Calling COM Server from ASP.NET WebService - impersonation problem

Hi,

I want to call a COM+ server from a webservice. I want to use the client
credentials so I have set
<authentication mode="Windows"/>
<identity impersonate="true"/>
Calling the webservice is no problem but the COM service fails because it
still runs under the ASPNET account (I have XP SP2 and IIS 5.1). So
impersonation fails partly. When I step into the webservice with the debugger
and check the current User it is the client as it should be. But inside the
COM server I have output the current user also and that is ASPNET, which has
insufficient rights to do the job of the COM server (which is querying a
hierarchical db via a custom API).
The COM server is actually a Delphi program.

What can I do? How do I get the COM server called using the clients
credentials? I thought that would happen automatically since the webmethod is
running using the clients identity.

Here a test webservice method, which sends a mail to me showing me the
credentials used inside the webservice and inside the COM service

[WebMethod]
public bool SendAMail(string address, string header, string body)
{
try
{
// this is a COM server sending smtp mails.
SendAMailProject.SendAMailClass sendMail =
new SendAMailProject.SendAMailClass();

sendMail.SendMail(
/*array with receivers*/ new string[] { address },
/* subject */ header + " send from " + User.Identity.Name,
/* message*/ body);
return true;
}
catch
{
return false;
}
}

When I call the webmethod with the parameters
SendAMail("me@xxxxxxxxxxxxx", "Test", "don't care")
it returns true.

Since the COM server uses the current user as sender address I can see it in
the mail I receive. It is
ASPNET

The subject shows the client that has called the webservice and at this
point it is really the client who called the webservice. Up to this point
impersonation has worked:
Test send from mydomain\myaccount

Thanks in advance,
Gangolf

.

Relevant Pages

  • RE: 404 Not Found
    ... Can a config file possibly tell it not to look in hte GAC? ... what's the current trustLevel of your ASP.NET webservice on the server ... >> whether it is client side related..... ...
    (microsoft.public.dotnet.framework.webservices)
  • Re: Webservice problem (after iisreset)
    ... I was speaking about whatever means you're suing the make the call from the client. ... If it already waits one minute for the failure then it sounds like the timeout is already high enough. ... So use wsdl.exe to generate a .NET proxy to your webservice to see if that style of client has the same problems or not. ... If it does, then it sounds like something on the server, if it does not then it's likley your HTC framework. ...
    (microsoft.public.dotnet.framework.aspnet.webservices)
  • Re: Web service testing
    ... To test if my code was faulty or not, I back-ported the web service to a standard 2.0 web service using Visual Studio 2005. ... The service is run under IIS on a Windows 2003 server, so there are no server side connection limits that can explain this. ... ASP.NET webservice application. ... In addition, since the problems occur at client, you can use Visual studio ...
    (microsoft.public.dotnet.framework.webservices)
  • Reuse of Remoting Channels...
    ... makes it possible for the server to know the identity of the caller. ... If my client is on the other side of a Windows 'realm' (as in the ... RemotingConfiguration options) to reject any clients whose credentials ... "Remoting server cannot be reached. ...
    (microsoft.public.dotnet.framework.remoting)
  • Re: SSPI Kerberos for delegation
    ... We want the authentication to happen without providing credentials ... But SSPI while authenticating from the client to the server can do mutual ...
    (comp.protocols.kerberos)