locked
User Impersonation RRS feed

  • Question

  • I have a SharePoint server that is hosting a Silverlight application.  The application accesses a back end database server using WCF Data Services as well as other WCF services over http.  The SharePoint server requires Windows authentication and so does the back end database/IIS server.  When the client computer is a member of the windows domain, then setting the browser settings to add the server names to the local intranet works by passing the client's login credentials.  This then eliminates the login box for the client.  However, if the client is not logged into the windows domain this is not possible.  The client receives multiple credential boxes.  The first is from the Sharepoint server asking for authentication to the page they are requesting to view.  Then there are more for each call that the Silverlight application is making to the backend server.  

    How would I impersonate the user that logged into the host server?  The goal would be to have the user enter their credentials one time when accessing the server, but then those credentials are used for the backend resources.

    Tuesday, June 3, 2014 1:52 PM