I have a SOAP -> web service structure, using C#. I have IIS - windows authentication turned on so I am adding the DefaultNetworkCredentials to the ClientCredentials in my service instance. I am able to access the web service using these credentials. This is not the problem.
I would like to restrict access to certain information contained within the web service, depending on the user that is trying to access this service. I do not know how I can gain any user information from the Credentials by passing the Credentials as a parameter, or by an开发者_高级运维y other means. Any suggestions would be helpful.
Thanks so much!
Pretty sure the Windows authentication will determine if they can access the actual .asmx file in IIS.
You can use HttpContext.Current.User within your web service code to determine the currently logged on user's name as well (and then validate permission to perform action from there).
精彩评论