1

I currently have an app that calls a web service(WS1), which in turn calls another web service(WS2) to get/set information on the server hosted on WS2. I would like to be able to pass in the user credentials into WS2 from WS1 as if there was an application calling directly into WS2. Is there a way to do this?

This is what I have currently:

Application Code:

BasicHttpBinding basicHttpBinding = 
    new BasicHttpBinding(BasicHttpSecurityMode.TransportCredentialOnly);

basicHttpBinding.Security.Transport.ClientCredentialType = 
    HttpClientCredentialType.Windows;

basicHttpBinding.MaxReceivedMessageSize = 131072000;

AppMgr.AppMgrSoapClient appMgr = 
    new AppMgr.AppMgrSoapClient(
        basicHttpBinding, 
        new EndpointAddress(@"http://SomeServer/Service.asmx"));

appMgr.ClientCredentials.Windows.AllowedImpersonationLevel =
    TokenImpersonationLevel.Impersonation;

appMgr.ChannelFactory.Credentials.Windows.ClientCredential = 
    CredentialCache.DefaultNetworkCredentials;

appMgr.SomeWebMethodCall();

Web Service 1 code (on 'SomeServer')

BasicHttpBinding basicHttpBinding = 
    new BasicHttpBinding(BasicHttpSecurityMode.TransportCredentialOnly);

basicHttpBinding.Security.Transport.ClientCredentialType = 
    HttpClientCredentialType.Windows;

basicHttpBinding.MaxReceivedMessageSize = 131072000;

WS2Service.WS2ServiceSoapClient myServiceReference = 
    new WS2Service.WS2ServiceSoapClient(
        basicHttpBinding,
        new EndpointAddress(@"http://SomeOtherServer/AnotherService.asmx"));

myServiceReference.ClientCredentials.Windows.AllowedImpersonationLevel = 
    TokenImpersonationLevel.Impersonation;

myServiceReference.ChannelFactory.Credentials.Windows.ClientCredential = 
    CredentialCache.DefaultNetworkCredentials;

Its the last line in the Web Service code that I need to change, I know that ... but I don't know what to set it to ... There is ClientCredentials.UserName but I don't have the password at this level.

Kjartan
  • 18,591
  • 15
  • 71
  • 96
Tizz
  • 820
  • 1
  • 15
  • 31
  • Please use tags instead of adding things like "C# .NET 3.0" to your title. – John Saunders Jan 25 '12 at 20:04
  • I don't know much about security in WCF, but I guess your problem lies in `AllowedImpersonationLevel`. I would try it with `TokenImpersonationLevel.Delegation` http://msdn.microsoft.com/en-us/library/system.security.principal.tokenimpersonationlevel.aspx – L.B Jan 25 '12 at 20:06
  • I tried Delegation, I am still getting the web user that started the services on the WS2 side. :( – Tizz Jan 25 '12 at 23:31
  • And anonymous access is disabled? – L.B Jan 25 '12 at 23:50
  • Yes, I dont want anonymous users. I want to know the user, and use HttpContext.Current.User.Identity to tell who is trying to use my service – Tizz Jan 26 '12 at 18:23

2 Answers2

0

This is typically done via centralized authentication service like CAS (http://www.jasig.org/cas).

hockey_dave
  • 524
  • 1
  • 7
  • 18
-3

I do not code in C# , but looks like what you'd want is to post the credentials using your web service call.

For that you need to append the credentials to the body of the HTTP request.

Quasar
  • 137
  • 3