«

I have an ASP.NET 3.5 web site which calls a ASP.NET web service
I am required (don't ask) to only allow authenticated users make web service
calls.
As in;

<authorization>
<deny users="?" />
<!--<allow roles="submitter"/>-->
<deny users="*" />
</authorization>

The application does not use Windows authentication but Forms authentication.
I'm getting a 401: Unauthorized error when trying to make web service calls.

the web service Web.config has these settings as well as the above
<authentication mode="Windows"/>
<identity impersonate="true" />

I am setting the Credentials on my web service the following way

CredentialCache cache = new CredentialCache();
cache.Add(new Uri(service.Url), "Basic", new
NetworkCredential(LoggedInUser.Login, LoggedInUser.Password));
service.Credentials = cache;
service.PreAuthenticate = true;

The IIS Directory Securty setting are set to allow Anonymous access and
"Integrated Windows" authentication for the web services.

what am I doing wrong here?

thanks
mike

"mike" <> wrote in message
news:4D111443-8B6C-4EB6-8C51-...
>
> The application does not use Windows authentication but Forms
> authentication.
> I'm getting a 401: Unauthorized error when trying to make web service
> calls.
>
>

It means whatever the account is that is being presented to the ASP.NET Web
Service site and the site's virtual directory is in valid.

You need to go to the Web server where the Web service is hosted, enable the
NT based O/S's Audit for Login Success/Fail, go to the System Event Log,
and find out what is the user\account being presented at login failure.


__________ Information from ESET NOD32 Antivirus, version of virus signature database 4135 (20090606) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com