Discussion:
Authenticating web srvices
(too old to reply)
ThatsIT.net.au
2009-08-28 23:09:45 UTC
Permalink
Trying to secure web services over internet using windows authentication.

I want to secure my web services, I'm behind a ISA server and I have used
these articles to get as far as I have, but I'm getting a 502 bad gateway
error.

http://msdn.microsoft.com/en-us/library/ms977256.aspx
http://msdn.microsoft.com/en-us/library/bfazk0tb(VS.80).aspx

I was going to use soap headers but can not find a good example where its
shown how to authenticate against a database.

Any ideas, any examples
Phillip Windell
2009-08-31 14:04:58 UTC
Permalink
If you mean Integrated Authentication,...the User and the Web Service need
to be on the same side of the proxy,...meaning the user does not go through
the proxy to get there.
--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Post by ThatsIT.net.au
Trying to secure web services over internet using windows authentication.
I want to secure my web services, I'm behind a ISA server and I have used
these articles to get as far as I have, but I'm getting a 502 bad gateway
error.
http://msdn.microsoft.com/en-us/library/ms977256.aspx
http://msdn.microsoft.com/en-us/library/bfazk0tb(VS.80).aspx
I was going to use soap headers but can not find a good example where its
shown how to authenticate against a database.
Any ideas, any examples
ThatsIT.net.au
2009-09-02 01:46:37 UTC
Permalink
I was trying intragrated but I also tried Digest but could not get to work

I am willing to use soap headers but was not clear on a few things. I was
trying to send soap headers and then use them to authenticate against forms
authentication. but could not get this to work. I could use a function to
check database but would need to use this for each and every web method,
while this is ok, I would rather use forms authentication and use
user.identity.isauthenticated

I have gone on to soothing else in the meantime, but still need to get it
working.
do you have any advice,

Thanks
Post by Phillip Windell
If you mean Integrated Authentication,...the User and the Web Service need
to be on the same side of the proxy,...meaning the user does not go
through the proxy to get there.
--
Phillip Windell
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Post by ThatsIT.net.au
Trying to secure web services over internet using windows authentication.
I want to secure my web services, I'm behind a ISA server and I have used
these articles to get as far as I have, but I'm getting a 502 bad gateway
error.
http://msdn.microsoft.com/en-us/library/ms977256.aspx
http://msdn.microsoft.com/en-us/library/bfazk0tb(VS.80).aspx
I was going to use soap headers but can not find a good example where its
shown how to authenticate against a database.
Any ideas, any examples
Phillip Windell
2009-09-02 15:28:15 UTC
Permalink
When you say "web service" you are getting into web development with
ASP.Net. I am not a developer and would not have a clue,...I can barely
even spell "asp.net".

I don't think what you are trying to do with SOAP is even remotely possible
with Forms Based Authentication, but I could be wrong.

You could investigate Authenticaation methods here in the link below or in
the ISA's built in help,..but beyond that I have no idea.

ISA2006
http://technet.microsoft.com/en-us/library/bb898433(TechNet.10).aspx
--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Technet Library
ISA2004
http://technet.microsoft.com/en-us/library/cc302436(TechNet.10).aspx
ISA2006
http://technet.microsoft.com/en-us/library/bb898433(TechNet.10).aspx

Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.mspx

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
Post by ThatsIT.net.au
I was trying intragrated but I also tried Digest but could not get to work
I am willing to use soap headers but was not clear on a few things. I was
trying to send soap headers and then use them to authenticate against
forms authentication. but could not get this to work. I could use a
function to check database but would need to use this for each and every
web method, while this is ok, I would rather use forms authentication and
use user.identity.isauthenticated
I have gone on to soothing else in the meantime, but still need to get it
working.
do you have any advice,
Thanks
Post by Phillip Windell
If you mean Integrated Authentication,...the User and the Web Service
need to be on the same side of the proxy,...meaning the user does not go
through the proxy to get there.
--
Phillip Windell
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Post by ThatsIT.net.au
Trying to secure web services over internet using windows
authentication.
I want to secure my web services, I'm behind a ISA server and I have
used these articles to get as far as I have, but I'm getting a 502 bad
gateway error.
http://msdn.microsoft.com/en-us/library/ms977256.aspx
http://msdn.microsoft.com/en-us/library/bfazk0tb(VS.80).aspx
I was going to use soap headers but can not find a good example where
its shown how to authenticate against a database.
Any ideas, any examples
ThatsIT.net.au
2009-09-03 13:36:26 UTC
Permalink
Thanks i though you were relying from the asp.net group
Post by Phillip Windell
When you say "web service" you are getting into web development with
ASP.Net. I am not a developer and would not have a clue,...I can barely
even spell "asp.net".
I don't think what you are trying to do with SOAP is even remotely
possible with Forms Based Authentication, but I could be wrong.
You could investigate Authenticaation methods here in the link below or in
the ISA's built in help,..but beyond that I have no idea.
ISA2006
http://technet.microsoft.com/en-us/library/bb898433(TechNet.10).aspx
--
Phillip Windell
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Technet Library
ISA2004
http://technet.microsoft.com/en-us/library/cc302436(TechNet.10).aspx
ISA2006
http://technet.microsoft.com/en-us/library/bb898433(TechNet.10).aspx
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.mspx
Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
Post by ThatsIT.net.au
I was trying intragrated but I also tried Digest but could not get to work
I am willing to use soap headers but was not clear on a few things. I was
trying to send soap headers and then use them to authenticate against
forms authentication. but could not get this to work. I could use a
function to check database but would need to use this for each and every
web method, while this is ok, I would rather use forms authentication and
use user.identity.isauthenticated
I have gone on to soothing else in the meantime, but still need to get it
working.
do you have any advice,
Thanks
Post by Phillip Windell
If you mean Integrated Authentication,...the User and the Web Service
need to be on the same side of the proxy,...meaning the user does not go
through the proxy to get there.
--
Phillip Windell
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Post by ThatsIT.net.au
Trying to secure web services over internet using windows
authentication.
I want to secure my web services, I'm behind a ISA server and I have
used these articles to get as far as I have, but I'm getting a 502 bad
gateway error.
http://msdn.microsoft.com/en-us/library/ms977256.aspx
http://msdn.microsoft.com/en-us/library/bfazk0tb(VS.80).aspx
I was going to use soap headers but can not find a good example where
its shown how to authenticate against a database.
Any ideas, any examples
Loading...