What you are asking to do is "delegation". You want to automatically
delegate user credentials from the web client to the WebService to access
some other network resource on that user's behalf.
Ability to delegate depends on the authentication protocol. Integrated
Authentication does not support this. Kerberos supports it securely. Basic
authentication supports it insecurely. You cannot simply "pass on the
default credential from the client" unless you do it insecurely.
<identity impersonate="true" /> has nothing to do with delegation but is
required since otherwise, the Web Service will run as process identity which
obviously is not the remote authenticated identity.
So, really, IIS has little to do with this situation. Here is URL on how to
set it up to access a remote network UNC share, which is the exact same
problem as your Web Service and the solution/understanding are similar.
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/remstorg.mspx --
//David
IIS
http://blogs.msdn.com/David.Wang This posting is provided "AS IS" with no warranties, and confers no rights.
//
[quoted text, click to view] <ks2@anytamil.com> wrote in message
news:1128230873.317207.33460@g49g2000cwa.googlegroups.com...
Thanks. Does that mean we have to hardcode the password or display a
dialog to accept the credentials? Can we not pass on the default
credential from the client to the ASP.NET application and have ISS
impersonate the user and pass it on the web servive?
We tried to set <identity impersonate="true" /> in app's Web.config
file, but it did not work.
[quoted text, click to view] Ayyappan Nair wrote:
> Take a look at NetworkCredential class and CredentialCache class in
> System.Net namespace. You would need to create a NetworkCredential object
> using the Windows login info and pass it on to the Webservice. The
following
> URL gives a good explanation --
>
http://www.dotnetjunkies.com/How%20To/6B31D299-347C-4B85-82C5-954546165C80.dcik
>
> Ayyappan Nair
>
> "ks2@anytamil.com" wrote:
>
> > I am calling a web service from an ASP.NET application.
> > The web application doesn't send any authorization information to
> > server it attaches.
> >
> > <identity impersonate="true" /> in app's Web.config doesn't help.
> >
> >
> > Questions are:
> >
> > 1. How I can pass my credentials through web application? If I access
> > the web application, it should make requests using my account.
> >
> > 2. What account it is sending requests from by default and how to
> > change the default?
> >
> >
