Ask a Question related to ASP.NET Web Services, Design and Development.
-
Saverio Tedeschi #1
setting security
Hi all gurus,
it's the very 1st time I attempt to build a Web Service app, and while
simple samples work fine, I stuck trying to fill (on server side) a DataSet
to be returned by the service. Test run fails with HTTP 500 - Internal
server error, but the true error is in Fill method, which doesn't succeed.
Client app fails with ""System.Web.Services.Protocols.SoapException" in
system.web.services.dll" (SQL Server not found or access denied). I've tried
"None" (and accordingly http "anonymous") authentication and "Windows (http
"integrated"), passing user and pwd as credential in proxy class; I set up
an user (in SQL Server) and gave him read access rights to the two tables
involved, and db_datareader role, with no success. I'm currently using web
..NET app with no flaws, using integrated widows authentication; why does
webservice fail? Can pls point me to the right direction? Lot of thanks in
advance.
Saverio Tedeschi Guest
-
Can't get the security setting i need
Why can't I create a security setting that creates a password to open an attachment as well as a permissions password that does not allow printing or... -
Security setting in Web.config file.
Hi All, We have the following scenerio. Machine 1: webservice is deployed in this machine. Machine 2: UserControl is deployed in this machine. ... -
Setting up security on my web application
Hi all, My situation: - VB.net & Visual Studio 2002 - IIS 6.0 - Windows XP Pro (development) and Windows 2000 server (release) I created a... -
Setting up integrated security to SQL Server
Hi, I've read quite a few places where it recommends you use integrated security in your connection string to SQL Server I tried this in test... -
How can I change the browser security setting
How can I change security setting of the explorer browser. For example: I want to enable "Download signed ActiveX Controls". How can I do this... -
CodeMeister #2 Re: setting security
You may have a couple issues here.
Case 1. SQL Server resides on same server as web server and you are trying
to use the remote user's credentials.
You need to set the application to use Windows authentication. In addition
you need to set IIS to use Windows Authentication (make sure anonymous is
unchecked). In theweb.config set the make sure you have the follwoing set:
<authentication mode="Windows" />. Also add the following: <identity
impersonate="true" />. On the client you need to set your credential similar
to the following:
proxy.Credentials = Systen.Net.CredentialCache.DefaultCredentials
This will allow the client to authenticate using Windows authentication.
Case 2. SQL Server is on a remote server from the web server.
In this case you can configure the web server and client as above. You'll
also need to provide an application account to access SQL Server. This is
due to an issue known as a double hop. The credentials cannot be passed from
the web server to the SQL Server. If you are using Windows 2003 you can set
the id on the application pool you are using. In Windows 2003 you need to
supply a user name and password for the application to run under. To set the
account in the web.config, modify the identity element as follows:
<identity impersonate="true" userName="domain\userName"
password="mySecretPassword" />
Placing the credential information in the web.config is a security risk.
Her's a link on encrypting the information:
[url]http://support.microsoft.com/default.aspx?scid=kb;en-us;329290[/url]
Here's a link on security issues with ASP.Net
[url]http://support.microsoft.com/default.aspx?scid=kb;en-us;891031[/url]
IHTH
Jon
This
"Saverio Tedeschi" <tesis@tesis.org> wrote in message
news:uY83v1EdFHA.720@TK2MSFTNGP15.phx.gbl...> Hi all gurus,
> it's the very 1st time I attempt to build a Web Service app, and while
> simple samples work fine, I stuck trying to fill (on server side) a
> DataSet to be returned by the service. Test run fails with HTTP 500 -
> Internal server error, but the true error is in Fill method, which doesn't
> succeed. Client app fails with
> ""System.Web.Services.Protocols.SoapException" in system.web.services.dll"
> (SQL Server not found or access denied). I've tried "None" (and
> accordingly http "anonymous") authentication and "Windows (http
> "integrated"), passing user and pwd as credential in proxy class; I set up
> an user (in SQL Server) and gave him read access rights to the two tables
> involved, and db_datareader role, with no success. I'm currently using web
> .NET app with no flaws, using integrated widows authentication; why does
> webservice fail? Can pls point me to the right direction? Lot of thanks in
> advance.
>
CodeMeister Guest
-
Saverio Tedeschi #3 Re: setting security
Thank you,
this solved my issue. Actually, I'd not not inserted impersonating. BTW,
I've a couple of ASP.NET apps that work with Windows authentication, but
w/out impersonation. I'd also tried to send credentials to web service, but
they don't appear to be acknowledged on web side (I've listened to user by
System.Threading.Current.Principal.Identity.Name; is there another method to
retrieve identity? Just wondering). Have a nice day!
"CodeMeister" <jwojtowicz@codemeister.net> ha scritto nel messaggio
news:eFRfo6HdFHA.3328@TK2MSFTNGP09.phx.gbl...> You may have a couple issues here.
>
> Case 1. SQL Server resides on same server as web server and you are trying
> to use the remote user's credentials.
>
> You need to set the application to use Windows authentication. In addition
> you need to set IIS to use Windows Authentication (make sure anonymous is
> unchecked). In theweb.config set the make sure you have the follwoing set:
> <authentication mode="Windows" />. Also add the following: <identity
> impersonate="true" />. On the client you need to set your credential
> similar to the following:
>
> proxy.Credentials = Systen.Net.CredentialCache.DefaultCredentials
>
> This will allow the client to authenticate using Windows authentication.
>
> Case 2. SQL Server is on a remote server from the web server.
>
> In this case you can configure the web server and client as above. You'll
> also need to provide an application account to access SQL Server. This is
> due to an issue known as a double hop. The credentials cannot be passed
> from the web server to the SQL Server. If you are using Windows 2003 you
> can set the id on the application pool you are using. In Windows 2003 you
> need to supply a user name and password for the application to run under.
> To set the account in the web.config, modify the identity element as
> follows:
> <identity impersonate="true" userName="domain\userName"
> password="mySecretPassword" />
>
> Placing the credential information in the web.config is a security risk.
> Her's a link on encrypting the information:
> [url]http://support.microsoft.com/default.aspx?scid=kb;en-us;329290[/url]
>
> Here's a link on security issues with ASP.Net
> [url]http://support.microsoft.com/default.aspx?scid=kb;en-us;891031[/url]
>
> IHTH
>
> Jon
>
> This
> "Saverio Tedeschi" <tesis@tesis.org> wrote in message
> news:uY83v1EdFHA.720@TK2MSFTNGP15.phx.gbl...>>> Hi all gurus,
>> it's the very 1st time I attempt to build a Web Service app, and while
>> simple samples work fine, I stuck trying to fill (on server side) a
>> DataSet to be returned by the service. Test run fails with HTTP 500 -
>> Internal server error, but the true error is in Fill method, which
>> doesn't succeed. Client app fails with
>> ""System.Web.Services.Protocols.SoapException" in
>> system.web.services.dll" (SQL Server not found or access denied). I've
>> tried "None" (and accordingly http "anonymous") authentication and
>> "Windows (http "integrated"), passing user and pwd as credential in proxy
>> class; I set up an user (in SQL Server) and gave him read access rights
>> to the two tables involved, and db_datareader role, with no success. I'm
>> currently using web .NET app with no flaws, using integrated widows
>> authentication; why does webservice fail? Can pls point me to the right
>> direction? Lot of thanks in advance.
>>
>
Saverio Tedeschi Guest
-
Saverio Tedeschi #4 Re: setting security
I had to delete client project and build it again. At a given moment,
refreshing web service from inside client was not enough, and I always got
"HTTP 401 - Access denied" error. Rebuilding project from scratch (after
having copied first, of course) solved this issue. Why? (just wondering,
however I like to understand problems. Any clue? TIA
"Saverio Tedeschi" <tesis@tesis.org> ha scritto nel messaggio
news:%23Qw68kKdFHA.220@TK2MSFTNGP12.phx.gbl...> Thank you,
> this solved my issue. Actually, I'd not not inserted impersonating. BTW,
> I've a couple of ASP.NET apps that work with Windows authentication, but
> w/out impersonation. I'd also tried to send credentials to web service,
> but they don't appear to be acknowledged on web side (I've listened to
> user by System.Threading.Current.Principal.Identity.Name; is there another
> method to retrieve identity? Just wondering). Have a nice day!
>
> "CodeMeister" <jwojtowicz@codemeister.net> ha scritto nel messaggio
> news:eFRfo6HdFHA.3328@TK2MSFTNGP09.phx.gbl...>>> You may have a couple issues here.
>>
>> Case 1. SQL Server resides on same server as web server and you are
>> trying to use the remote user's credentials.
>>
>> You need to set the application to use Windows authentication. In
>> addition you need to set IIS to use Windows Authentication (make sure
>> anonymous is unchecked). In theweb.config set the make sure you have the
>> follwoing set: <authentication mode="Windows" />. Also add the following:
>> <identity impersonate="true" />. On the client you need to set your
>> credential similar to the following:
>>
>> proxy.Credentials = Systen.Net.CredentialCache.DefaultCredentials
>>
>> This will allow the client to authenticate using Windows authentication.
>>
>> Case 2. SQL Server is on a remote server from the web server.
>>
>> In this case you can configure the web server and client as above. You'll
>> also need to provide an application account to access SQL Server. This is
>> due to an issue known as a double hop. The credentials cannot be passed
>> from the web server to the SQL Server. If you are using Windows 2003 you
>> can set the id on the application pool you are using. In Windows 2003 you
>> need to supply a user name and password for the application to run under.
>> To set the account in the web.config, modify the identity element as
>> follows:
>> <identity impersonate="true" userName="domain\userName"
>> password="mySecretPassword" />
>>
>> Placing the credential information in the web.config is a security risk.
>> Her's a link on encrypting the information:
>> [url]http://support.microsoft.com/default.aspx?scid=kb;en-us;329290[/url]
>>
>> Here's a link on security issues with ASP.Net
>> [url]http://support.microsoft.com/default.aspx?scid=kb;en-us;891031[/url]
>>
>> IHTH
>>
>> Jon
>>
>> This
>> "Saverio Tedeschi" <tesis@tesis.org> wrote in message
>> news:uY83v1EdFHA.720@TK2MSFTNGP15.phx.gbl...>>>>> Hi all gurus,
>>> it's the very 1st time I attempt to build a Web Service app, and while
>>> simple samples work fine, I stuck trying to fill (on server side) a
>>> DataSet to be returned by the service. Test run fails with HTTP 500 -
>>> Internal server error, but the true error is in Fill method, which
>>> doesn't succeed. Client app fails with
>>> ""System.Web.Services.Protocols.SoapException" in
>>> system.web.services.dll" (SQL Server not found or access denied). I've
>>> tried "None" (and accordingly http "anonymous") authentication and
>>> "Windows (http "integrated"), passing user and pwd as credential in
>>> proxy class; I set up an user (in SQL Server) and gave him read access
>>> rights to the two tables involved, and db_datareader role, with no
>>> success. I'm currently using web .NET app with no flaws, using
>>> integrated widows authentication; why does webservice fail? Can pls
>>> point me to the right direction? Lot of thanks in advance.
>>>
>>
>
Saverio Tedeschi Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
