Credential forwarding when accessing remote resources from ASP.NET Web

jatta · Nov 16, 2009

When an ASP.NET Web Service is called from a client, the client's credentials are forwarded as anonymous to any new threads. So any new threads that require user credentials like those that access remote files on the network will fail with "Access denied".

The solution is to enable "Identity Impersonation" in web.config under <system.web> section. The user name and password that needs to be impersonated has to be specified(Otherwise it results in "Anonymous" access to the remote resource)

<system.web>
...
<identity impersonate="true"
userName="yourusername" password="yourpassword"/>
...
</system.web>

For security, the username and password attributes of the <identity> property should be encrypted. One of the options is to store the encrypted username and password in the registry as per the Microsoft KB article listed below

http://support.microsoft.com/kb/329290

The encrypted values of username and password should be specified in the <identity> property in web.config like below

<identity impersonate="true"
userName="registry:HKLM\SOFTWARE\MY_SECURE_APP\identity\ASPNET_SETREG,userName"
password="registry:HKLM\SOFTWARE\MY_SECURE_APP\identity\ASPNET_SETREG,password" />

Jayadevan Atta

http://www.activehealth.net

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Credential forwarding when accessing remote resources from ASP.NET Web

jatta

Programmer

Similar threads

Part and Inventory Search

Sponsor