Re: Anonymous access required for .NET web services?

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 03/26/04

  • Next message: Joe Kaplan \(MVP - ADSI\): "Re: Debugging Partially Trusted Code" 
    Date: Fri, 26 Mar 2004 09:44:59 -0600

    If you are using Windows security in IIS, you need to make sure you are
    passing credentials in your proxy client. Check out the credentials
    property on your SoapHttpClientProtocol.

    Depending on whether you are using Windows Integrated authentication or
    Basic, you can use either DefaultCredentials (from the CredentialsCache) or
    create a NetworkCredential object with username and password specified.

    It is also completely possible to provide the security for your web services
    at the message level instead of at the transport level by using technologies
    such as WS-Security and Microsoft's Web Services Extensions, but that would
    require you to rearchitect your solution.

    HTH,

    Joe K.

    "rgilmore" <anonymous@discussions.microsoft.com> wrote in message
    news:A351A3CD-ADB6-44D0-AF26-BBF37E3944AE@microsoft.com...
    > Hi,
    >
    > We have a .NET server application running under IIS. A C#.NET client
    running on a workstation communicates with the server using .NET web
    services ( .asmx). Some customers have found that if they disable anonymous
    access to IIS, the client can no longer communicate with the server. And
    some customers are not willing to leave anonymous access enabled, because of
    security concerns.
    >
    > I am relatively new to IIS, I have an apache background. I want to know
    if there is anything we can do to work around this problem without changing
    our server/client code, such as asking the customer to create a user on the
    client and server machine and somehow using that account to access IIS? Not
    sure how that would be done.
    >
    > If we are required to change our code to make this work, what do we need
    to do?
    >
    > thanks
    > Robb

  • Next message: Joe Kaplan \(MVP - ADSI\): "Re: Debugging Partially Trusted Code"

    Relevant Pages

    • RE: 401.2 Errors
      ... the server name as their proxy server, ... really understand the point in deploying the Firewall Client to all clients. ... I had a look at the log file but it only seems to be ... recording access that the IIS Server itself goes through. ...
      (microsoft.public.windows.server.sbs)
    • Re: Connect Computer Problem at 2 Customer Sites
      ... I understand this issue to be: the client ... please restart the IIS service. ... join the domain has got the valid IP address and DNS server address in the ... Microsoft Online Newsgroup Support ...
      (microsoft.public.windows.server.sbs)
    • Re: Problem with connect computer wizard
      ... You mentioned that you're using Anonymous access with Administrator ... Open ConnectComputer properties in IIS. ... And there is only the DNS server be configured on client ...
      (microsoft.public.windows.server.sbs)
    • Re: IIS6 caching
      ... On the server side, IIS6 will cache static files in kernel mode response ... No. IIS compression was not enabled. ... >>>> a client site or proxy caching issue. ...
      (microsoft.public.inetserver.iis)
    • Reuse of Remoting Channels...
      ... makes it possible for the server to know the identity of the caller. ... If my client is on the other side of a Windows 'realm' (as in the ... RemotingConfiguration options) to reject any clients whose credentials ... "Remoting server cannot be reached. ...
      (microsoft.public.dotnet.framework.remoting)