Re: both Windows and Custom Authentication for Web Services
- From: "Tiago Halm" <thalm@xxxxxxxxxxxxxxxxxx>
- Date: Tue, 11 Mar 2008 23:59:51 -0000
I'd use two different WebSites/VDirs, one for internal, the other for
external.
However, if that presents a problem, then try this approach:
Assuming you know how to detect an internal access by IPAddress, check if
the request is authenticated. If not, send a 401 which will force IIS to
dictate its authentication modes which will include Integrated Auth (NTLM or
Negotiate, NTLM). That way you force the internal user to use Integrated
Auth and force the external user to perform the custom authentication
process (which I assume you have).
Tiago Halm
"Daniel P." <DanielP@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C125EA69-4190-4DEE-BE0F-BB2179FC4BC6@xxxxxxxxxxxxxxxx
I expose a collection of services using Win 2003 server and web services. I
need to support both Windows authentication for internal user and custom
for
outside users.
I configure IIS to use both Anonymous access and Integrated Windows
authentication.
WSLogon logon = new WSLogon();
logon.PreAuthenticate = true;
logon.Credentials = CredentialCache.DefaultCredentials;
but when I get on the other side, in the WS class,
this.User.Identity.IsAuthenticated
is False.
The only time it is true is when only Integrated Windows authentication is
checked in the ISS settings for my WS app.
Is there a way I can support both Win auth and Custom auth on the same WS
application?
I know that I can create two identical WS apps one supporting Win Auth and
the other custom (Anonymous) but that will complicate things since the
config
file for the internal and external clients will point to different URLs.
.
- Prev by Date: Re: CSR - Won't process pending request
- Next by Date: Re: Howto refresh IIS 6 Application pool identity credential info
- Previous by thread: Re: CSR - Won't process pending request
- Next by thread: IIS Kerberos Authentication issue;
- Index(es):
Relevant Pages
|
