Re: Routing Userrights to another ASP.Net Webapplication



In order to make this type of scenario work, you need to implement Kerberos
delegation. If you are able to do that, then DefaultCredentials will work
ok.

Kerberos delegation can be a challenge to set up, but there are many
documents from Microsoft that explain how.

You probably won't change anything from a coding perspective. It is mostly
an act of configuration.

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"T. Beneke" <t.beneke@xxxxxxxxxxxxxx> wrote in message
news:ejqAYQrBJHA.3512@xxxxxxxxxxxxxxxxxxxxxxx
I've got a ASP.Net Application, whos running on an IIS with integrated
security. This Application offers a download for documents who are not
hosted in the ASP.Net Application. It's hosted on a several SharePoint
Server and all servers are in the same domain. A User has access to both
of the Server.
I want to handle a request from the ASP.Net Application to the SharePoint
with the userrights (usercredential) of the current user.

Here is a samplesourcecode to explain:

Dim WC As New System.Net.WebClient
...
'WC.Credentials = CredentialCache.DefaultCredentials ' doesn't work
'WC.Credentials = CredentialCache.DefaultNetworkCredentials 'doesn't work
WC.Creddentials = New Net.NetworkCredential("mr.x", "password",
"domain...") ' works fine!!! but in the current context I've got no
password
Return WC.DownloadData("http://sampleserver/subdir/sample.pdf";)
...

i need something like:
WC.Credentials = HttpContext.Current.User.Credentials 'this is only an
example it dosn't exist

Has anybody an idea?

Thanks
Thomas


.



Relevant Pages

  • Re: UNC Virtual Directories; NTFS permission authentication not ac
    ... If you want Kerberos delegation to work, you need to have everything setup correctly end-to-end. ... The browser must authenticate using Kerberos, which means that both IE must attempt Kerberos *and* the relevant server SPNs must be created/set correctly. ... > Windows Authentication option the ...
    (microsoft.public.inetserver.iis.security)
  • Re: Delegation through Linked Server Stops working
    ... "Troubleshooting Kerberos delation" is nearly a 90 page doc. ... you do when/if you open a ticket. ... This post was about delegation working and then suddenly ... delegation on linked server fails in our network when we use ...
    (microsoft.public.sqlserver.security)
  • Re: Delegation: IIS Server setup in typical 3-tier scenario.
    ... doesn't already have an SPN and/or you need to change the existing SPN. ... Kerberos is being used - it just means that an API is used to determine what ... so I'm trying to set up delegation. ... Authenticated using NTLM not Kerberos on the Web Server. ...
    (microsoft.public.inetserver.iis.security)
  • Re: EFS error: event id: 6203 on Windows Server 2003
    ... Trusted for delegation was not enabled, but that didn't solve my problem. ... encrypted on our old file server which is in the meantime switecd off. ... Also to encrypt files ... > are using NTLM authentication rather than Kerberos. ...
    (microsoft.public.win2000.security)
  • Re: Multiple logon when accessing office documents
    ... Do you run sharepoint in NTLM or Kerberos mode? ... First off i'm running sharepoint services on server 2003 with SSL. ... I've seen articles on how to do it on sharepoint server but ...
    (microsoft.public.sharepoint.windowsservices)