Tommaso,
Actually, the user is authenticated, from the perspective of IIS. From
the perspective of LDAP or Database, no, it is not.
There are two solutions here. The first is to not always use different
credentials when accessing the database or an LDAP. Rather, you should
create an account under which your service runs, and then grant access to
that service account. This actually improves scalability when working with
databases, as the connections can be pooled. However, if you are putting
different client credentials together for each connection to the database,
you can't pool them.
Of course, you would have to manage access to the database yourself, but
it's a better alternative, IMO.
The second option would be to use Windows authentication. Then you need
to set IIS up to impersonate the user that is connected. Then, you can use
integrated security to attach to the database and to LDAP.
--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)
Tommaso Caldarola said:
Nicholas said:
Tommaso,
At that point, I am kind of wondering, why do you want it? The user
is authenticated at that point, and you can be assured that they have
logged in correctly.
If I put in client code
IDictionary props = ChannelServices.GetChannelSinkProperties(proxy);
props["username"] = "dummyremotinguser";
props["password"] = "12345";
and then I call proxy.Method()
on the server side in host on IIS (where do I set basic authentication) I
got:
IPrincipal principal = System.Web.HttpContext.Current.User;
here I want to perform custom authentication on LDAP or Database, the user
IS NOT AUTHENTICATED at this point, how do it? I need to know pasword too.