Kriya and Meditation for Software / IT Professionals. Conducted by Bipin Joshi in Thane. Read more...
Learn ASP.NET MVC, ASP.NET Core and ASP.NET Design Patterns. Courses conducted by Bipin Joshi on weekends. Click here for more details.

Windows Authentication with Web Services

Introduction

In the previous article in this series we saw how to use SOAP headers to authenticate a web service. In this article I will show you how you can use windows credentials to authenticate the consumer of your web service. Windows authentication is commonly used in intranet scenarios such as corporate portals.

How it works?

You can enable windows authentication for your web applications using web.config file. You need to set authentication mode to Windows in the <authentication> section. Additionally you need to set <authorization> section to deny anonymous access. Once you set these parameters in the web.config file the windows credentials of client machine (i.e. the machine which is accessing the web service) will be automatically passed to the web service. In side the web service you can then use Context.User.Identity.Name to get the user name of the user. In case client is not logged in to the domain, IE will pop up a dialog box to enter user id and password. Once user enters valid credentials he will be allowed to consume the web service.

Source Code

The sample source code provided contains two VS.NET projects. One is web service project that authenticates the user. The other is web application that consumes the web service.

Bipin Joshi is a software consultant, an author and a yoga mentor having 22+ years of experience in software development. He also conducts online courses in ASP.NET MVC / Core and Design Patterns. He is a published author and has authored or co-authored books for Apress and Wrox press. Having embraced the Yoga way of life he also teaches Meditation and Mindfulness to interested individuals. To know more about him click here.

Get connected : Twitter  Facebook  Google+  LinkedIn

Posted On : 07 December 2002


Tags : ASP.NET Web Services Security Configuration