|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
08-12-2009
| #1 (permalink) |
| | what is the difference between manually constructed NetworkCredentialand one from windowsidentity? Hello, I have a winform (client) and windows service (server), At client side, when I construct a NetworkCredential manually by providing username, password and domain, I can do this: clientSide.AuthenticateAsClient(new NetworkCredential ("administrator","8ik,7UJM","jerry.test"), spn.ToString(), ProtectionLevel.EncryptAndSign, TokenImpersonationLevel.Delegation); however, if I get the default credential from current windows identity after impersnate the user: clientSide.AuthenticateAsClient (System.Net.CredentialCache.DefaultNetworkCredentials, spn.ToString(), ProtectionLevel.EncryptAndSign, TokenImpersonationLevel.Delegation); It always fails and error message is: A security requirement was not fulfilled during authentication. Required: Delegation, negotiated: Impersonation. So what is the difference between above calls? Except one is manually constructed? Many Thanks Jerry |
My System Specs |
|
08-12-2009
| #2 (permalink) |
| | Re: what is the difference between manually constructed NetworkCredential and one from windowsidentity? DAXU <jerryxu7509@xxxxxx> wrote in news:41df4ea2-1544-4792-b934- ad5609b38c62@xxxxxx: Quote: > Hello, > I have a winform (client) and windows service (server), > At client side, when I construct a NetworkCredential manually by > providing username, password and domain, I can do this: > > clientSide.AuthenticateAsClient(new NetworkCredential > ("administrator","8ik,7UJM","jerry.test"), > spn.ToString(), > ProtectionLevel.EncryptAndSign, TokenImpersonationLevel.Delegation); > > however, if I get the default credential from current windows identity > after impersnate the user: > clientSide.AuthenticateAsClient > (System.Net.CredentialCache.DefaultNetworkCredentials, > spn.ToString(), > ProtectionLevel.EncryptAndSign, TokenImpersonationLevel.Delegation); > > It always fails and error message is: > A security requirement was not fulfilled during authentication. > Required: Delegation, negotiated: Impersonation. > > So what is the difference between above calls? Except one is manually > constructed? after impersonate the user" what do you mean exactly? Is this a web service (ASMX or WCF) that is impersonating, another system, etc? Depending on what is impersonating, you may have the security of the configuration set up incorrectly. For example, web services have to be configured to use Windows authentication to get the proper user token. Regardless, check the actual user that is in the windows identity credential by querying it after it is filled. If it is not the same, that is the issue. If it is, check all of the properties and see if there are any differences. Somewhere there has to be a difference you can find and alleviate. -- Gregory A. Beamer MVP; MCP: +I, SE, SD, DBA Twitter: @gbworld Blog: http://gregorybeamer.spaces.live.com ******************************************* | Think outside the box! | ******************************************* |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Some solutions I have constructed (HTA HTML vbScript) | VB Script | |||
| changing the IRQ manually | Vista General | |||
| Should I install SP1 manually? | Vista General | |||
| how to manually index? | Vista General | |||
| help. How to remove rc2 manually | PowerShell | |||
