenHandle = IntPtr.Zero;
>>
>> // Call LogonUser to obtain a handle to an access token.
>> bool returnValue = LogonUser(User, Domain, Password,
>> LOGON32_LOGON_NETWORK_CLEARTEXT,
>> LOGON32_PROVIDER_DEFAULT,
>> ref tokenHandle);
>> if (false == returnValue)
>> {
>> int ret = Marshal.GetLastWin32Error();
>> throw new Exception("LogonUser failed with error code:
>> " +
>> ret);
>> }
>> //The WindowsIdentity class makes a new copy of the token.
>> //It also handles calling CloseHandle for the copy.
>> WindowsIdentity id = new WindowsIdentity(tokenHandle);
>> CloseHandle(tokenHandle);
>> return id;
>> }
>> Thanks again,
>> Ali-R
>> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
>> news:227216632424123641457360@msnews.microsoft.com ...
>>[color=darkred]
>>> Hello ALI-R,
>>> ws = web service. In your case web page as such is protected by IIS
>>> (read
>>> transport level). WS-Security gives you message level[/color]
>> authentication/integrity/confidentiality
>>[color=darkred]
>>> (has nothing to do with IIS or http). When you set the credentials
>>> you are actually using windows/basic authentication supported by IIS.
>>>
>>> HTH
>>> Regards,
>>> Dilip Krishnan
>>> MCAD, MCSD.net
>>> dkrishnan at geniant dot com
>>> http://www.geniant.com
>>>> what do you mean by they don't use windows security?
>>>>
>>>> Thanks
>>>> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
>>>> news:222455632423579221519936@msnews.microsoft.com ...
>>>>> Hello ALI-R,
>>>>> Both the methods you suggested use windows identity to
>>>>> authenticate!
>>>> Only
>>>>
>>>>> they dont use ws security. They use IIS authentication.
>>>>>
>>>>> HTH
>>>>> Regards,
>>>>> Dilip Krishnan
>>>>> MCAD, MCSD.net
>>>>> dkrishnan at geniant dot com
>>>>> http://www.geniant.com
>>>>>> I know how to authenticate to a webservice using either of these
>>>>>> ways(Assuming that rService represents the webservice):
>>>>>>
>>>>>> 1) rService.Credentials = new
>>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
>>>>>> 2)rService.Credentials =
>>>>>> System.Net.CredentialCache.DefaultCredentials;
>>>>>>
>>>>>> My question is that is there a way to authenticate to a user using
>>>>>> WindowsIdentity ???
>>>>>>
>>>>>> Thanks for your help
>>>>>>[/color][/color]
>
>[/color]

Hello Ray@Alirezaei.com,
It will not. You need to convert the Identity into an ICredential implementing
class. You could get the identity using the api and create a network credential
from the identity values

HTH
Regards,
Dilip Krishnan
MCAD, MCSD.net
dkrishnan at geniant dot com
http://www.geniant.com
[color=blue]
> I'd like to feed the output of this method which is of WindowsIdentity
> Type to Webservice in a way.I just wondered if the following
> statements do the same thing.
>[color=green][color=darkred]
>>>>>>> 1) rService.Credentials = new
>>>>>>> System.Net.NetworkCredential("username","password" ,"domainName")
>>>>>>> ; 2)rService.Credentials =
>>>>>>> System.Net.CredentialCache.DefaultCredentials;
>>>>>>>[/color][/color]
> thanks,
> ALI-R
> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
> news:229175632424486603471104@msnews.microsoft.com ...
>[color=green]
>> Hello ALI-R,
>>
>> Not sure I follow what you're trying to achieve... where do you hope
>> to
>> call the Createidentity method?
>> HTH
>> Regards,
>> Dilip Krishnan
>> MCAD, MCSD.net
>> dkrishnan at geniant dot com
>> http://www.geniant.com[color=darkred]
>>> Thanks ,I think I somehow underestood it.Correct me if I'm wrong
>>> please? Since we have enabled windows integrated authentication in
>>> our web service which is serverd by IIS ,using
>>>
>>>>>>> 1) rService.Credentials = new
>>>>>>> System.Net.NetworkCredential("username","password" ,"domainName")
>>>>>>> ; 2)rService.Credentials =
>>>>>>> System.Net.CredentialCache.DefaultCredentials;
>>>>>>>
>>> Infact we are using **WindowsIdentity** to authenticate to our
>>> webservice,right?
>>>
>>> What I was looking for is to authenticate to the webservice in
>>> something like where "LogonUser" is an API which I can use in
>>> conjunction with the WindowsIdentity class to create a new temporary
>>> identity to impersonate with later :
>>>
>>> public static WindowsIdentity CreateIdentity(string User, string
>>> Domain,
>>> string Password)
>>> {
>>> // The Windows NT user token.
>>> IntPtr tokenHandle = new IntPtr(0);
>>> const int LOGON32_PROVIDER_DEFAULT = 0;
>>> const int LOGON32_LOGON_NETWORK_CLEARTEXT = 3;
>>> tokenHandle = IntPtr.Zero;
>>> // Call LogonUser to obtain a handle to an access token.
>>> bool returnValue = LogonUser(User, Domain, Password,
>>> LOGON32_LOGON_NETWORK_CLEARTEXT,
>>> LOGON32_PROVIDER_DEFAULT,
>>> ref tokenHandle);
>>> if (false == returnValue)
>>> {
>>> int ret = Marshal.GetLastWin32Error();
>>> throw new Exception("LogonUser failed with error code:
>>> " +
>>> ret);
>>> }
>>> //The WindowsIdentity class makes a new copy of the token.
>>> //It also handles calling CloseHandle for the copy.
>>> WindowsIdentity id = new WindowsIdentity(tokenHandle);
>>> CloseHandle(tokenHandle);
>>> return id;
>>> }
>>> Thanks again,
>>> Ali-R
>>> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
>>> news:227216632424123641457360@msnews.microsoft.com ...
>>>> Hello ALI-R,
>>>> ws = web service. In your case web page as such is protected by IIS
>>>> (read
>>>> transport level). WS-Security gives you message level
>>> authentication/integrity/confidentiality
>>>
>>>> (has nothing to do with IIS or http). When you set the credentials
>>>> you are actually using windows/basic authentication supported by
>>>> IIS.
>>>>
>>>> HTH
>>>> Regards,
>>>> Dilip Krishnan
>>>> MCAD, MCSD.net
>>>> dkrishnan at geniant dot com
>>>> http://www.geniant.com
>>>>> what do you mean by they don't use windows security?
>>>>>
>>>>> Thanks
>>>>> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
>>>>> news:222455632423579221519936@msnews.microsoft.com ...
>>>>>> Hello ALI-R,
>>>>>> Both the methods you suggested use windows identity to
>>>>>> authenticate!
>>>>> Only
>>>>>
>>>>>> they dont use ws security. They use IIS authentication.
>>>>>>
>>>>>> HTH
>>>>>> Regards,
>>>>>> Dilip Krishnan
>>>>>> MCAD, MCSD.net
>>>>>> dkrishnan at geniant dot com
>>>>>> http://www.geniant.com
>>>>>>> I know how to authenticate to a webservice using either of these
>>>>>>> ways(Assuming that rService represents the webservice):
>>>>>>>
>>>>>>> 1) rService.Credentials = new
>>>>>>> System.Net.NetworkCredential("username","password" ,"domainName")
>>>>>>> ; 2)rService.Credentials =
>>>>>>> System.Net.CredentialCache.DefaultCredentials;
>>>>>>>
>>>>>>> My question is that is there a way to authenticate to a user
>>>>>>> using WindowsIdentity ???
>>>>>>>
>>>>>>> Thanks for your help
>>>>>>>[/color][/color][/color]

Why not use WSE which has rich support for security tokens such as
UsernameTokens and SecurityContextTokens?

--
William Stacey, MVP
http://mvp.support.microsoft.com

<Ray@Alirezaei.com> wrote in message
news:uvDzWyOBFHA.2104@TK2MSFTNGP14.phx.gbl...[color=blue]
> I'd like to feed the output of this method which is of WindowsIdentity[/color]
Type[color=blue]
> to Webservice in a way.I just wondered if the following statements do the
> same thing.[color=green][color=darkred]
> >>>>>> 1) rService.Credentials = new
> >>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
> >>>>>> 2)rService.Credentials =
> >>>>>> System.Net.CredentialCache.DefaultCredentials;[/color][/color]
>
> thanks,
> ALI-R
>
> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
> news:229175632424486603471104@msnews.microsoft.com ...[color=green]
> > Hello ALI-R,
> >
> > Not sure I follow what you're trying to achieve... where do you hope[/color][/color]
to[color=blue][color=green]
> > call the Createidentity method?
> > HTH
> > Regards,
> > Dilip Krishnan
> > MCAD, MCSD.net
> > dkrishnan at geniant dot com
> > http://www.geniant.com
> >[color=darkred]
> >> Thanks ,I think I somehow underestood it.Correct me if I'm wrong
> >> please? Since we have enabled windows integrated authentication in our
> >> web service which is serverd by IIS ,using
> >>
> >>>>>> 1) rService.Credentials = new
> >>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
> >>>>>> 2)rService.Credentials =
> >>>>>> System.Net.CredentialCache.DefaultCredentials;
> >>>>>>
> >> Infact we are using **WindowsIdentity** to authenticate to our
> >> webservice,right?
> >>
> >> What I was looking for is to authenticate to the webservice in
> >> something like where "LogonUser" is an API which I can use in
> >> conjunction with the WindowsIdentity class to create a new temporary
> >> identity to impersonate with later :
> >>
> >> public static WindowsIdentity CreateIdentity(string User, string
> >> Domain,
> >> string Password)
> >> {
> >> // The Windows NT user token.
> >> IntPtr tokenHandle = new IntPtr(0);
> >> const int LOGON32_PROVIDER_DEFAULT = 0;
> >> const int LOGON32_LOGON_NETWORK_CLEARTEXT = 3;
> >> tokenHandle = IntPtr.Zero;
> >>
> >> // Call LogonUser to obtain a handle to an access token.
> >> bool returnValue = LogonUser(User, Domain, Password,
> >> LOGON32_LOGON_NETWORK_CLEARTEXT,
> >> LOGON32_PROVIDER_DEFAULT,
> >> ref tokenHandle);
> >> if (false == returnValue)
> >> {
> >> int ret = Marshal.GetLastWin32Error();
> >> throw new Exception("LogonUser failed with error code:
> >> " +
> >> ret);
> >> }
> >> //The WindowsIdentity class makes a new copy of the token.
> >> //It also handles calling CloseHandle for the copy.
> >> WindowsIdentity id = new WindowsIdentity(tokenHandle);
> >> CloseHandle(tokenHandle);
> >> return id;
> >> }
> >> Thanks again,
> >> Ali-R
> >> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
> >> news:227216632424123641457360@msnews.microsoft.com ...
> >>
> >>> Hello ALI-R,
> >>> ws = web service. In your case web page as such is protected by IIS
> >>> (read
> >>> transport level). WS-Security gives you message level
> >> authentication/integrity/confidentiality
> >>
> >>> (has nothing to do with IIS or http). When you set the credentials
> >>> you are actually using windows/basic authentication supported by IIS.
> >>>
> >>> HTH
> >>> Regards,
> >>> Dilip Krishnan
> >>> MCAD, MCSD.net
> >>> dkrishnan at geniant dot com
> >>> http://www.geniant.com
> >>>> what do you mean by they don't use windows security?
> >>>>
> >>>> Thanks
> >>>> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
> >>>> news:222455632423579221519936@msnews.microsoft.com ...
> >>>>> Hello ALI-R,
> >>>>> Both the methods you suggested use windows identity to
> >>>>> authenticate!
> >>>> Only
> >>>>
> >>>>> they dont use ws security. They use IIS authentication.
> >>>>>
> >>>>> HTH
> >>>>> Regards,
> >>>>> Dilip Krishnan
> >>>>> MCAD, MCSD.net
> >>>>> dkrishnan at geniant dot com
> >>>>> http://www.geniant.com
> >>>>>> I know how to authenticate to a webservice using either of these
> >>>>>> ways(Assuming that rService represents the webservice):
> >>>>>>
> >>>>>> 1) rService.Credentials = new
> >>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
> >>>>>> 2)rService.Credentials =
> >>>>>> System.Net.CredentialCache.DefaultCredentials;
> >>>>>>
> >>>>>> My question is that is there a way to authenticate to a user using
> >>>>>> WindowsIdentity ???
> >>>>>>
> >>>>>> Thanks for your help
> >>>>>>[/color]
> >
> >[/color]
>
>[/color]

Do u mean Webservices Enhancements 2.0?

"William Stacey [MVP]" <staceywREMOVE@mvps.org> wrote in message
news:uoDDxmUBFHA.3616@TK2MSFTNGP11.phx.gbl...[color=blue]
> Why not use WSE which has rich support for security tokens such as
> UsernameTokens and SecurityContextTokens?
>
> --
> William Stacey, MVP
> http://mvp.support.microsoft.com
>
> <Ray@Alirezaei.com> wrote in message
> news:uvDzWyOBFHA.2104@TK2MSFTNGP14.phx.gbl...[color=green]
> > I'd like to feed the output of this method which is of WindowsIdentity[/color]
> Type[color=green]
> > to Webservice in a way.I just wondered if the following statements do[/color][/color]
the[color=blue][color=green]
> > same thing.[color=darkred]
> > >>>>>> 1) rService.Credentials = new
> > >>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
> > >>>>>> 2)rService.Credentials =
> > >>>>>> System.Net.CredentialCache.DefaultCredentials;[/color]
> >
> > thanks,
> > ALI-R
> >
> > "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
> > news:229175632424486603471104@msnews.microsoft.com ...[color=darkred]
> > > Hello ALI-R,
> > >
> > > Not sure I follow what you're trying to achieve... where do you hope[/color][/color]
> to[color=green][color=darkred]
> > > call the Createidentity method?
> > > HTH
> > > Regards,
> > > Dilip Krishnan
> > > MCAD, MCSD.net
> > > dkrishnan at geniant dot com
> > > http://www.geniant.com
> > >
> > >> Thanks ,I think I somehow underestood it.Correct me if I'm wrong
> > >> please? Since we have enabled windows integrated authentication in[/color][/color][/color]
our[color=blue][color=green][color=darkred]
> > >> web service which is serverd by IIS ,using
> > >>
> > >>>>>> 1) rService.Credentials = new
> > >>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
> > >>>>>> 2)rService.Credentials =
> > >>>>>> System.Net.CredentialCache.DefaultCredentials;
> > >>>>>>
> > >> Infact we are using **WindowsIdentity** to authenticate to our
> > >> webservice,right?
> > >>
> > >> What I was looking for is to authenticate to the webservice in
> > >> something like where "LogonUser" is an API which I can use in
> > >> conjunction with the WindowsIdentity class to create a new temporary
> > >> identity to impersonate with later :
> > >>
> > >> public static WindowsIdentity CreateIdentity(string User, string
> > >> Domain,
> > >> string Password)
> > >> {
> > >> // The Windows NT user token.
> > >> IntPtr tokenHandle = new IntPtr(0);
> > >> const int LOGON32_PROVIDER_DEFAULT = 0;
> > >> const int LOGON32_LOGON_NETWORK_CLEARTEXT = 3;
> > >> tokenHandle = IntPtr.Zero;
> > >>
> > >> // Call LogonUser to obtain a handle to an access token.
> > >> bool returnValue = LogonUser(User, Domain, Password,
> > >> LOGON32_LOGON_NETWORK_CLEARTEXT,
> > >> LOGON32_PROVIDER_DEFAULT,
> > >> ref tokenHandle);
> > >> if (false == returnValue)
> > >> {
> > >> int ret = Marshal.GetLastWin32Error();
> > >> throw new Exception("LogonUser failed with error code:
> > >> " +
> > >> ret);
> > >> }
> > >> //The WindowsIdentity class makes a new copy of the token.
> > >> //It also handles calling CloseHandle for the copy.
> > >> WindowsIdentity id = new WindowsIdentity(tokenHandle);
> > >> CloseHandle(tokenHandle);
> > >> return id;
> > >> }
> > >> Thanks again,
> > >> Ali-R
> > >> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
> > >> news:227216632424123641457360@msnews.microsoft.com ...
> > >>
> > >>> Hello ALI-R,
> > >>> ws = web service. In your case web page as such is protected by IIS
> > >>> (read
> > >>> transport level). WS-Security gives you message level
> > >> authentication/integrity/confidentiality
> > >>
> > >>> (has nothing to do with IIS or http). When you set the credentials
> > >>> you are actually using windows/basic authentication supported by[/color][/color][/color]
IIS.[color=blue][color=green][color=darkred]
> > >>>
> > >>> HTH
> > >>> Regards,
> > >>> Dilip Krishnan
> > >>> MCAD, MCSD.net
> > >>> dkrishnan at geniant dot com
> > >>> http://www.geniant.com
> > >>>> what do you mean by they don't use windows security?
> > >>>>
> > >>>> Thanks
> > >>>> "Dilip Krishnan" <dkrishnan@NOSPAM.geniant.com> wrote in message
> > >>>> news:222455632423579221519936@msnews.microsoft.com ...
> > >>>>> Hello ALI-R,
> > >>>>> Both the methods you suggested use windows identity to
> > >>>>> authenticate!
> > >>>> Only
> > >>>>
> > >>>>> they dont use ws security. They use IIS authentication.
> > >>>>>
> > >>>>> HTH
> > >>>>> Regards,
> > >>>>> Dilip Krishnan
> > >>>>> MCAD, MCSD.net
> > >>>>> dkrishnan at geniant dot com
> > >>>>> http://www.geniant.com
> > >>>>>> I know how to authenticate to a webservice using either of these
> > >>>>>> ways(Assuming that rService represents the webservice):
> > >>>>>>
> > >>>>>> 1) rService.Credentials = new
> > >>>>>> System.Net.NetworkCredential("username","password" ,"domainName");
> > >>>>>> 2)rService.Credentials =
> > >>>>>> System.Net.CredentialCache.DefaultCredentials;
> > >>>>>>
> > >>>>>> My question is that is there a way to authenticate to a user[/color][/color][/color]
using[color=blue][color=green][color=darkred]
> > >>>>>> WindowsIdentity ???
> > >>>>>>
> > >>>>>> Thanks for your help
> > >>>>>>
> > >
> > >[/color]
> >
> >[/color]
>[/color]

> Do u mean Webservices Enhancements 2.0?

Yes :)
--wjs

I'm reading that now but before going further,
Can I flow the SecurityContextTokens from a webservice on one server to
another webservice on another server using WSE ?

Thanks,
"William Stacey [MVP]" <staceywREMOVE@mvps.org> wrote in message
news:%23XwjK4VBFHA.2180@TK2MSFTNGP12.phx.gbl...[color=blue][color=green]
> > Do u mean Webservices Enhancements 2.0?[/color]
>
> Yes :)
> --wjs[/color]

Yes. There is doco on how to use SCTs in a web farm using a DB as the
"cache" so that all servers can see the SCTs.
http://www.microsoft.com/indonesia/msdn/sctinfarm.asp
--
William Stacey, MVP
http://mvp.support.microsoft.com

"ALI-R" <newbie@microsoft.com> wrote in message
news:OTPChkWBFHA.1292@TK2MSFTNGP10.phx.gbl...[color=blue]
> I'm reading that now but before going further,
> Can I flow the SecurityContextTokens from a webservice on one server to
> another webservice on another server using WSE ?
>
> Thanks,
> "William Stacey [MVP]" <staceywREMOVE@mvps.org> wrote in message
> news:%23XwjK4VBFHA.2180@TK2MSFTNGP12.phx.gbl...[color=green][color=darkred]
> > > Do u mean Webservices Enhancements 2.0?[/color]
> >
> > Yes :)
> > --wjs[/color]
>
>[/color]

Let me describe you my problem:

I 'm using a webpart which is on the sharepoint portal server to connect to
another webservice (which Reporting Services expose to the out-side world)
on a completely different Server.
My problem is that because Sharepoint authenticates the user (And I'm using
Windows Integrated Security in IIS) the token that user represents is gone
and I can't use that token to authenticate to the other webservice so I was
curious to see if I can make a WindowsIdentity in my webpart(in sharepoint)
by which I can impersonate the user (or a privilaged account) to
authenticate to the webservice the Reporting services exposes.I know that
,RS webservice might not using WSE 2.0 ,but I can write another
webservice(using WSE 2.0) which gets my credetional and authenticate to the
Reoporting services webservice.how about that?

Thanks for monitoing this thread.

Ali-R
"William Stacey [MVP]" <staceywREMOVE@mvps.org> wrote in message
news:%23qjS8%23WBFHA.2876@TK2MSFTNGP12.phx.gbl...[color=blue]
> Yes. There is doco on how to use SCTs in a web farm using a DB as the
> "cache" so that all servers can see the SCTs.
> http://www.microsoft.com/indonesia/msdn/sctinfarm.asp
> --
> William Stacey, MVP
> http://mvp.support.microsoft.com
>
> "ALI-R" <newbie@microsoft.com> wrote in message
> news:OTPChkWBFHA.1292@TK2MSFTNGP10.phx.gbl...[color=green]
> > I'm reading that now but before going further,
> > Can I flow the SecurityContextTokens from a webservice on one server to
> > another webservice on another server using WSE ?
> >
> > Thanks,
> > "William Stacey [MVP]" <staceywREMOVE@mvps.org> wrote in message
> > news:%23XwjK4VBFHA.2180@TK2MSFTNGP12.phx.gbl...[color=darkred]
> > > > Do u mean Webservices Enhancements 2.0?
> > >
> > > Yes :)
> > > --wjs[/color]
> >
> >[/color]
>[/color]

Authenticate to a webservice by WindowsIdentity

Post your reply

Question stats

Most Active

Most Questions Answered

Top Questions

Latest Questions

Similar topics

More