Trying to work around double hops

Discussion in 'ASP .Net Security' started by ghause, Apr 6, 2009.

  1. ghause

    ghause Guest

    I have a web application on server1 and a web service on server2. They both
    require integrated authentication. Kerberos is not an option.

    I'm trying to do the following, but I don't know if it can work, or if I am
    going in the right direction.

    1. Create web service to act as a proxy on server1 using integrated
    authentication
    2. Run this service in its own application pool under a domain user account.
    3. Theoritically I can run the service on server1 as this domain user,
    passing those credentials to the service on server2 which is configured to
    accept requests from this user. This service could also be called by the app
    on server1 because they are on the same box. Server (2003)

    I can not get the proxy to return me anything but my own id when requesting
    WindowsIdentityName or Thread.CurrentPrincipal.Identity.Name.

    This makes me think, I am missing something minor, or what I am trying to do
    is impossible. I would rather not explicitly impersonate this generic user if
    I do not have to.

    TIA
    ghause, Apr 6, 2009
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sydex
    Replies:
    12
    Views:
    6,489
    Victor Bazarov
    Feb 17, 2005
  2. ttt
    Replies:
    5
    Views:
    1,137
    red floyd
    Jan 25, 2010
  3. Calvine Chew

    Remote uploading with hops?

    Calvine Chew, Apr 28, 2004, in forum: Perl Misc
    Replies:
    3
    Views:
    85
    Calvine Chew
    Apr 30, 2004
  4. pradeep nair
    Replies:
    2
    Views:
    146
    Josef Moellers
    Nov 20, 2009
  5. pradeep nair
    Replies:
    1
    Views:
    203
    Martijn Lievaart
    Nov 21, 2009
Loading...

Share This Page