I cannot understand how authentication works together with web services. I have found there is different ways to do it, and I seem to be able to make it work between two Windows
machines, but not between a Windows
and a Linux
I found that user information for the requesting user can be retrieved at the WebService through the User object. Through this object it is possible to ask if the user has been authenticated.
But... I do not get the relation. Some user uA
sits at machine mA
and requests the web service at machine mB
. The method [WebService].User.Identity.IsAuthenticate, does it answer for machine mA or mB?
I need a way to authenticate users requesting from a Windows
machine to a Linux
box running Mono
with the web service, but when I try to output the User.Identity.Name on the web service it is the empty string. I found that this is probably because the user hasn't been authenticated.
Alright, I haven't really touched the web.config
or the IIS
, since I do not know where to touch! I quess it is possible to change the authentication method and perhaps this way make it work. How do I e.g. change between thee different Windows authentication methods like Basic, Digest etc.?
I previously wrote this in the C# corner of this forum...
I found an article
describing a custom way to include the user information in the SOAP header, but I guess this is not secure even though it looks pretty fancy!