I'm in a bit of a bind concerning web services and integrated
authentication. I'll give you a little background as to what I'm trying
to do ...
I have a client application that calls a web service. The web service
uses integrated windows authentication (with identity impersonation =
true in Web.Config) with anonymous authentication turned off in IIS.
Calling the web service works as expected - users that can get to it
get to it, users that don't get a 401 Access Denied. I want this web
service to also make a call to a database sitting on a remote SQL
Server using the same credentials that were passed through to the web
service (for example, Domain\UserA access web service, web service
calls Sql Server with login of Domain\UserA. UserB access web service,
web service calls SQL Server with login of Domain\UserB, etc.)
The problem arises when I try to access the SQL box; I always get the
following error:
Login failed for user '(null)'. Reason: Not associated with a trusted
SQL Server connection.
I've seen numerous posts about this online, but none really with a
definitive answer as to what I should do. If I use Basic Authentication
in IIS with everything else unchecked, the web service works (except it
always asks for a login/password, thus throwing a 401 code when the
client app tries calling it). I figure there has to be a way to get
these credentials to be passed through in a secure manner, I just
haven't found it.
Does anyone have any ideas?
Thanks!
ClintDid you set WebClientProtocol.Credentials in client side?
It is the double-hop' limitation of NTLM authentication. The client's
credentials can make one hop from the client machine to the
application server, the server cannot then use those credentials to
make a second network hop without some additional config work.
See: http://blogs.msdn.com/nunos/archive...3/12/88468.aspx
--
Scott
http://www.OdeToCode.com/blogs/scott/
On 20 Dec 2004 12:36:04 -0800, "cmueller@.online.nospam"
<cjmueller@.gmail.com> wrote:
>Hey all -
>I'm in a bit of a bind concerning web services and integrated
>authentication. I'll give you a little background as to what I'm trying
>to do ...
>I have a client application that calls a web service. The web service
>uses integrated windows authentication (with identity impersonation =
>true in Web.Config) with anonymous authentication turned off in IIS.
>Calling the web service works as expected - users that can get to it
>get to it, users that don't get a 401 Access Denied. I want this web
>service to also make a call to a database sitting on a remote SQL
>Server using the same credentials that were passed through to the web
>service (for example, Domain\UserA access web service, web service
>calls Sql Server with login of Domain\UserA. UserB access web service,
>web service calls SQL Server with login of Domain\UserB, etc.)
>The problem arises when I try to access the SQL box; I always get the
>following error:
>Login failed for user '(null)'. Reason: Not associated with a trusted
>SQL Server connection.
>I've seen numerous posts about this online, but none really with a
>definitive answer as to what I should do. If I use Basic Authentication
>in IIS with everything else unchecked, the web service works (except it
>always asks for a login/password, thus throwing a 401 code when the
>client app tries calling it). I figure there has to be a way to get
>these credentials to be passed through in a secure manner, I just
>haven't found it.
>Does anyone have any ideas?
>Thanks!
>Clint
Shoot - I was afraid that was the case. I had figured that there'd be a
generally easy way to do this, but I guess not.
Anyway, thanks for your reply!
Clint
0 comments:
Post a Comment