I have a web application (developed in ASP.net 4.0) hosted in IIS 6.0
on Windows Server 2003 R2
machine. Integrated Windows Authentication
is turned on for this web application.
I have hosted a web service (developed using WCF) in IIS 7.5
on Windows Server 2008 R2
machine. ' Windows Authentication
is enabled for this web application too.
So Integrated Windows Authentication
works fine independently for both the web apps hosted in separate IIS on different machines.
Problem comes when the web application is browsed from my local machine and web page calls the service internally. In this case, "service does not run under my windows identity" as expected. It either runs under identity of the application pool of either asp.net web app or the web service's web app.
I don't want my web service to take responsibility of authenticating the user. It would use simple basicHttpBinding
. It will just read name of the user using CurrentPrincipal
or HttpContext
etc. Validating user's identity should be done by the IIS only.
Can someone help me to pass on my windows identity from one IIS to another?
You need to set up kerberos delegation as identity won't be passed to another machine by default.
http://blogs.technet.com/b/askds/archive/2008/11/25/fun-with-the-kerberos-delegation-web-site.aspx
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.