The application was making the requests to the service. Each point where the application made the request the authentication would fail. This worked fine on the local dev box but failed as soon as it was deployed to IIS.
This is the double hop issue which the articles below refer too:
- http://stackoverflow.com/questions/727421/impersonation-and-credentialcache-defaultcredentials-gives-http-401-unauthorized
- http://stackoverflow.com/questions/517846/impersonation-and-delegation-in-asp-net
Workarounds recommended are Kerberos or reauthentication. I decided on another option which was too create a network crendential with a service account in our AD forest. This is stored in the web.config.(Encrypt the config is always good practice). Created a method called GetCredentials
string CredID = Configuration.Manager.AppSettings("ID");
string CredPass = Configuration.Manager.AppSettings("Pass");
string CredDomain = Configuration.Manager.AppSettings("Domain");
return System.Net.NetworkCredentials(CredId,CredPass,CredDomain);
Each time you need to call the service just set the services credentials via this method and voila your request will go through each time!
No comments:
Post a Comment