N
nobody101
I have a web service configured with Anonymous access disabled.
The calling client, prior to executing a method on the service,
sets its network credentials for the IIS to authenticate:
CredentialCache cacheVU = new CredentialCache();
cacheVU.Add( new Uri(<my url here>), "Negotiate",new
NetworkCredential( Username, Password, Domain) );
WebServiceProxy.Credentials = cacheVU;
My web service method works OK. However, I need to access a network
share, so I wanted to use the
<identity impersonate="true" />
setting in my web service's web.config file. However,
when I try to access the remote share, I get an access denied error:
Access to the path "..." is denied
However, if I change the <identity> element and add the "username"
and "password" attributes - which are the same username and password
that the web service authentication use, it works OK.
I thought the <identity> w/o the username/password should
inherit the user context.
I added some debug statements, and displayed:
- Thread.CurrentPrincipal.Identity
- WindowsIdentity.GetCurrent
- User.Identity
and in both cases ( with and without explicit username/password in the
<identity> element), the
dumped names are the same, so I am assuming the impersonation is
enabled. So, why are my access rights denied for the case w/o the
explicit username/password defined?
The calling client, prior to executing a method on the service,
sets its network credentials for the IIS to authenticate:
CredentialCache cacheVU = new CredentialCache();
cacheVU.Add( new Uri(<my url here>), "Negotiate",new
NetworkCredential( Username, Password, Domain) );
WebServiceProxy.Credentials = cacheVU;
My web service method works OK. However, I need to access a network
share, so I wanted to use the
<identity impersonate="true" />
setting in my web service's web.config file. However,
when I try to access the remote share, I get an access denied error:
Access to the path "..." is denied
However, if I change the <identity> element and add the "username"
and "password" attributes - which are the same username and password
that the web service authentication use, it works OK.
I thought the <identity> w/o the username/password should
inherit the user context.
I added some debug statements, and displayed:
- Thread.CurrentPrincipal.Identity
- WindowsIdentity.GetCurrent
- User.Identity
and in both cases ( with and without explicit username/password in the
<identity> element), the
dumped names are the same, so I am assuming the impersonation is
enabled. So, why are my access rights denied for the case w/o the
explicit username/password defined?