Auth Problem

Discussion in 'ASP .Net Security' started by Nikolay Petrov, Oct 19, 2004.

  1. I have the following web method:

    <WebMethod()> _
    Public Function Test_CurrentCredentials() As String()
    Dim tmpArr(2) As String
    tmpArr(0) = "User: " &
    System.Threading.Thread.CurrentPrincipal.Identity.Name
    tmpArr(1) =
    System.Threading.Thread.CurrentPrincipal.Identity.AuthenticationType.ToString
    tmpArr(2) =
    System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated.ToString
    Return tmpArr
    End Function

    In my app I call it this way:
    Dim tmpArr() as string
    Dim svc As New WebReference.Service1
    svc.Credentials = System.Net.CredentialCache.DefaultCredentials
    tmpArr = svc.Test_CurrentCredentials

    The app is Windows Forms app.

    When I run the app I get the following error:
    The request failed with HTTP status 401: Access Denied


    I have Disabled Anonymous authentication for my Web Service folder. Only
    Integrated Windiows Authentication is active.
    In my Web Service web.config file I have thi line:
    <authentication mode="Windows" />
    When Anonymous is Enabled I can connect to service.

    I have auditing turned on and doesn't show nothing.
    What is the problem?

    Tia
     
    Nikolay Petrov, Oct 19, 2004
    #1
    1. Advertising

  2. Also with "Basic" Authentication everything works fine

    "Nikolay Petrov" <> wrote in message
    news:%...
    >I have the following web method:
    >
    > <WebMethod()> _
    > Public Function Test_CurrentCredentials() As String()
    > Dim tmpArr(2) As String
    > tmpArr(0) = "User: " &
    > System.Threading.Thread.CurrentPrincipal.Identity.Name
    > tmpArr(1) =
    > System.Threading.Thread.CurrentPrincipal.Identity.AuthenticationType.ToString
    > tmpArr(2) =
    > System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated.ToString
    > Return tmpArr
    > End Function
    >
    > In my app I call it this way:
    > Dim tmpArr() as string
    > Dim svc As New WebReference.Service1
    > svc.Credentials = System.Net.CredentialCache.DefaultCredentials
    > tmpArr = svc.Test_CurrentCredentials
    >
    > The app is Windows Forms app.
    >
    > When I run the app I get the following error:
    > The request failed with HTTP status 401: Access Denied
    >
    >
    > I have Disabled Anonymous authentication for my Web Service folder. Only
    > Integrated Windiows Authentication is active.
    > In my Web Service web.config file I have thi line:
    > <authentication mode="Windows" />
    > When Anonymous is Enabled I can connect to service.
    >
    > I have auditing turned on and doesn't show nothing.
    > What is the problem?
    >
    > Tia
    >
     
    Nikolay Petrov, Oct 19, 2004
    #2
    1. Advertising

  3. This sounds like a double hop issue to me then. You probably have an
    impersonation token with WIA and a primary token with Basic. The
    impersonation token can't make another machine hop, but the primary token
    can.

    The solution to this is usually to use delegation.

    http://msdn.microsoft.com/vstudio/u...l/SecNetHT05.asp?FRAME=true#ImplementKerberos

    Joe K.

    "Nikolay Petrov" <> wrote in message
    news:...
    > Also with "Basic" Authentication everything works fine
    >
    > "Nikolay Petrov" <> wrote in message
    > news:%...
    >>I have the following web method:
    >>
    >> <WebMethod()> _
    >> Public Function Test_CurrentCredentials() As String()
    >> Dim tmpArr(2) As String
    >> tmpArr(0) = "User: " &
    >> System.Threading.Thread.CurrentPrincipal.Identity.Name
    >> tmpArr(1) =
    >> System.Threading.Thread.CurrentPrincipal.Identity.AuthenticationType.ToString
    >> tmpArr(2) =
    >> System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated.ToString
    >> Return tmpArr
    >> End Function
    >>
    >> In my app I call it this way:
    >> Dim tmpArr() as string
    >> Dim svc As New WebReference.Service1
    >> svc.Credentials = System.Net.CredentialCache.DefaultCredentials
    >> tmpArr = svc.Test_CurrentCredentials
    >>
    >> The app is Windows Forms app.
    >>
    >> When I run the app I get the following error:
    >> The request failed with HTTP status 401: Access Denied
    >>
    >>
    >> I have Disabled Anonymous authentication for my Web Service folder. Only
    >> Integrated Windiows Authentication is active.
    >> In my Web Service web.config file I have thi line:
    >> <authentication mode="Windows" />
    >> When Anonymous is Enabled I can connect to service.
    >>
    >> I have auditing turned on and doesn't show nothing.
    >> What is the problem?
    >>
    >> Tia
    >>

    >
    >
     
    Joe Kaplan \(MVP - ADSI\), Oct 19, 2004
    #3
  4. Is the app on the calling computer running as a domain user account? If not,
    you might want to replace

    svc.Credentials = System.Net.CredentialCache.DefaultCredentials

    with:

    Dim credentials=New NetworkCredential("domainuser", "password", "MYDOMAIN")
    svc.Credentials=credentials




    "Nikolay Petrov" wrote:

    > Also with "Basic" Authentication everything works fine
    >
    > "Nikolay Petrov" <> wrote in message
    > news:%...
    > >I have the following web method:
    > >
    > > <WebMethod()> _
    > > Public Function Test_CurrentCredentials() As String()
    > > Dim tmpArr(2) As String
    > > tmpArr(0) = "User: " &
    > > System.Threading.Thread.CurrentPrincipal.Identity.Name
    > > tmpArr(1) =
    > > System.Threading.Thread.CurrentPrincipal.Identity.AuthenticationType.ToString
    > > tmpArr(2) =
    > > System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated.ToString
    > > Return tmpArr
    > > End Function
    > >
    > > In my app I call it this way:
    > > Dim tmpArr() as string
    > > Dim svc As New WebReference.Service1
    > > svc.Credentials = System.Net.CredentialCache.DefaultCredentials
    > > tmpArr = svc.Test_CurrentCredentials
    > >
    > > The app is Windows Forms app.
    > >
    > > When I run the app I get the following error:
    > > The request failed with HTTP status 401: Access Denied
    > >
    > >
    > > I have Disabled Anonymous authentication for my Web Service folder. Only
    > > Integrated Windiows Authentication is active.
    > > In my Web Service web.config file I have thi line:
    > > <authentication mode="Windows" />
    > > When Anonymous is Enabled I can connect to service.
    > >
    > > I have auditing turned on and doesn't show nothing.
    > > What is the problem?
    > >
    > > Tia
    > >

    >
    >
    >
     
    Ted Callander, Oct 19, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Q2hyaXMgTW9oYW4=?=

    Configuring Windows Auth & Forms Auth in Asp.Net

    =?Utf-8?B?Q2hyaXMgTW9oYW4=?=, Apr 28, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    742
    =?Utf-8?B?Q2hyaXMgTW9oYW4=?=
    Apr 28, 2004
  2. =?Utf-8?B?ZGhucml2ZXJzaWRl?=

    Windows Auth, but Forms Auth for one page?

    =?Utf-8?B?ZGhucml2ZXJzaWRl?=, Jan 8, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    600
    Elton Wang
    Jan 8, 2005
  3. Mark Chai
    Replies:
    1
    Views:
    752
    Christophe Vanfleteren
    Oct 1, 2003
  4. Chris Mohan

    Configuring Windows Auth & Forms Auth in Asp.Net

    Chris Mohan, Apr 28, 2004, in forum: ASP .Net Security
    Replies:
    2
    Views:
    464
    Chris Mohan
    Apr 29, 2004
  5. Forms Auth Info passed to Windows Auth?

    , Apr 28, 2005, in forum: ASP .Net Security
    Replies:
    1
    Views:
    247
    Hernan de Lahitte
    May 3, 2005
Loading...

Share This Page