wse vs "windows integrated"

Y

yonido

hello,

i would like to implement a secure web service based on the active
directory, without using HTTPS / SSL, using the Kerberos mechanism.

As documentation mentions - Checking "Windows Integrated" & attaching
CredentialCache.DefaultCredentails to the web service will suffice
(will use the kerberos mechanism).

On the other hand, lots of articles mentions that i must use WSE2.0 and
MANUALLY add the token.
examples:
- http://www.codeproject.com/cs/webservices/SecurityTokens.asp
- http://www.15seconds.com/issue/040602.htm

is "Windows Integrated" enough?

thanks.
 
H

Henning Krause [MVP]

Hello,

WSE is transport independent, so you can build Web Services via raw TCP or
even SMTP if you like. In this case you must attach the Kerberos token
yourself. .NET Web Services (.ASMX files) hosted by the IIS rely on the HTTP
protocol instead. In this case, Kerberos authentication is done on the HTTP
Level, and not on the SOAP level, so using
CredentialCache.DefaultCredentials is sufficient.

Greetings,
Henning Krause
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Help with Paypal Live Transactions 1
Integrated Authentication with SSL 6
IIS 7.0 and Windows Integrated Authentication? 1
Weird Windows integrated authentication problem between Web serviceand SQL Server 0
IIS6.0 vs IIS5.1 - Integrated Windows Authentication Issue 1
WS-Policy and WSE problems! 13
Code based Integrated Windows Authentication 1
Windows Authentication and web services with WSE 2.0 1

Members online

No members online now.
Total: 34 (members: 0, guests: 34)
Robots: 330

Forum statistics

Threads
473,755
Messages
2,569,537
Members
45,021
Latest member
AkilahJaim

Latest Threads

Top