Re: Forward Credentials from ASP.NET Web-application to ASP.NET Web-Service?
From: Sean Dowling (nyq2000_at_hotmail.com)
Date: 06/30/04
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: Forward Credentials from ASP.NET Web-application to ASP.NET Web-Service?"
- Previous message: Paul Glavich [MVP - ASP.NET]: "Re: Identity.IsAuthenticated always false ??"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: Forward Credentials from ASP.NET Web-application to ASP.NET Web-Service?"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Forward Credentials from ASP.NET Web-application to ASP.NET Web-Service?"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Forward Credentials from ASP.NET Web-application to ASP.NET Web-Service?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 30 Jun 2004 06:22:00 -0700
Hi,
Thanks for the insight... I will look into Kerberos. I was sort of
hoping for something where I could construct the credentials based on
the Security Principal but I guess that's not possible.
Just so I understand - when you're talking about getting the username
and password from Basic authentication, are you referring to base64
decoding the Authorization header? I did try that and just got back a
small string that wasn't the username or password. I think I may have
had it configured incorrectly because the word "basic" wasn't in there
anywhere which I believe it is supposed to be...
Thanks again,
Sean
"Joe Kaplan \(MVP - ADSI\)" <joseph.e.kaplan@removethis.accenture.com> wrote in message news:<O6y9XnAWEHA.3524@TK2MSFTNGP12.phx.gbl>...
> Using Windows Integrated authentication in the ASP.NET application, this can
> be done if you use impersonation in the ASP.NET app and enabled Kerberos
> delegation. Kerberos delegation allows the token that IIS generates on the
> ASP.NET box to hop to the machine on the web services box.
>
> There are a bunch of references to Kerberos delegation in the MS Knowledge
> Base. Kerberos can be tricky, so I suggest you read up on it.
>
> Also, if you use Basic Authentication in the ASP.NET application, it is
> trivially easy to get the user's username and password directly from the
> request headers or server variables and pass those directly to your proxy
> class.
>
> HTH,
>
> Joe K.
>
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: Forward Credentials from ASP.NET Web-application to ASP.NET Web-Service?"
- Previous message: Paul Glavich [MVP - ASP.NET]: "Re: Identity.IsAuthenticated always false ??"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: Forward Credentials from ASP.NET Web-application to ASP.NET Web-Service?"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Forward Credentials from ASP.NET Web-application to ASP.NET Web-Service?"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Forward Credentials from ASP.NET Web-application to ASP.NET Web-Service?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
