.net - Passing Windows Token to WCF then from WCF to another server in the AD domain -

-

this may doozy, have idea how to:

pass users windows token (authenticated domain) wcf service called - service perform action based on users windows credentials made call.

ie: client -> wcf -> 3rd party repository integrates active directory.

i have wcf data tier responsible returning of data - customer makes calls service. service retrieves documents repository. customer accomplish managing of accounts ad sincee repository supports ad integration.

any appreciated - thank :-)

---------- update have followed jezell's article still have issues.

i want use upn opposed spn (so account can locked down , more secure), im not sure i've got wrong.

i have created spn's on ad server (tried every combination, no duplicates)

here code snippet, maybe has idea of im doing wrong.

dim binding new nettcpbinding() binding.security.mode = securitymode.message binding.security.message.algorithmsuite = system.servicemodel.security.securityalgorithmsuite.basic128 binding.security.message.clientcredentialtype = messagecredentialtype.windows  dim upn string = "usertest@testdomain.com"  dim ep new endpointaddress(new uri("net.tcp://server1.testdomain.com:1111/servicetest") _     , endpointidentity.createupnidentity(upn))  dim factory new channelfactory(of credential.interface.icredentialtest)(binding, ep) factory.credentials.windows.allowntlm = false factory.credentials.windows.allowedimpersonationlevel = system.security.principal.tokenimpersonationlevel.delegation  dim iproxy credential.interface.icredentialtest = factory.createchannel() dim co icommunicationobject = ctype(iproxy, icommunicationobject) iproxy.toservice(result)

now error: 'the identity check failed outgoing message. expected identity is... can find on relates using certificates, im not doing.

thanks :-)

this known delegation. set allowed impersonation level in client configuration "delegation" , disable ntlm authentication on server side. have post more in depth discussion here:

http://www.iserviceoriented.com/blog/post/delegation+-+wcf+gotcha+2.aspx


Comments

Post a Comment

Popular posts from this blog

c++ - How do I get a multi line tooltip in MFC -

-
right now, have tool tip pops when hover on edit box. problem tool tip contains multiple error messages , in 1 long line. need have each error message on own line. error messages contained in cstring new line seperating them. my existing code below. bool ontooltiptext(uint, nmhdr* pnmhdr, lresult* presult) { assert(pnmhdr->code == ttn_needtexta || pnmhdr->code == ttn_needtextw); // need handle both ansi , unicode versions of message tooltiptexta* pttta = (tooltiptexta*)pnmhdr; tooltiptextw* ptttw = (tooltiptextw*)pnmhdr; // tchar szfulltext[256]; cstring strtiptext=_t(""); uint nid = pnmhdr->idfrom; if (pnmhdr->code == ttn_needtexta && (pttta->uflags & ttf_idishwnd) || pnmhdr->code == ttn_needtextw && (ptttw->uflags & ttf_idishwnd)) { // idfrom hwnd of tool nid = ::getdlgctrlid((hwnd)nid); } //m_errprojaccel[ch] contains 1 or more error messages each...
Read more

asp.net - In javascript how to find the height and width -

-
i having .aspx , masterpage page. in masterpage loading aspx page . in aspx page design using generating table structure using code-behind server in javascript how find height , width . regards, kumar if you're looking table height , width, should it var tbl = document.getelementbyid('tbldemo'); alert(tbl.offsetwidth + '\n' + tbl.offsetheight);
Read more

c# - DataTable to EnumerableRowCollection -

-
i have datatable according client requirement can contain invalid date "00/00/1999",null,empty string.(typed datset) when collect them enumerables wish convert of invalid forms empty string. (i.e) enumerablerowcollection<datarow> query = order in _table.asenumerable() select new { orderdate= string.isnullorempty(convert.tostring(order.field<datetime>("orderdate")) || (how check date invalid date) ? string.empty : order.field<datetime>("orderdate") } how check whether date valid date or not? datetime.tryparse...like given current code: datetime date; enumerablerowcollection<datarow> query = order in _table.asenumerable() select new { orderdate= string.isnullorempty(convert.tostring(order.field<datetime>("orderdate")) || !datetime.tryparse(convert.tostring(order.field<datetime...
Read more