A
Anthony Paul
Hello everyone!
I have the following problem :
I have a remoting service hosted through IIS called "MyService".
MyService has the standard login method (username, password) that
encapsulates an authentication mechanism that results in the
Thread.CurrentPrincipal being set to a newly created principal.
I also have a winforms client that accesses MyService through a proxy.
I have a test button set up where it creates a MyService proxy, calls
the login method, calls a test method that returns some info, and
posts that info for my viewing pleasure. My windows account is MyDomain
\Me and I am currently logged in using this account, but I want to log
in to MyService via my winforms client app as a different account
called SuperFreak so I have my test button call the Login method
passing in SuperFreak as a username. I click my test button, the info
pops up as expected, and I'm a happy camper.
I now create an asp.net web client that has the exact same interface,
test button and all. I click my test button, log in goes through fine,
but no results. I proceed to attach my VS debugger to the aspnet
process to debug MyService. Upon inspection I realize that I'm not
getting anything back because it seems I don't have permissions even
though I'm using the same username and password. Upon further
inspection I realize that although Thread.CurrentPrincipal is being
set correctly during login (it gets set to SuperFreak as it should),
any subsequent calls made through the proxy uses my windows
authentication principal instead (MyDomain\Me). This doesn't happen
when I make the calls through my winforms client; once the login sets
the Thread.CurrentPrincipal to SuperFreak, it remains that way through
subsequent calls.
This seems to be a context problem and I'm currently trying to wrap my
head around it, but in the meantime I thought I'd stop by and see if
anyone would give me some pointers.
Regards!
Anthony
I have the following problem :
I have a remoting service hosted through IIS called "MyService".
MyService has the standard login method (username, password) that
encapsulates an authentication mechanism that results in the
Thread.CurrentPrincipal being set to a newly created principal.
I also have a winforms client that accesses MyService through a proxy.
I have a test button set up where it creates a MyService proxy, calls
the login method, calls a test method that returns some info, and
posts that info for my viewing pleasure. My windows account is MyDomain
\Me and I am currently logged in using this account, but I want to log
in to MyService via my winforms client app as a different account
called SuperFreak so I have my test button call the Login method
passing in SuperFreak as a username. I click my test button, the info
pops up as expected, and I'm a happy camper.
I now create an asp.net web client that has the exact same interface,
test button and all. I click my test button, log in goes through fine,
but no results. I proceed to attach my VS debugger to the aspnet
process to debug MyService. Upon inspection I realize that I'm not
getting anything back because it seems I don't have permissions even
though I'm using the same username and password. Upon further
inspection I realize that although Thread.CurrentPrincipal is being
set correctly during login (it gets set to SuperFreak as it should),
any subsequent calls made through the proxy uses my windows
authentication principal instead (MyDomain\Me). This doesn't happen
when I make the calls through my winforms client; once the login sets
the Thread.CurrentPrincipal to SuperFreak, it remains that way through
subsequent calls.
This seems to be a context problem and I'm currently trying to wrap my
head around it, but in the meantime I thought I'd stop by and see if
anyone would give me some pointers.
Regards!
Anthony