«

Hi all


I would like to now the answer to the following problem, if someone can

help.


Given a windows application client that's calling a web service (using
default credentials) the
web service gets invoked fine with the users credentials. However they
need
to call a second web service from the first one. When it hits the
second web
service, the web service (even though configured correctly) always
reports (401) Unauthorized.


Is there any possibility to do this or is impossible ?


Is possible to implement any workaround for this problem ?


Thanks in advance


Manuel Brandão

you can do this...

In webservice1 code behind you will be creating the reference object of the
second webservice.

There you can specify whet credential you have to use when calling web
service2.
for example

WebService2 ws = new WebService2();
ws.Credentials = ................

and call the 2nd web service..

since be default webservice2 will be called with the credential of asp.net
worker process you will be gettting this error.

Hope this helps

<> wrote in message
news: oups.com...
Hi all


I would like to now the answer to the following problem, if someone can

help.


Given a windows application client that's calling a web service (using
default credentials) the
web service gets invoked fine with the users credentials. However they
need
to call a second web service from the first one. When it hits the
second web
service, the web service (even though configured correctly) always
reports (401) Unauthorized.


Is there any possibility to do this or is impossible ?


Is possible to implement any workaround for this problem ?


Thanks in advance


Manuel Brandão

the second web service must be on the same server as the first web service
for this to work.

if its on a different server, then you must switch to basic or Kerberos
authentication.

-- bruce (sqlwork.com)

"Balasubramanian Ramanathan" <> wrote in message
news:...
> you can do this...
>
> In webservice1 code behind you will be creating the reference object of
> the second webservice.
>
> There you can specify whet credential you have to use when calling web
> service2.
> for example
>
> WebService2 ws = new WebService2();
> ws.Credentials = ................
>
> and call the 2nd web service..
>
> since be default webservice2 will be called with the credential of asp.net
> worker process you will be gettting this error.
>
> Hope this helps
>
> <> wrote in message
> news: oups.com...
> Hi all
>
>
> I would like to now the answer to the following problem, if someone can
>
> help.
>
>
> Given a windows application client that's calling a web service (using
> default credentials) the
> web service gets invoked fine with the users credentials. However they
> need
> to call a second web service from the first one. When it hits the
> second web
> service, the web service (even though configured correctly) always
> reports (401) Unauthorized.
>
>
> Is there any possibility to do this or is impossible ?
>
>
> Is possible to implement any workaround for this problem ?
>
>
> Thanks in advance
>
>
> Manuel Brandão
>
>

Hello all,
this is problem known as dual hop. You are passing credentials (by
token) to one server, this is correct (just windows token is passed),
but you cannot pass token somewhere else on remote computer, this would
be potential security bug (program could use passed access to do
something).
Solution is as was written by Bruce Barker,
- either using basic authentication (passing user and password using
cleartext) Then you can easily use name and password for login without
troubles, but you are facing risk of network listening ..
- either kerberos network token passing - this also is not as secure as
it should be. You need to configure remote computer for using this
access in Active Directory.
- and the last passibility is easily use the same computer for two web
services - then you do not need to pass token remotely and windows can
handle this on single computer.

Martin Kunc

Balasubramanian Ramanathan wrote:
> you can do this...
>
> In webservice1 code behind you will be creating the reference object of the
> second webservice.
>
> There you can specify whet credential you have to use when calling web
> service2.
> for example
>
> WebService2 ws = new WebService2();
> ws.Credentials = ................
>
> and call the 2nd web service..
>
> since be default webservice2 will be called with the credential of asp.net
> worker process you will be gettting this error.
>
> Hope this helps
>
> <> wrote in message
> news: oups.com...
> Hi all
>
>
> I would like to now the answer to the following problem, if someone can
>
> help.
>
>
> Given a windows application client that's calling a web service (using
> default credentials) the
> web service gets invoked fine with the users credentials. However they
> need
> to call a second web service from the first one. When it hits the
> second web
> service, the web service (even though configured correctly) always
> reports (401) Unauthorized.
>
>
> Is there any possibility to do this or is impossible ?
>
>
> Is possible to implement any workaround for this problem ?
>
>
> Thanks in advance
>
>
> Manuel Brandão