WSE 3 Oct - username over transport -- dotnet web services enhancements

Henrik_Gøttig
10/25/2005 12:00:00 AM

Hi group

I am using WSE 3 Oct CTP and the username over transport assertion.

I created a Webservice and the corresponding proxy. Both decorated with
i the Policy attribute where I defined the policy (UserNameOverTransport).

I keep getting 401 - Access denied errors.

In the client I supply credentials by using the ClientCredentials
property of my WSE generated WS proxy class. I construct the credentials
using UserNameToken and with the parameters username, password and no
password encryption option as the last parameter.

There's no role authorisation on the server side.

Another question is of more general interest:

When my user gets authenticated (against Active Directory I guess) does
the roles (groups in AD) my user is in also get applied by the WSE
infrastructure, so that I can issue a IsUserInRole() from code to verify
the authorization inside a webmethod programtically?

Regards

Henrik

Zoodor
10/26/2005 12:30:03 AM

For the first point, have you checked your virtual directory settings? Can
you connect to the asmx page from a web browser?

On the second issue, if you are using the default UsernameTokenManager
(which it sounds like you are), then Wse will create a WindowsPrincipal
object that you can use to query role membership - have you read the hands on
lab, it's the best way of learning about Wse that I've found:

http://www.microsoft.com/downloads/details.aspx?familyid=9ACD1F8E-97E2-43E2-B484-A74A014A8206&displaylang=en

[quoted text, click to view]

Henrik GÃ¸ttig
10/26/2005 9:51:09 AM

[quoted text, click to view]

Hi Zoodor

Thanx for the link. It cleared things up and it now works like charm.

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages about dotnet web services enhancements

dotnet web services enhancements : WSE 3 Oct - username over transport