Re: Anonymous and integrated authentication for Web service
- From: David Wang <w3.4you@xxxxxxxxx>
- Date: Fri, 28 Mar 2008 06:32:02 -0700 (PDT)
On Mar 28, 5:42 am, iamahulk <iamah...@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
Thanks for the answer.
Can you tell me where to look for information on how to create a .net client
which will use credentials before trying anonymous?
I tried changing values in the UseDefaultCredentials and Credentials
properties, but it appears to always try anonymous, since the web service I'm
testing Isn't authenticating when I have anonymous enabled.
"Ken Schaefer" wrote:
Yes - David is saying that this can be done.
BUT
You need to write the client appropriately. An off-the-shelf HTTP client
(like a browser) doesn't work this way. It will just make an anonymous
request by default. Only if the server denies the request (with a 401) will
it ask the user for credentials.
In your case, you need to write a client that will automatically try
Integrated Windows Auth *first* rather than trying anonymous first (or a
client that detects whether it's on the internel network or not and adjusts
it's request appropriately)
Cheers
Ken
--
My IIS blog:http://adopenstatic.com/blog
"iamahulk" <iamah...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C3683122-41DE-4D2D-B5C7-99CAC9567706@xxxxxxxxxxxxxxxx
I'm not sure if I understand what you're saying. Some clients will be
accessing the webservice while on our network and have windows
credentials,
others from outside our network will call the service without credentials.
Given this are you saying they both can call the same web service?
Is this simply a matter of configuring the web service in IIS to:
Enable anonymous access
and
Integrated Windows authentication
Because I've read other posting where this doesn't work
"David Wang" wrote:
On Mar 26, 9:36 am, iamahulk <iamah...@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
Is it possible using IIS(version 6) to have both Anonymous and
integrated
authentication for a web service?
By this I mean can it do intergrated authentication when the
credentials
exist, but if they don't allow an anonymous connection? (For a single
URL)
Yes, IIS supports such "fallback" authentication protocol, but only if
the Web Service Client initiates it.
If the WebService Client always tries Integrated First and if it
fails, retry with Anonymous, then you can simply configure IIS6 Web
Service to allow both Anonymous and Integrated.
If you cannot control the client, then you will have to write and run
custom software on the server to enforce such proprietary behavior.
There are no standard authentication protocol which works like this.
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//- Hide quoted text -
- Show quoted text -
Change the client to .PreAuthenticate.
UseDefaultCredentials and Credentials property change the user
identity on authentication, not ordering of authentication.
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
.
- Follow-Ups:
- Re: Anonymous and integrated authentication for Web service
- From: iamahulk
- Re: Anonymous and integrated authentication for Web service
- References:
- Anonymous and integrated authentication for Web service
- From: iamahulk
- Re: Anonymous and integrated authentication for Web service
- From: David Wang
- Re: Anonymous and integrated authentication for Web service
- From: Ken Schaefer
- Re: Anonymous and integrated authentication for Web service
- From: iamahulk
- Anonymous and integrated authentication for Web service
- Prev by Date: Re: Anonymous and integrated authentication for Web service
- Next by Date: Still expired password changing using IISADMPWD with IIS6
- Previous by thread: Re: Anonymous and integrated authentication for Web service
- Next by thread: Re: Anonymous and integrated authentication for Web service
- Index(es):
Relevant Pages
|
