System.Net.CredentialsCache.DefaultCredentials not working

T

tom.sorensen

Hi.

I'm trying to authenticate from an asp.net client to a web service on
two different machines is the same domain. From what i gather I'm
supposed to use the following code in my client in order to
authenticate using my domain credentials:

service.Credentials = CredentialCache.DefaultCredentials ;

I am using windows integrated authentication. I can get this to work if
I use a NetworkCredential object and supply username, password and
domain, but this is not desireable.When I try to use DefaultCredentials
I get a 401 access denied response.

The IIS log files on the web service server does not contain any user
other than the ones where i supply the network credentials with a
hardcoded user.
 
M

Martin.Kunc

Hallo Tom,
this all looks as dual hop problem to me. The core is when you are
authenticating to one resource with your name/password, you will het
something called primary token, what is a thing, you can operate just
on one computer - this is a constraint done by windows implementation
and security reasons.
Either you can use kerberos tokens and set this all in active directory
(less secure) - you need a seperated computer and user who has this
allowed in AD.
Or you need to use basic authentication. In this way, you are passing
clear user name and password, so your application can in all phases get
a new primary token.
Did all this helped you ?
Martin
 
T

Tom-Einar

Hi Martin.

Thank you for your response. I've read about the dual hop problem
before. What troubles me is that my domain user does not appear in the
log files on the client machine either. The other thing is that when I
use a windows application as a client, the result is the same. This
scenario should not result in a dual hop problem, should it?

If I must, I will try to use Kerberos. Do you know where I can find
more info on this subject?

Tom

(e-mail address removed) skrev:
 
T

Tom-Einar

Correction:

This problem does not happen when using a windows application.
Definately seems to be a double hop problem. Still want to know how to
configure Kerberos if you have any links :)

Tom

Tom-Einar skrev:
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

React native post-request is not working 1
401: Unauthorized. Problem calling web service from forms authenti 1
CredentialCache.DefaultCredentials Not working 0
My `warn delete` subcommand is not working as expected, please help me out 0
SQLSTATE[08006] [7] could not translate host name "pgsql" to address: Name or service not known 1
Web service autentication problem when call another web service 0
401 Error on POST using DefaultCredentials 0
Authenticate to a Web Service 7

Staff online

Members online

Total: 34 (members: 1, guests: 33)
Robots: 186

Forum statistics

Threads
473,755
Messages
2,569,534
Members
45,007
Latest member
obedient dusk

Latest Threads

Top