M
Marco
Hi All,
this is the scenario:
- "Hello World" web service on Machine A
- winform client on Machine B
- asp.net webform client on Machine B
Everything is Windows Server 2003 on the same domain, anonymous access
turned off in IIS, Integrated Windows Authentication is checked. I use the
following code to invoke the web service (same code on the winform and the
webform):
MachineA.Service1 svc = new MachineA.Service1();
svc.PreAuthenticate = true;
svc.Credentials = System.Net.CredentialCache.DefaultCredentials;
string result = svc.HelloWorld();
The code works from the winform, while I get a "401 Unauthorized" from the
asp.net webform (I have the impersonate="true" flag set in the web.config
file of my asp.net application). Now, here is where things get interesting:
- If I host the web service on MachineB (everything is local), the call
works fine from the web form.
- If instead of using DefaultCredentials, I use:
svc.Credentials = new System.Net.NetworkCredential("username", "password",
"domain");
The call works as well. I was looking into the audit trail of MachineA, and
I've seen that in the case of the webform using DefaultCredentials, the
actuall logon comes from NT AUTHORITY\ANONYMOUS LOGON instead of being the
domain user that is running the app. I do not think that it's a delegation
issue, since I am getting kicked out right at the first hop...
Any idea would be greatly appreciated, I am close to bang my head against
the wall for the desperation
- Marco
this is the scenario:
- "Hello World" web service on Machine A
- winform client on Machine B
- asp.net webform client on Machine B
Everything is Windows Server 2003 on the same domain, anonymous access
turned off in IIS, Integrated Windows Authentication is checked. I use the
following code to invoke the web service (same code on the winform and the
webform):
MachineA.Service1 svc = new MachineA.Service1();
svc.PreAuthenticate = true;
svc.Credentials = System.Net.CredentialCache.DefaultCredentials;
string result = svc.HelloWorld();
The code works from the winform, while I get a "401 Unauthorized" from the
asp.net webform (I have the impersonate="true" flag set in the web.config
file of my asp.net application). Now, here is where things get interesting:
- If I host the web service on MachineB (everything is local), the call
works fine from the web form.
- If instead of using DefaultCredentials, I use:
svc.Credentials = new System.Net.NetworkCredential("username", "password",
"domain");
The call works as well. I was looking into the audit trail of MachineA, and
I've seen that in the case of the webform using DefaultCredentials, the
actuall logon comes from NT AUTHORITY\ANONYMOUS LOGON instead of being the
domain user that is running the app. I do not think that it's a delegation
issue, since I am getting kicked out right at the first hop...
Any idea would be greatly appreciated, I am close to bang my head against
the wall for the desperation
- Marco