ActiveX not sending IE (Impersonated) user credentials to web service (Windows Authentication) RRS feed

  • Question

  • My setup involves a website using windows authentication. A page on this site has a managed user control (Activex) which also makes calles to a webservice on the same web server and It also uses WebClient to load certain XML files from the server. The website, webservice and virtiual directory where the XML files are located are all Windows Authenticated. 

    My issue happens on a system, where the domain the user logged in is not in trusted sites (with the domain of the web server) and the IIS throws a login dialog. The user logs in with the credentails of a trusted account and browses the website. When the ActiveX begins making calls to the webservice and also when it loads the XML files, the requests are from the currently logged in user (of the m/c) rather than the impersonated user. 

    I can track those request from IIS Logs:

    2013-03-12 17:19:22 MYIPADDRESS POST /MyWebService/Service1.asmx - 80 DOMAIN\USERID_OF_USER_ON_MACHINE IPADDRESS Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50727.4963) 401 2 5 109

    I have added the following lines where required:

    mywebservice.Credentials = System.Net.CredentialCache.DefaultCredentials; (I tried DefaultNetworkCredentials) as well.

    mywebclient.Credentials = System.Net.CredentialCache.DefaultCredentials;(I tried DefaultNetworkCredentials) as well.

    How can I make the requests from the trusted account instead (the one who is accessing IE)?

    Webserver: Windows2008 R2, IIS 7.5, >net Framework 4.5

    Client: Windows 7, .Net Framework 4.5, IE9

    • Edited by lpatnaik Tuesday, March 12, 2013 5:36 PM
    • Moved by Mike Feng Wednesday, March 13, 2013 11:35 AM
    Tuesday, March 12, 2013 5:22 PM


All replies