Last post Jun 05, 2014 09:41 PM by adian_J
May 30, 2014 07:17 AM|vernmic|LINK
so i have an app on a webserver, user clicks a button i send a System.net.webrequest to a webservice on a different box in the network that then sends an xml response.
works on local maching with default credentials;
works on web server if i hardcode my active directory username and password;
doesnt work on web server using default network credentials; I get am xml response from the web service of user "webServerName$" is not valid user;
if i try to use a non active directory domain username and password provided for me for the web service admin of webserviceservername/webservice, webservicepw
as the httpwebrequest credentials it works on my local but from the app web server the getresponse() to the webrequest to the web service gets a 401 error and no attempt to negiociate the authentication is made
so somehow i think even though i passed the webservice username and pass and it worked running from vs on my local box it was still somehow doing the ntlsm handshake with my windows domain credentials
i tried using impersonation
user = windowsidentity.getcurrent()
impersonationcontext = user.impersonate before the httprequest but that seems to do nothing
seem to have no way to tie that impersonation to the webrequest credtials.
my current ideas is to try adding the webServerName$ as an authorized user of the webservice and use defaultnetworkcredential for the system.net.webrequest
however my ideal solution if possible is to somehow use a token or impersonation to pass the domain user credentials through to the webservice request
without having my web app ask the user for his password to create a new networkcredential object with it.
i need the webserver to be able to impersonate the client on remote systems basically is what im thinking.
so user on network -> my webapp -> webservice on other computer -> my webapp -> to user
all the domain users using my webapp are authorized users for the backend db/application the webservice is connected to.
web app is on iis7 on server 2008 using a .net 4.0 app pool
so floor is open to smarter people to show me the light
Jun 05, 2014 09:41 PM|adian_J|LINK
Please have a look at below article, it show us about how to call a Web service by using a client certificate for authentication in an ASP.NET Web application, hope this helps.