Re: help on caller credentials !! :-(



several things..

a) as Joe pointed out - switch to Network Service
b) you get the client identity from Thread.CurrentPrincipal
c) if you want to delegate the token to a backend service you need an impersonationLevel="Delegation"
d) you additionally need impersonate="true" in your config file, you you wanto to use the auto impersonation feature


very much like the sample you downloaded ;)


-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

Dear all,

I start to loose my hairs. Hoep someone could help me to recover..:-)
I have build a remote object hosted in a Windows Service runing as
LocalService.
I have then a claient application which calling that remote object and
based
on the caller credential I shouzld authorise hit or not to access to
back end
database.
The situation is as follow :
My client is running as BOB. BOB is calling the remote object for data
storage. What I try to do is retriveing the caller credential from my
remote
object in order to athauticated for further process. The problem is
that when
I check the wndows identity on my server side, it return the context
on which
my service is running and not my caller's context.
MY server config file is as follow :

<channels>
<!--<channel ref="tcp" port="8090"
useDefaultCredentials="False">-->
<channel ref="tcp" port="8090" secure="True"
impersonationLevel="Impersonate" protectionLevel="EncryptAndSign">
<serverProviders>
<formatter ref="binary" typeFilterLevel="Full"/>
</serverProviders>
</channel>
</channels>
Note that I am using .NEt 2.0

Thnaks again for your help ( I am fighting for a full week now on this
grrr
:-()
regards
serge


.