wrote:
> Thanks for the answer.
>
> Can you tell me where to look for information on how to create a .net clie=
nt
> which will use credentials before trying anonymous?
>
> I tried changing values in the UseDefaultCredentials and Credentials
> properties, but it appears to always try anonymous, since the web service =
I'm
> testing Isn't authenticating when I have anonymous enabled.
>
>
>
> "Ken Schaefer" wrote:
> > Yes - David is saying that this can be done.
>
> > BUT
>
> > You need to write the client appropriately. An off-the-shelf HTTP client=

> > (like a browser) doesn't work this way. It will just make an anonymous
> > request by default. Only if the server denies the request (with a 401) w=
ill
> > it ask the user for credentials.
>
> > In your case, you need to write a client that will automatically try
> > Integrated Windows Auth *first* rather than trying anonymous first (or a=

> > client that detects whether it's on the internel network or not and adju=
sts
> > it's request appropriately)
>
> > Cheers
> > Ken
>
> > --
> > My IIS blog:http://adopenstatic.com/blog
>
> > "iamahulk" <iamah...@discussions.microsoft.com> wrote in message
> >news:C3683122-41DE-4D2D-B5C7-99CAC9567706@microsoft.com...
> > > I'm not sure if I understand what you're saying. Some clients will be
> > > accessing the webservice while on our network and have windows
> > > credentials,
> > > others from outside our network will call the service without credenti=
als.
> > > Given this are you saying they both can call the same web service?
>
> > > Is this simply a matter of configuring the web service in IIS to:
> > > Enable anonymous access
> > > and
> > > Integrated Windows authentication
>
> > > Because I've read other posting where this doesn't work
>
> > > "David Wang" wrote:
>
> > >> On Mar 26, 9:36 am, iamahulk <iamah...@discussions.microsoft.com>
> > >> wrote:
> > >> > Is it possible using IIS(version 6) to have both Anonymous and
> > >> > integrated
> > >> > authentication for a web service?
> > >> > By this I mean can it do intergrated authentication when the
> > >> > credentials
> > >> > exist, but if they don't allow an anonymous connection? (For a sing=
le
> > >> > URL)
>
> > >> Yes, IIS supports such "fallback" authentication protocol, but only i=
f
> > >> the Web Service Client initiates it.
>
> > >> If the WebService Client always tries Integrated First and if it
> > >> fails, retry with Anonymous, then you can simply configure IIS6 Web
> > >> Service to allow both Anonymous and Integrated.
>
> > >> If you cannot control the client, then you will have to write and run=

> > >> custom software on the server to enforce such proprietary behavior.
> > >> There are no standard authentication protocol which works like this.
>
> > >> //David
> > >>http://w3-4u.blogspot.com
> > >>http://blogs.msdn.com/David.Wang
> > >> //- Hide quoted text -
>
> - Show quoted text -

"David Wang" wrote:

>
> Change the client to .PreAuthenticate.
>
> UseDefaultCredentials and Credentials property change the user
> identity on authentication, not ordering of authentication.
>
>
> //David
> http://w3-4u.blogspot.com
> http://blogs.msdn.com/David.Wang
> //