|
|
You're in the
dotnet web services enhancements
group:SoapClient authentication
dotnet web services enhancements:
I'm trying to use WSE through a Proxy class generated with WseWsdl2 in order to be independent from the transport protocol. My service is implemented through a ASP.Net Web Service (with WSE). I'm trying to authenticate users (like I used to do with Intergrated Security in IIS and Network Credentials in the client for the standard Web Services). Is there any way to do that? Ijust want to allow only Windows authenticated users to use my service but without loosing the flexibility of the trsnaport protocol independence. Thanks a lot --
Hi Pablo,
Thanks for the answer. I have some doubts about that. My application doesn't know the username and password (everything works with Integrated Security) so I don't have the password to create the UserNameToken. Is there any way to use it without requesting the user password to the user? If I derive my service from SoapService, is it possible to implement it as ASMX (standard Web Service)? or Do I have to make mayor changes? Thanks a lot. -- LucasC [quoted text, click to view] "Pablo Cibraro" wrote:
> Hi Lucas, > The answer is yes. First all, your service must derive from SoapService in > order to make it independent from the transport protocol as well. > Regarding to the authentication question, you can do that using an > UsernameToken as client token. > The default UsernameTokenManager shipped in WSE authenticates user against a > valid windows account (Using the API "LogonUser" ), > so in that case it works as Windows authentication. > > Regards, > Pablo Cibraro > www.lagash.com > > > "LucasC" <msdn@rmya.com.ar> wrote in message > news:51E4B6A9-1506-418F-A8AD-F3E3AD3E0737@microsoft.com... > > Hi, > > I'm trying to use WSE through a Proxy class generated with WseWsdl2 in > > order > > to be independent from the transport protocol. My service is implemented > > through a ASP.Net Web Service (with WSE). > > I'm trying to authenticate users (like I used to do with Intergrated > > Security in IIS and Network Credentials in the client for the standard Web > > Services). > > Is there any way to do that? Ijust want to allow only Windows > > authenticated > > users to use my service but without loosing the flexibility of the > > trsnaport > > protocol independence. > > > > Thanks a lot > > -- > > LucasC > >
Hi Lucas,
The answer is yes. First all, your service must derive from SoapService in order to make it independent from the transport protocol as well. Regarding to the authentication question, you can do that using an UsernameToken as client token. The default UsernameTokenManager shipped in WSE authenticates user against a valid windows account (Using the API "LogonUser" ), so in that case it works as Windows authentication. Regards, Pablo Cibraro www.lagash.com [quoted text, click to view] "LucasC" <msdn@rmya.com.ar> wrote in message news:51E4B6A9-1506-418F-A8AD-F3E3AD3E0737@microsoft.com... > Hi, > I'm trying to use WSE through a Proxy class generated with WseWsdl2 in > order > to be independent from the transport protocol. My service is implemented > through a ASP.Net Web Service (with WSE). > I'm trying to authenticate users (like I used to do with Intergrated > Security in IIS and Network Credentials in the client for the standard Web > Services). > Is there any way to do that? Ijust want to allow only Windows > authenticated > users to use my service but without loosing the flexibility of the > trsnaport > protocol independence. > > Thanks a lot > -- > LucasC
Hi Pablo,
Is there any way to use something like Intergrated Security in the same way you set default Network Credentials? Thanks a lot -- LucasC [quoted text, click to view] "Pablo Cibraro" wrote:
> Hi Lucas, > If you don't have the password, you might create a usernametoken without a > password. (You will have to implement a custom UsernameTokenManager to > accept tokens without a password) > In that case, to avoid "non-repudiation" attacks, you will need to encrypt > and sign the message with a X509 Cert and only accept messages protected > with that certificate. > Yes, it's possible to publish a SoapService as an ASMX , you will have to > configure it as a HttpHandler. > > Regards, > Pablo Cibraro > www.lagash.com > > "LucasC" <msdn@rmya.com.ar> wrote in message > news:C96A5F85-9FC5-4587-A1C7-7199FC7E54BC@microsoft.com... > > Hi Pablo, > > Thanks for the answer. I have some doubts about that. > > My application doesn't know the username and password (everything works > > with > > Integrated Security) so I don't have the password to create the > > UserNameToken. Is there any way to use it without requesting the user > > password to the user? > > > > If I derive my service from SoapService, is it possible to implement it as > > ASMX (standard Web Service)? or Do I have to make mayor changes? > > > > Thanks a lot. > > > > > > -- > > LucasC > > > > > > "Pablo Cibraro" wrote: > > > >> Hi Lucas, > >> The answer is yes. First all, your service must derive from SoapService > >> in > >> order to make it independent from the transport protocol as well. > >> Regarding to the authentication question, you can do that using an > >> UsernameToken as client token. > >> The default UsernameTokenManager shipped in WSE authenticates user > >> against a > >> valid windows account (Using the API "LogonUser" ), > >> so in that case it works as Windows authentication. > >> > >> Regards, > >> Pablo Cibraro > >> www.lagash.com > >> > >> > >> "LucasC" <msdn@rmya.com.ar> wrote in message > >> news:51E4B6A9-1506-418F-A8AD-F3E3AD3E0737@microsoft.com... > >> > Hi, > >> > I'm trying to use WSE through a Proxy class generated with WseWsdl2 in > >> > order > >> > to be independent from the transport protocol. My service is > >> > implemented > >> > through a ASP.Net Web Service (with WSE). > >> > I'm trying to authenticate users (like I used to do with Intergrated > >> > Security in IIS and Network Credentials in the client for the standard > >> > Web > >> > Services). > >> > Is there any way to do that? Ijust want to allow only Windows > >> > authenticated > >> > users to use my service but without loosing the flexibility of the > >> > trsnaport > >> > protocol independence. > >> > > >> > Thanks a lot > >> > -- > >> > LucasC > >> > >> > >> > >
Hi Lucas,
If you don't have the password, you might create a usernametoken without a password. (You will have to implement a custom UsernameTokenManager to accept tokens without a password) In that case, to avoid "non-repudiation" attacks, you will need to encrypt and sign the message with a X509 Cert and only accept messages protected with that certificate. Yes, it's possible to publish a SoapService as an ASMX , you will have to configure it as a HttpHandler. Regards, Pablo Cibraro www.lagash.com [quoted text, click to view] "LucasC" <msdn@rmya.com.ar> wrote in message news:C96A5F85-9FC5-4587-A1C7-7199FC7E54BC@microsoft.com... > Hi Pablo, > Thanks for the answer. I have some doubts about that. > My application doesn't know the username and password (everything works > with > Integrated Security) so I don't have the password to create the > UserNameToken. Is there any way to use it without requesting the user > password to the user? > > If I derive my service from SoapService, is it possible to implement it as > ASMX (standard Web Service)? or Do I have to make mayor changes? > > Thanks a lot. > > > -- > LucasC > > > "Pablo Cibraro" wrote: > >> Hi Lucas, >> The answer is yes. First all, your service must derive from SoapService >> in >> order to make it independent from the transport protocol as well. >> Regarding to the authentication question, you can do that using an >> UsernameToken as client token. >> The default UsernameTokenManager shipped in WSE authenticates user >> against a >> valid windows account (Using the API "LogonUser" ), >> so in that case it works as Windows authentication. >> >> Regards, >> Pablo Cibraro >> www.lagash.com >> >> >> "LucasC" <msdn@rmya.com.ar> wrote in message >> news:51E4B6A9-1506-418F-A8AD-F3E3AD3E0737@microsoft.com... >> > Hi, >> > I'm trying to use WSE through a Proxy class generated with WseWsdl2 in >> > order >> > to be independent from the transport protocol. My service is >> > implemented >> > through a ASP.Net Web Service (with WSE). >> > I'm trying to authenticate users (like I used to do with Intergrated >> > Security in IIS and Network Credentials in the client for the standard >> > Web >> > Services). >> > Is there any way to do that? Ijust want to allow only Windows >> > authenticated >> > users to use my service but without loosing the flexibility of the >> > trsnaport >> > protocol independence. >> > >> > Thanks a lot >> > -- >> > LucasC >> >> >>
Sorry Lucas,
I forgot to mention something, you can use a kerberos token instead (The current user's credentials will flow to the server). It will work as Integrated Security in that way. Regards, Pablo. [quoted text, click to view] "LucasC" <msdn@rmya.com.ar> wrote in message news:364DC7D1-4B49-44CF-8E80-1346F2683DE7@microsoft.com... > Hi Pablo, > Is there any way to use something like Intergrated Security in the same > way > you set default Network Credentials? > Thanks a lot > -- > LucasC > > > "Pablo Cibraro" wrote: > >> Hi Lucas, >> If you don't have the password, you might create a usernametoken without >> a >> password. (You will have to implement a custom UsernameTokenManager to >> accept tokens without a password) >> In that case, to avoid "non-repudiation" attacks, you will need to >> encrypt >> and sign the message with a X509 Cert and only accept messages protected >> with that certificate. >> Yes, it's possible to publish a SoapService as an ASMX , you will have to >> configure it as a HttpHandler. >> >> Regards, >> Pablo Cibraro >> www.lagash.com >> >> "LucasC" <msdn@rmya.com.ar> wrote in message >> news:C96A5F85-9FC5-4587-A1C7-7199FC7E54BC@microsoft.com... >> > Hi Pablo, >> > Thanks for the answer. I have some doubts about that. >> > My application doesn't know the username and password (everything works >> > with >> > Integrated Security) so I don't have the password to create the >> > UserNameToken. Is there any way to use it without requesting the user >> > password to the user? >> > >> > If I derive my service from SoapService, is it possible to implement it >> > as >> > ASMX (standard Web Service)? or Do I have to make mayor changes? >> > >> > Thanks a lot. >> > >> > >> > -- >> > LucasC >> > >> > >> > "Pablo Cibraro" wrote: >> > >> >> Hi Lucas, >> >> The answer is yes. First all, your service must derive from >> >> SoapService >> >> in >> >> order to make it independent from the transport protocol as well. >> >> Regarding to the authentication question, you can do that using an >> >> UsernameToken as client token. >> >> The default UsernameTokenManager shipped in WSE authenticates user >> >> against a >> >> valid windows account (Using the API "LogonUser" ), >> >> so in that case it works as Windows authentication. >> >> >> >> Regards, >> >> Pablo Cibraro >> >> www.lagash.com >> >> >> >> >> >> "LucasC" <msdn@rmya.com.ar> wrote in message >> >> news:51E4B6A9-1506-418F-A8AD-F3E3AD3E0737@microsoft.com... >> >> > Hi, >> >> > I'm trying to use WSE through a Proxy class generated with WseWsdl2 >> >> > in >> >> > order >> >> > to be independent from the transport protocol. My service is >> >> > implemented >> >> > through a ASP.Net Web Service (with WSE). >> >> > I'm trying to authenticate users (like I used to do with Intergrated >> >> > Security in IIS and Network Credentials in the client for the >> >> > standard >> >> > Web >> >> > Services). >> >> > Is there any way to do that? Ijust want to allow only Windows >> >> > authenticated >> >> > users to use my service but without loosing the flexibility of the >> >> > trsnaport >> >> > protocol independence. >> >> > >> >> > Thanks a lot >> >> > -- >> >> > LucasC >> >> >> >> >> >> >> >> >>
Don't see what you're looking for? Try a search.
|
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
March 2008
April 2008
May 2008
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |