HIGHLY URGENT: Does Passport authentication pass on to web service

Discussion in 'ASP .Net Security' started by Lopamudra, Jan 18, 2005.

  1. Lopamudra

    Lopamudra Guest

    I have 2 webservers, one running a web application and the other a web
    service. The web application calls a web method of the web service internally
    to get some data. This web application is a passport enabled site, hence when
    the user logs on, it requests the user to log in with passport.

    Both the web application and the web service use the PassportIdentity
    object to retrieve the ClientPUID of the user. So we have installed the
    Passport SDK on both the web servers.

    My question is, If the user gets authenticated against passport in the web
    application (web server1), will he be automatically authenticated in the web
    service (in web server2) called by the web application. Basically I should be
    able to retrieve the ClientPUID in the web service also without
    reauthentication.

    Please treat this as VERY VERY URGENT.
    Lopamudra, Jan 18, 2005
    #1
    1. Advertising

  2. My guess is no, but that depends a lot on how your web service is being
    called. Are you using transport level security or does your web service
    take credentials in the message itself (using something like WSE2 or by
    simply passing username data in the XML body)?

    If you are using transport level security, then it will depend on the
    credentials you have enabled for your proxy class and there is no way that
    I'm aware of to supply passport credentials that way (although I could be
    wrong there).

    There might also be a way to pass the passport cookie to the web service in
    hopes that it will accept that as authentication, but I don't know if that
    will work either. It is worth a shot.

    Joe K.

    "Lopamudra" <> wrote in message
    news:...
    > I have 2 webservers, one running a web application and the other a web
    > service. The web application calls a web method of the web service
    > internally
    > to get some data. This web application is a passport enabled site, hence
    > when
    > the user logs on, it requests the user to log in with passport.
    >
    > Both the web application and the web service use the PassportIdentity
    > object to retrieve the ClientPUID of the user. So we have installed the
    > Passport SDK on both the web servers.
    >
    > My question is, If the user gets authenticated against passport in the web
    > application (web server1), will he be automatically authenticated in the
    > web
    > service (in web server2) called by the web application. Basically I should
    > be
    > able to retrieve the ClientPUID in the web service also without
    > reauthentication.
    >
    > Please treat this as VERY VERY URGENT.
    Joe Kaplan \(MVP - ADSI\), Jan 18, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sudhir Pai

    Passport Authentication in ASP.NET

    Sudhir Pai, Jul 7, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    770
    Cowboy \(Gregory A. Beamer\)
    Jul 7, 2003
  2. =?Utf-8?B?U3Rhbg==?=

    Passport authentication -- how can I debug it?

    =?Utf-8?B?U3Rhbg==?=, Apr 16, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    369
    Steven Cheng[MSFT]
    Apr 21, 2004
  3. Kathy
    Replies:
    0
    Views:
    333
    Kathy
    Jul 27, 2004
  4. Lopamudra
    Replies:
    0
    Views:
    123
    Lopamudra
    Dec 13, 2004
  5. Lopamudra
    Replies:
    0
    Views:
    108
    Lopamudra
    Jan 18, 2005
Loading...

Share This Page