How do I access a web service on another machine on different domains

I

Ian

Can anyone help

I have a web server on the internet with and ASP.NET application on it, the
application is set to allow Anonymous Access and Integrated Windows. The
Web.config is set to use Forms authentication. On the server side, where
the web server is I have set IIS to disable Anonymous access and allow
Integrated Windows. I have sync'd both the APSNET account on the web
servers and application server so that access will be granted to the web
service without the need for impersonation. However, it does not work !!!

I have identified that if I set the credentials for the web service it will
work, but this involves hard-coding as follows.

' Set the client-side credentials using the Credentials property.
Dim credentials = New NetworkCredential("ASPNET", "password")
oAuth.Credentials = Credentials

Can anyone help???
 
S

S. Justin Gengo

Ian,

When a web service is protected passing credentials to it is how you are
supposed to connect to it.

Sincerely,

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
 
R

Rick Strahl [MVP]

Are you setting the credentials on the Web client?

If you're running a Fat Client app (Windows Forms App) you can automatically
retrieve the default credentials of the logged in user like this:

oService.Credentials = CredentialCache.DefaultCredentials;

This will pass the logged in user's credentials to the Web server. From the
browser this obviously won't work though. There you would have to prompt
explicitly out of the code for username and password.

+++ Rick ---

Rick Strahl
West Wind Technologies
http://www.west-wind.com/
http://www.west-wind.com/wwHelp
 
I

Ian

The setup is as follows

2x IIS5 W2K Advanced Server (NLB)
Firewall
1x IIS5 W2K Application Server
1x SQL Server Database

The Logon application is housed on the web servers as an ASP.NET
application, this has a reference to the web service on the Application
server via port 80 on the firewall. In turn the Application server has a
Serviced Component used for talking to the database housing the appropriate
authorisation for database access.

I have tried using oService.Credentials =
CredentialCache.DefaultCredentials, in the knowledge that the ASP.NET worker
process runs as the ASPNET local account, therefore should the default
credentials not be populated with those of the ASPNET account?

The alternative to this is to create a new NetworkCredential, hard coding
the user name, password and domain....this is not really considered as an
option !

Are you therefore saying that only a Windows Form App can populate the
CredentialCache.DefaultCredentials ???

Regards
Ian
 
L

Lewis Wang [MSFT]

Hi Lan,

By default, ASPNET is a local user account, which won't be trusted by
another machine in the domain.

To resolve this issue, we can perform the following steps:

1. Create a domain account on the web server and let aspnet_wp.exe run on
this account by modifying machine.config file.
2. Create a trust relationship from the application server to the web
server.
3. Modify the NTFS permission of the folder on the web service server, and
allow the folder to be accessed by the account in another domain.

Then, the web service can be accessed by the account in another domain. You
can check the following links to implement this:

315158 FIX: ASP.NET Does Not Work with the Default ASPNET Account on a
Domain
http://support.microsoft.com/?id=315158

228477 HOW TO: Determine Trust Relationship Configurations
http://support.microsoft.com/?id=228477

Hope this helps.

Best regards,
Lewis

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| From: "Ian" <[email protected]>
| References: <[email protected]>
<[email protected]>
| Subject: Re: How do I access a web service on another machine on
different domains
| Date: Thu, 14 Aug 2003 09:02:58 +0100
| Lines: 84
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
| Message-ID: <#[email protected]>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: 212.137.21.132
| Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.framework.aspnet:167767
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| The setup is as follows
|
| 2x IIS5 W2K Advanced Server (NLB)
| Firewall
| 1x IIS5 W2K Application Server
| 1x SQL Server Database
|
| The Logon application is housed on the web servers as an ASP.NET
| application, this has a reference to the web service on the Application
| server via port 80 on the firewall. In turn the Application server has a
| Serviced Component used for talking to the database housing the
appropriate
| authorisation for database access.
|
| I have tried using oService.Credentials =
| CredentialCache.DefaultCredentials, in the knowledge that the ASP.NET
worker
| process runs as the ASPNET local account, therefore should the default
| credentials not be populated with those of the ASPNET account?
|
| The alternative to this is to create a new NetworkCredential, hard coding
| the user name, password and domain....this is not really considered as an
| option !
|
| Are you therefore saying that only a Windows Form App can populate the
| CredentialCache.DefaultCredentials ???
|
| Regards
| Ian
|
| | > Are you setting the credentials on the Web client?
| >
| > If you're running a Fat Client app (Windows Forms App) you can
| automatically
| > retrieve the default credentials of the logged in user like this:
| >
| > oService.Credentials = CredentialCache.DefaultCredentials;
| >
| > This will pass the logged in user's credentials to the Web server. From
| the
| > browser this obviously won't work though. There you would have to prompt
| > explicitly out of the code for username and password.
| >
| > +++ Rick ---
| >
| > Rick Strahl
| > West Wind Technologies
| > http://www.west-wind.com/
| > http://www.west-wind.com/wwHelp
| > ----------------------------------
| > Making waves on the Web
| >
| >
| > | > > Can anyone help
| > >
| > > I have a web server on the internet with and ASP.NET application on
it,
| > the
| > > application is set to allow Anonymous Access and Integrated Windows.
| The
| > > Web.config is set to use Forms authentication. On the server side,
| where
| > > the web server is I have set IIS to disable Anonymous access and allow
| > > Integrated Windows. I have sync'd both the APSNET account on the web
| > > servers and application server so that access will be granted to the
web
| > > service without the need for impersonation. However, it does not work
| !!!
| > >
| > > I have identified that if I set the credentials for the web service it
| > will
| > > work, but this involves hard-coding as follows.
| > >
| > > ' Set the client-side credentials using the Credentials property.
| > > Dim credentials = New NetworkCredential("ASPNET", "password")
| > > oAuth.Credentials = Credentials
| > >
| > > Can anyone help???
| > >
| > >
| >
| >
|
|
|
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,906
Latest member
SkinfixSkintag

Latest Threads

Top