Uwaga
Dostęp do tej strony wymaga autoryzacji. Może spróbować zalogować się lub zmienić katalogi.
Dostęp do tej strony wymaga autoryzacji. Możesz spróbować zmienić katalogi.
YAWSQ (Yet Another Web Services Quiz)
Let me describe the following scenario:
- Web Service T1 contains an operation that returns a string
- Web Service T2 calls Web Service T1 in the context of its own operation
- Both Web Services run under IIS using the following security configuration:
- “Integrated Windows Authentication” enabled
- “Anonymous Access” disabled
Do you see a problem in the following implementation?
As always, answer and explanation will follow…
T1.asmx
public class T1
{
[WebMethod]
public string HelloWorld()
{
return "Hello World";
}
}
T2.asmx
public class T2
{
[WebMethod]
public string HelloWorld()
{
t1.T1 t1 = new OrderSrv.t1.T1();
return t1.HelloWorld();
}
}
Comments
- Anonymous
February 23, 2005
I think T2 will try to call T1 anonymously - Anonymous
February 23, 2005
You have forgotten to initialize the t1.Credentials member...
t1.Credentials = System.Net.CredentialCache.DefaultCredentials
But you have to think about a couple of things... under which account is the service T2 running? And more questions: are both web services running on the same machine or on different machines (if different machines - which account have you used for the T2 service ... is the machine of the T1 service aware of the account?) ... and another one: if the web services running on different machines and the client runs on another, different machine as well - have you configured Kerberos delegation appropriately? Question over question over question ... if I know that all I can give you the correct answer... :-))