I have an ASP MVC web site, let's call it WebSite. And two services Service1 and Service2. From the WebSite I call Service1 and from Service1 I call Service2. In WebSite I use Windows Authentication. I want to call Service2 from WebSite with User's rights. I've read about double impersonation and delegation, but I want to clarify something.. If I'm hosting WebSite and both Services at same machine, do I still need to use delegation? And how I actually do this in code/web.config?? I call Service1 from WebSite with ((WindowsIdentity)HttpContext.Current.User.Identity).Impersonate() and this works fine, but when I try to this calling Service2 from Service1, ServiceSecurityContext.Current.WindowsIdentity.Impersonate() throws exception. So, how can I do this?
Asked
Active
Viewed 225 times
0
-
I solved it. The problem was, that I didn't set an Impersonation level of the service to Impersonate. – Michael Feb 15 '14 at 00:34
2 Answers
0
There is no HttpContext.Current in your webservice. It's null, as the exception has probably told you. You can get the current user from Thread.CurrentPrincipal in web services.
nvoigt
- 75,013
- 26
- 93
- 142
-
My mistake.. I used ServiceSecurityContext.Current.WindowsIdentity.Imperosnate().. but when I call Service2 it throws exception Could not load file or assembly 'System.IdentityModel.Selectors ... – Michael Feb 10 '14 at 07:30
0
Since the Service1 and the Service2 are not open to public access, you could call them using some custom argument indicating the user, his/her roles or the his/her privileges. I suppose this would be the simplest solution.
A more structured solution would be to use the same authentication realm for both sites. It is not very easy. This would give you some better insight on how to do it.
Hope I helped!
Community
- 1
- 1
Pantelis Natsiavas
- 5,293
- 5
- 21
- 36