HELP with Impersonation

B

blue_nirvana

I'm new to the impersonation thing and so I was hoping I could get some help.
I have a Web Service that is setup to use Integrated authenication with
anonymous access turned off. I call the web service using:

Dim ws as New Webservicename.Service1()
ws.Credentials = New NetworkCredential("username", "password", "domain")
ws.DoSomething()

The web service works perfect if I have the following:

<identity impersonate="true" userName="domain\username" password="password"/>

located in the webconfig file, but does not work if I use:

<identity impersonate="true" />

Using either one, I get authenicated using the credentials I pass in. I can
see this by using WindowsIdentity.GetCurrent().Name. Looks like using the
later does not make all request using that impersonation.

From my understanding using, <identity impersonate="true"
userName="domain\username" password="password"/> in the webconfig file,
causes all request in my web service to use that impersonation. But using,
<identity impersonate="true" /> doesn't. I don't want to store a username
and password in the webconfig file. I always want to pass the credentials
in. Finally the question: How can I use <identity impersonate="true" /> and
pass in the credentals and force all request to be called using that
impersonation?

Hope this makes sense.

Thanks
 
O

Ostap Radkovskyy

If I understand you correctly, I've been doing something similar:

asp.net web app (windows authentication , impersonate true) <-> asp.net web
service (windows authentication, impersonate true)

Using this scheme, on web service side you will have both identity and
principal of the user working with asp.net web app
 
B

blue_nirvana

Yes I have both the identity and principal of the user, but only using,
<identity impersonate="true" userName="domain\username"
Anybody know why?

Thanks,
 
H

Henning Krause [MVP]

Hello,

you need to add a

<configuration>
<system.web>
<authentication mode="Windows" />
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>to you web config.

Then the impersonation should work as expected.

Greetings,
Henning Krause
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

asp.net impersonation 1
Impersonation 1
Impersonation with users of 2 domain (nor trusted) 0
Newbie question about impersonation 5
Setting impersonation values programmatically 1
impersonation issue when executing a Process.Start("Shutdown",strArgs) 0
Windows Server 2008 impersonation. 3
Impersonation problem 2

Members online

Total: 31 (members: 1, guests: 30)
Robots: 198

Forum statistics

Threads
473,769
Messages
2,569,582
Members
45,066
Latest member
VytoKetoReviews

Latest Threads

Top