0

What I would like to do is pass client credentials to my web service and then my web service to authenticate against an AIF (ax) web service to pass information. Currently my client program authenticates over HTTPS , windows authentication to my web service. my web service then connects to AIF. currently the web service runs as just a general identity account. But i would like that the user credentials get passed so when something is created in ax we know it is by the user and not a general account. What would be the easiest way possible.
I've tried code such as impersonation on the method.

        <OperationBehavior(Impersonation:=ImpersonationOption.Allowed)>

and then trying to call the aif under a windowsidentity context but i'm having no luck.... of course if i do 

generalJournal.ClientCredentials.Windows.ClientCredential.UserName = ""
             'generalJournal.ClientCredentials.Windows.ClientCredential.Password = ""
                  'generalJournal.ClientCredentials.Windows.ClientCredential.Domain = ""

this works... but i need to grab the credentials that were already authenticated... any help? thanks

Sirus
  • 382
  • 1
  • 8
  • 35

1 Answers1

0

On the service you shoud set servicePrincipalName and enable yous service account for delegation.

<configuration>
  <services>
    <service>
      <endpoint>
        <identity>
          <servicePrincipalName value="server/YourService" />
        </identity>
      </endpoint>
    </service>
  </services>
</configuration>

And SPN to AD.

setspn.exe –U –A server/YourService DOMAIN\SERVICEACCOUNT

On the client configuration ypu have to set userPrincipalName.

<configuration>
  <system.serviceModel>
    <client>
      <endpoint>
        <identity>
          <userPrincipalName value="server/YourService" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>
</configuration>
Matej
  • 7,517
  • 2
  • 36
  • 45