12,165
社区成员
发帖
与我相关
我的任务
分享asp.net里调用webservice, 无法得到正确的集成用户身份
问题描述: aspx后台调用webservice, 页面和webservice都使用C#, 发布在同一台机器上, win2003server+IIS6, 都发布在IIS上, 都使用integrated windows authentication, 禁止匿名, 通过IIS访问该页面, 当前用户是 domain\user1, 页面里取当前用户是正确的domain\user1, 而Webservice里取当前用户则变成了NT AUTHORITY\NETWORK SERVICE, 这不是我想要的情况, 我希望Webservice里取当前用户仍然是domain\user1
不知是那里的问题导致? 该如何解决?
另外, 我用一个windows app引用同样的webservice, 却得到正确的当前用户domain\user1...
代码如下:
webservice: 发布在 http://localhost:8083/WebServe1/
namespace WebService1
{
/// <summary>
/// Summary description for Service1
/// </summary>
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[ToolboxItem(false)]
public class Service1 : System.Web.Services.WebService
{
[WebMethod]
public string HelloWorld()
{
string domainuser = System.Threading.Thread.CurrentPrincipal.Identity.Name;
return domainuser + "\n" + "Hello World1";
}
}
}
aspx页面: 引用http://sh-es-baoyi:8083/WebServe1/Service1.asmx, 发布在 http://localhost:8083/Client/Default.aspx
namespace Client
{
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
test.Service1 t = new test.Service1();
t.PreAuthenticate = true;
t.Credentials = CredentialCache.DefaultCredentials;
//t.UseDefaultCredentials = true;
Response.Write(t.HelloWorld());
}
}
}
不知是那里的问题导致? 该如何解决?
另外, 我用一个windows app引用同样的webservice, 却得到正确的当前用户domain\user1...
代码如下:
webservice: 发布在 http://localhost:8083/WebServe1/
namespace WebService1
{
/// <summary>
/// Summary description for Service1
/// </summary>
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[ToolboxItem(false)]
public class Service1 : System.Web.Services.WebService
{
[WebMethod]
public string HelloWorld()
{
string domainuser = System.Threading.Thread.CurrentPrincipal.Identity.Name;
return domainuser + "\n" + "Hello World1";
}
}
}
aspx页面: 引用http://sh-es-baoyi:8083/WebServe1/Service1.asmx, 发布在 http://localhost:8083/Client/Default.aspx
namespace Client
{
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
test.Service1 t = new test.Service1();
t.PreAuthenticate = true;
t.Credentials = CredentialCache.DefaultCredentials;
//t.UseDefaultCredentials = true;
Response.Write(t.HelloWorld());
}
}
}
...全文
请发表友善的回复…
发表回复
awuzi 2008-02-15
- 打赏
- 举报
NT AUTHORITY\NETWORK SERVICE 这个用户相当于2000、xp下的ASPNET用户,管理IIS网站。
所以从您的描述看,是IIS自己代替aspx页面请求者向WebService递交了身份标识。
解决的方法就是在aspx页面里面包装请求者的身份标识。
所以从您的描述看,是IIS自己代替aspx页面请求者向WebService递交了身份标识。
解决的方法就是在aspx页面里面包装请求者的身份标识。
lsyxp17 2008-02-13
- 打赏
- 举报
关注、学习
lunew 2008-02-04
- 打赏
- 举报
谢谢各位回复, 传递user/pwd应该是不可行的, 我不可能知道各个域用户的密码
web.config应该是没错 <authentication mode="Windows" />
jiangsheng的链接我看了, 其实这一步在程序里已经有了 t.Credentials = CredentialCache.DefaultCredentials;
不过不是我想要的结果
我希望在webservice里取得的用户身份和页面的用户身份是一致的domain\user1, 但实际却是 NT AUTHORITY\NETWORK SERVICE
我怀疑是DefaultCredentials的问题
The DefaultCredentials property applies only to NTLM, negotiate, and Kerberos-based authentication.
DefaultCredentials represents the system credentials for the current security context in which the application is running. For a client-side application, these are usually the Windows credentials (user name, password, and domain) of the user running the application. For ASP.NET applications, the default credentials are the user credentials of the logged-in user, or the user being impersonated.
如何赋值成当前用户的credential, 而不是这个DefaultCredentials呢?
web.config应该是没错 <authentication mode="Windows" />
jiangsheng的链接我看了, 其实这一步在程序里已经有了 t.Credentials = CredentialCache.DefaultCredentials;
不过不是我想要的结果
我希望在webservice里取得的用户身份和页面的用户身份是一致的domain\user1, 但实际却是 NT AUTHORITY\NETWORK SERVICE
我怀疑是DefaultCredentials的问题
The DefaultCredentials property applies only to NTLM, negotiate, and Kerberos-based authentication.
DefaultCredentials represents the system credentials for the current security context in which the application is running. For a client-side application, these are usually the Windows credentials (user name, password, and domain) of the user running the application. For ASP.NET applications, the default credentials are the user credentials of the logged-in user, or the user being impersonated.
如何赋值成当前用户的credential, 而不是这个DefaultCredentials呢?
蒋晟 2008-02-04
- 打赏
- 举报
migrant423 2008-02-04
- 打赏
- 举报
using System;
using System.Web;
using System.Web.Services;
using System.Web.Services.Protocols;
using Microsoft.Web.Services3;
using MySql.Data.MySqlClient;
using System.Configuration;
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[Microsoft.Web.Services3.Policy("ServerPolicy")]
public class Service : System.Web.Services.WebService
{
private const string SELECT_SQL = "SELECT m.lac,m.cityid,m.cellid,m.latitude as latitude,m.longitude as longitude,c.cityname as cityname,c.cityid as cityid FROM m_g_basestationinfo m,city c where m.cityid=c.cityid and m.lac=?lac and m.cellid=?cellid";
private const string PARA_LAC = "?lac";
private const string PARA_CELLID = "?cellid";
public Service () {
//如果使用设计的组件,请取消注释以下行
//InitializeComponent();
}
[WebMethod]
public string HelloWorld() {
return "Hello World";
}
}
调用时可以
UsernameToken token = new UsernameToken("admin", "nimda", PasswordOption.SendPlainText);
// Set the token onto the proxy
sw.SetClientCredential(token);
// Set the ClientPolicy onto the proxy
sw.SetPolicy("ClientPolicy");
using System.Web;
using System.Web.Services;
using System.Web.Services.Protocols;
using Microsoft.Web.Services3;
using MySql.Data.MySqlClient;
using System.Configuration;
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[Microsoft.Web.Services3.Policy("ServerPolicy")]
public class Service : System.Web.Services.WebService
{
private const string SELECT_SQL = "SELECT m.lac,m.cityid,m.cellid,m.latitude as latitude,m.longitude as longitude,c.cityname as cityname,c.cityid as cityid FROM m_g_basestationinfo m,city c where m.cityid=c.cityid and m.lac=?lac and m.cellid=?cellid";
private const string PARA_LAC = "?lac";
private const string PARA_CELLID = "?cellid";
public Service () {
//如果使用设计的组件,请取消注释以下行
//InitializeComponent();
}
[WebMethod]
public string HelloWorld() {
return "Hello World";
}
}
调用时可以
UsernameToken token = new UsernameToken("admin", "nimda", PasswordOption.SendPlainText);
// Set the token onto the proxy
sw.SetClientCredential(token);
// Set the ClientPolicy onto the proxy
sw.SetPolicy("ClientPolicy");
wxylvmnn 2008-02-03
- 打赏
- 举报
还真不大清楚。
既然windows app好用,那你就该考虑,要麽是web.congfig,要么就是IIS配置有问题。
再,如果就是搞不定,
可否考虑把 域名\用户名 作为参数传递给service。
既然windows app好用,那你就该考虑,要麽是web.congfig,要么就是IIS配置有问题。
再,如果就是搞不定,
可否考虑把 域名\用户名 作为参数传递给service。
cxzhq2002 2008-02-03
- 打赏
- 举报
然后当userName,password传给webService,(可以由soap头实现)
由webService验证后返加true,false,
由webService验证后返加true,false,
