H
Homa
Hi all,
I'm exploring how to make authentication works with WebService.
I've setup the WebService with no anonymous access and using
Integrated Windows authentication.
In my web-app or win-app, if I set the Credentials to
System.Net.CredentialCache.DefaultCredentials, it runs fine.
But since I want to identify my caller, I try to do the following:
<code>
(using System.Net
CredentialCache cache = new CredentialCache();
cache.Add(new Uri(myWebServiceProxy.Url), "Negotiate",
new NetworkCredential("myUsername", "myPassword"));
myWebServiceProxy.Credentials = cache;
</code>
And now I get Access Denied.
I tried to use admin's username/password, ASPNET/myStrongPassword.
Am I doing it the right way? What have I missed?
Information:
In machine.config, I set processModel with username="machine",
password="myStrongPassword"
When I look at the debugger, the DefaultCredentials contains the
SystemNetworkCredential with username/password/domain == "" (m_xxx =
undefined).
I'm trying to follow the suggestion from the book "Building Secure
Microsoft ASP.NET Applications - Authenticaion, Authorization, and
Secure Communication -- patters & practices" from Microsoft Press,
page 240.
Thanks for concern,
Homa Wong
I'm exploring how to make authentication works with WebService.
I've setup the WebService with no anonymous access and using
Integrated Windows authentication.
In my web-app or win-app, if I set the Credentials to
System.Net.CredentialCache.DefaultCredentials, it runs fine.
But since I want to identify my caller, I try to do the following:
<code>
(using System.Net
CredentialCache cache = new CredentialCache();
cache.Add(new Uri(myWebServiceProxy.Url), "Negotiate",
new NetworkCredential("myUsername", "myPassword"));
myWebServiceProxy.Credentials = cache;
</code>
And now I get Access Denied.
I tried to use admin's username/password, ASPNET/myStrongPassword.
Am I doing it the right way? What have I missed?
Information:
In machine.config, I set processModel with username="machine",
password="myStrongPassword"
When I look at the debugger, the DefaultCredentials contains the
SystemNetworkCredential with username/password/domain == "" (m_xxx =
undefined).
I'm trying to follow the suggestion from the book "Building Secure
Microsoft ASP.NET Applications - Authenticaion, Authorization, and
Secure Communication -- patters & practices" from Microsoft Press,
page 240.
Thanks for concern,
Homa Wong