Loading ...
Sorry, an error occurred while loading the content.

IIS + Basic Authentication +.NET Clients

Expand Messages
  • Matt Long
    I have noticed that if IIS is configured for Basic authentication + anonymous authentication AND basic is configured on a .NET client via CredentialCache
    Message 1 of 2 , Dec 21, 2002
    • 0 Attachment

      I have noticed that if IIS is configured for “Basic” authentication + anonymous authentication AND basic is configured on a .NET client via CredentialCache that the Authorization header is not visible to the service.  However, if the Authorization Http header is manually added as a header, it is visible.

       

      To answer why I’m doing this…I’m attempt to authenticate “Basic” outside of the NT + IIS, which implies that I need access to the Authorization header.

       

      So…

      (1)     Is any soap-builder authenticating Basic outside on built-in server tools and has experience similar behavior?

      (2)     Has anyone noticed this behavior when a .NET client is sending Basic authentication?

      (3)  (To MS) Is type of behavior expected?

       

       

      Thx,

       

      -Matt Long

      Phalanx Systems, LLC

       

       

    • Alex DeJarnatt
      Matt, I m no expert on this, but i believe the client won t try to authenticate unless the server challenges and the server won t challenge if it accepts
      Message 2 of 2 , Dec 23, 2002
      • 0 Attachment
        Message
        Matt, I'm no expert on this, but i believe the client won't try to authenticate unless the server challenges and the server won't challenge if it accepts anonymous.  You could try setting the PreAuthenticate property of the client proxy to true to force authentication.
        alex
        -----Original Message-----
        From: Matt Long [mailto:mlong@...]
        Sent: Saturday, December 21, 2002 9:16 AM
        To: soapbuilders@yahoogroups.com
        Subject: [soapbuilders] IIS + Basic Authentication +.NET Clients

        I have noticed that if IIS is configured for “Basic” authentication + anonymous authentication AND basic is configured on a .NET client via CredentialCache that the Authorization header is not visible to the service.  However, if the Authorization Http header is manually added as a header, it is visible.

         

        To answer why I’m doing this…I’m attempt to authenticate “Basic” outside of the NT + IIS, which implies that I need access to the Authorization header.

         

        So…

        (1)     Is any soap-builder authenticating Basic outside on built-in server tools and has experience similar behavior?

        (2)     Has anyone noticed this behavior when a .NET client is sending Basic authentication?

        (3)  (To MS) Is type of behavior expected?

         

         

        Thx,

         

        -Matt Long

        Phalanx Systems, LLC

         

         


        -----------------------------------------------------------------
        This group is a forum for builders of SOAP implementations to discuss implementation and interoperability issues.  Please stay on-topic.

        To unsubscribe from this group, send an email to:
        soapbuilders-unsubscribe@yahoogroups.com



        Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
      Your message has been successfully submitted and would be delivered to recipients shortly.