HOW TO: Pass Current Credentials to an ASP.NET Web Service


This article references the following .NET Framework Class Library namespace:
System.Net

Summary


This step-by-step article describes how to pass the user's current credentials to an XML Web service that was created by using ASP.NET.

The DefaultCredentials property of the CredentialCache class contains the system credentials of the current security context. For client applications, these credentials represent the user name, the password, and the domain of the user who is currently logged on. Client credentials are not passed automatically. To pass the client's Windows security context to a Web service, you must set the Credentials property of the Web service proxy to CredentialCache.DefaultCredentials.

back to the top

Create the Web Service

  1. Start Microsoft Visual Studio .NET. Create a new ASP.NET Web Service project by using Visual C# .NET or Visual Basic .NET. By default, Service1.asmx is created.
  2. Name the project MyWebService.
  3. In Solution Explorer, right-click
    Service1.asmx, and then click View Code.
  4. In the Service1.asmx.cs file (or the
    Service1.asmx.vb file if you used Visual Basic .NET), remove the comment on the default WebMethod
    HelloWorld().
  5. On the Build menu, click Build Solution.
  6. Type the following URL in your browser to view the
    Service1 Web service description:
    http://localhost/MyWebService/Service1.asmx
  7. To test the HelloWorld WebMethod, click the HelloWorld link. Notice that the WebMethod works as expected.
back to the top

Set Integrated Windows Authentication for the Web Service

  1. Click Start, point to
    Settings, and then click Control Panel.
  2. In Control Panel, double-click Administrative Tools.
  3. Double-click Internet Information Services.
  4. Expand Internet Information Services, and then locate the MyWebService virtual directory.
  5. Right-click MyWebService, and then click
    Properties.
  6. Click the Directory Security tab. Under
    Anonymous access and authentication control, click
    Edit.
  7. In the Authentication Methods dialog box, click to select the check box for Integrated Windows authentication.
back to the top

Use the Web Service

  1. Create a new ASP.NET Web Application by using Visual C# .NET or Visual Basic .NET. Name the project WebServiceTest.
  2. In Solution Explorer, right-click
    References, and then click Add Web Reference.
  3. In the Address text box, type the following URL for WebServiceTest:
    http://localhost/MyWebService/Service1.asmx
  4. Click Go, and then click Add Reference.
  5. In Solution Explorer, right-click
    WebForm1.aspx, and then click View Code.
  6. In the Design View of WebForm1, double-click WebForm1 to open the Page_Load event code. Change the Page_Load event code as follows:

    Visual C# .NET Sample Code
    private void Page_Load(object sender, System.EventArgs e)
    {
    // Start an instance of the Web Service client-side proxy.
    localhost.Service1 myProxy = new localhost.Service1();
    Response.Write( myProxy.HelloWorld());
    }
    Visual Basic .NET Sample Code
    Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load

    'Start an instance of the Web Service client-side proxy.
    Dim myProxy As localhost.Service1 = New localhost.Service1()
    Response.Write(myProxy.HelloWorld())
    End Sub
  7. On the Build menu, click Build Solution.
  8. Type the following URL in the browser to view the Service1 Web service description:
    http://localhost/WebServiceTest/WebForm1.aspx
  9. You may receive an Access Denied error message. This occurs because your credentials are not delivered with the Web service request for authentication.
back to the top

Pass Current Credentials to the Web Service

The CredentialCache class belongs to the
System.Net namespace.
  1. Add the following namespace declaration to the top of the file:

    Visual C# .NET Sample Code
    using System.Net;
    Visual Basic .NET Sample Code
    Imports System.Net
  2. Assign DefaultCredentials to the Credentials property of the Web service client-side proxy. To do this, change the code of the Page_Load event as follows:

    Visual C# .NET Sample:
    private void Page_Load(object sender, System.EventArgs e)
    {
    // Start an instance of the Web service client-side proxy.
    localhost.Service1 myProxy = new localhost.Service1();
    myProxy.Credentials = System.Net.CredentialCache.DefaultCredentials;
    Response.Write( myProxy.HelloWorld());
    }
    Visual Basic .NET Sample Code
    Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load

    'Start an instance of the Web service client-side proxy.
    Dim myProxy As localhost.Service1 = New localhost.Service1()
    myProxy.Credentials = System.Net.CredentialCache.DefaultCredentials
    Response.Write(myProxy.HelloWorld())
    End Sub
  3. On the Debug menu, click
    Start. Hello World appears in the browser.
back to the top

References


For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
811318 PRB: "Access Denied" Error Message When You Call a Web Service While Anonymous Authentication Is Turned Off
For more information, visit the following Microsoft Web site:back to the top