Re: Security design question
- From: "Joe Kaplan \(MVP - ADSI\)" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 20 Apr 2006 11:25:01 -0500
You should be able to. Since forms authentication requires that you capture
the user's plain text credentials in order to implement the login, you
should be able to store those and then forward them in your web service
proxy using the Credentials property. The .NET web service proxy base class
(which uses HttpWebRequest under the hood) will negotiate Basic auth (or
Digest or IWA) automatically if credentials are supplied.
Delegation is more tricky if you don't have plain text credentials, as in
that case you need to use a Windows OS feature like Kerberos delegation in
order to do the same thing. That is how that scenario is typically
implemented in situations that use IWA on the front end. The basic
architecture principle is the same though.
Joe K.
"Jeremy Chapman" <please@Idontlikespam> wrote in message
news:OwpT67IZGHA.2376@xxxxxxxxxxxxxxxxxxxxxxx
If the client application uses forms authentication can that be delegated
to the web services which uses basic authentication? Where can I find
some information on how to implement delegation like this?
.
- References:
- Security design question
- From: Jeremy Chapman
- Re: Security design question
- From: Joe Kaplan \(MVP - ADSI\)
- Re: Security design question
- From: Jeremy Chapman
- Security design question
- Prev by Date: Forms authentication credentials fail
- Next by Date: Re: WMI: Access Denied error when connecting remote machine
- Previous by thread: Re: Security design question
- Next by thread: strange Formsauthentication behavior
- Index(es):
Relevant Pages
|
|
