473,803 Members | 2,599 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

<identity> Issues w/Web Service

I have a web service configured with Anonymous access disabled.
The calling client, prior to executing a method on the service,
sets its network credentials for the IIS to authenticate:

CredentialCache cacheVU = new CredentialCache ();
cacheVU.Add( new Uri(<my url here>), "Negotiate" ,new
NetworkCredenti al( Username, Password, Domain) );

WebServiceProxy .Credentials = cacheVU;
My web service method works OK. However, I need to access a network
share, so I wanted to use the

<identity impersonate="tr ue" />

setting in my web service's web.config file. However,
when I try to access the remote share, I get an access denied error:
Access to the path "..." is denied

However, if I change the <identity> element and add the "username"
and "password" attributes - which are the same username and password
that the web service authentication use, it works OK.

I thought the <identity> w/o the username/password should
inherit the user context.

I added some debug statements, and displayed:

- Thread.CurrentP rincipal.Identi ty
- WindowsIdentity .GetCurrent
- User.Identity

and in both cases ( with and without explicit username/password in the
<identity> element), the
dumped names are the same, so I am assuming the impersonation is
enabled. So, why are my access rights denied for the case w/o the
explicit username/password defined?

Nov 19 '05 #1
1 1347
its because of the 1 hop rule with nt authentication. to tlak to another
server server, the process need a primary token. when you set the user name
password in the webconfig, the web service has a primary token and can talk
to other network services as that user. when impersonating the login from
the user, this is not a primary token (thats on the client box), and can not
be used to access resouces on another server.

you have 2 work arounds

1) use basic instead of ntlm (should use https in this case as the password
passes in clear text). this will give the webservice a primary token.
2) use Kerberos, and allow creditial forwarding.

-- bruce (sqlwork.com)

<no*******@comc ast.net> wrote in message
news:11******** **************@ z14g2000cwz.goo glegroups.com.. .
I have a web service configured with Anonymous access disabled.
The calling client, prior to executing a method on the service,
sets its network credentials for the IIS to authenticate:

CredentialCache cacheVU = new CredentialCache ();
cacheVU.Add( new Uri(<my url here>), "Negotiate" ,new
NetworkCredenti al( Username, Password, Domain) );

WebServiceProxy .Credentials = cacheVU;
My web service method works OK. However, I need to access a network
share, so I wanted to use the

<identity impersonate="tr ue" />

setting in my web service's web.config file. However,
when I try to access the remote share, I get an access denied error:
Access to the path "..." is denied

However, if I change the <identity> element and add the "username"
and "password" attributes - which are the same username and password
that the web service authentication use, it works OK.

I thought the <identity> w/o the username/password should
inherit the user context.

I added some debug statements, and displayed:

- Thread.CurrentP rincipal.Identi ty
- WindowsIdentity .GetCurrent
- User.Identity

and in both cases ( with and without explicit username/password in the
<identity> element), the
dumped names are the same, so I am assuming the impersonation is
enabled. So, why are my access rights denied for the case w/o the
explicit username/password defined?

Nov 19 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
1238
<identity impersonate> and NETWORK ACCESS DB-HELP
by: Christian Binder | last post by:
Hi folks. got a problem: i want to connect to an access db which is located on a network drive (seperate server). The server's name, where the access db is located, is "SERVER001" and the server, where my webApp runs is named "SERVER002". So i already learned that i have to create a user on server001 which has exactly the same name as the user on server002 (ASPNET?)...alright here comes the code: web.config: <identity impersonate="true"...
ASP.NET
1
2024
Access to the path <pathname> is denied.
by: Scott Vercuski | last post by:
Everyone, I'm lost as to why I'm getting the following Error message on my ..NET application. Here's the error message I'm getting: ------------------------------------------------------------------------------- Access to the path <path> is denied. Description: An unhandled exception occurred during the execution of
ASP.NET
2
7283
Accessing resources fails with <identity impersonate="true"/>
by: franzhe | last post by:
Hi all, in a simple ASP.Net application with resources in satellite assemblies I have the following problem: If I set <identity impersonate="true"/>, accessing a culture specific resource from a satellite assembly fails with the error message: "Could not find any resources appropriate for the specified culture (or the neutral culture) in the given assembly. ..."
ASP.NET
0
957
Strange Prob With Web.config <<identity> section.
by: Sonal | last post by:
I am trying to impersonate user with windows account. If I write following lines in web.config it show error <identity impersonate="true" userName="contoso\Jane" password="pass"/> ERROR: Error while trying to run project: Unable to start debugging on the web server. Server side-error occurred on sending debug HTTP request. Make sure the server is operating correctly. Verify there are no syntax
ASP.NET
3
2467
URGENT: Strange Prob With Web.config <<identity> section.
by: Sonal | last post by:
I am trying to impersonate user with windows account. If I write following lines in web.config it show error <identity impersonate="true" userName="contoso\Jane" password="pass"/> ERROR: Error while trying to run project: Unable to start debugging on the web server. Server side-error occurred on sending debug HTTP request. Make sure the server is operating correctly. Verify there are no syntax
ASP.NET
6
3140
Effects of <identity impersonate="true"/>
by: Meena Desai | last post by:
Hi, What are the effects of using <identity impersonate="true"/> in web.config on windows auhtentication? Does it affect windows security? Thanx in advance, Meena.
ASP.NET
3
5911
What is the Use of <Identity Impersonate="true">
by: Raghuram | last post by:
Hi, What is the use of <Identity Impersonate="true" /> How can we implement this in an ASP.NET application When are we supposed to use this. please provide me the details with an Example. Raghuram
ASP.NET
1
1479
Problems With the <location> element in my Web.Config
by: paris baughman | last post by:
Im trying to setup impersonation in the root directory and turn it off ( false ) in another directory. im doing to allow my crystal reports to work ( as i get the login failed message ) and also ensure that only certain people has access to the maintenance folder ( impersonation = true ). Here is the webconfig : <?xml version="1.0" encoding="utf-8"?> <configuration> <system.web>
ASP.NET
232
13381
Requesting advice how to clean up C code for validating string represents integer
by: robert maas, see http://tinyurl.com/uh3t | last post by:
I'm working on examples of programming in several languages, all (except PHP) running under CGI so that I can show both the source files and the actually running of the examples online. The first set of examples, after decoding the HTML FORM contents, merely verifies the text within a field to make sure it is a valid representation of an integer, without any junk thrown in, i.e. it must satisfy the regular expression: ^ *?+ *$ If the...
C / C++
0
10542
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
10309
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
10289
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
1
7600
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
6840
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
5625
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
4274
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
3795
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
3
2968
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us