WCF and <identity impersonate="true" />

c# .net asp.net wcf
10,560

Solution 1

What you're seeing is a problem with delegation. If you use 

<identity impersonate="true" />

then what happens is your ASP.NET pages will run under the credentials of the user logged in (assuming Windows authentication). However these credentials are not passed onto any calls made outside of your application such as a connection to SQL or a connection to a WCF service. You need to use the credentials passed to ASP.NET and then use impersonation before calling your web service;

using (((WindowsIdentity)HttpContext.Current.User.Identity).Impersonate())
{
    WCFTestService.ServiceClient myService = new WCFTestService.ServiceClient();
    Response.Write(myService.GetData(123) + "<br/>");
    myService.Close();
}

There's more details on the WCF Security Patterns and Practices site.

Solution 2

If you read the MSDN page about the ASP.NET identity impersonation, you will notice that if the <identity> element does not include credentials, ASP.NET will impersonate the token passed to it by IIS, which can be either the identity of the request authenticated user or the anonymous Internet user account (IUSR_machinename). Seems to me that in the scenario 1. above ASP.NET is getting the anonymous user token, which would explain the failure. You can try disabling anonymous access to your web service to force the WIndows authentication to kick in.

Share:
10,560
Admin
Author by

Admin

Updated on June 04, 2022

Comments

  • Admin
    Admin almost 2 years

    What is the difference between these two lines of web.config code
    1.

    <identity impersonate="true" />

    2.

    <identity impersonate="true" userName="MyUserName" password="MyPassword"/>

    Where MyuserName and MyPassword are my windows credentials. If you have IIS setup to use windows credentials shouldn't "1." pass in my windows credentials and hence be the same as "2."?

    My app is dying when I use "1" with an authentication error when trying to connect to my WCF service. There is obviously nothing wrong with the code in my service and the code that calls my service as "2" works just fine and passes the client credentials to my WCF service.

    the IIS config for the website is setup for windows authentication and the user it runs under is trusted for delegation.

    So how can I get my windows credentials passed through without hard coding them?

  • bobbymcr
    bobbymcr over 14 years
    Good answer, Franci! [--broger]
  • Admin
    Admin over 14 years
    thanks Franci, anonymous access is actually disabled and the "Integrated Windows security" is checked. any idea why it would not be working?
  • Franci Penov
    Franci Penov over 14 years
    @KateK check the IIS logs and the Windows event log for more details on the exact error.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Cannot implicitly convert type 'ServiceReference1.StockData[] ' to Systems.Collections.Generic.List<StockData>
How to add a xml in web.config?
Get username in WCF service using basic auth with IIS
WCF WSHttpBinding SOAP Security Negotiation Failed
Web Service without adding a reference?
HTTPS on basicHttpBinding for WCF Service
Stumped by "The remote server returned an error: (403) Forbidden" with WCF Service in https
Endpoint not found - WCF web service
C#: How to programmatically check a web service is up and running?
Configuration binding extension 'system.serviceModel/bindings/basicHttpsBinding' could not be found