带有IIS vs个人开发服务器的凭证[英] CredentialCache with IIS vs personal development server

本文是小编为大家收集整理的关于带有IIS vs个人开发服务器的凭证的处理方法,想解了带有IIS vs个人开发服务器的凭证的问题怎么解决?带有IIS vs个人开发服务器的凭证问题的解决办法?带有IIS vs个人开发服务器的凭证问题的解决方案?那么可以参考本文帮助大家快速定位并解决问题,译文如有不准确的地方,大家可以切到English参考源文内容。

问题描述

我有一个我正在测试的Web服务.当我使用个人ASP.NET Web服务器时,随机端口的所有内容都可以正常工作.当我将违约限制性传递到SSRS服务器以运行报告时,它会使用我的凭据.

当我尝试将其移动到本地IIS服务器时,DefualTcreDentials用户名是空白的,并且传递给SSRS服务器的ID为ASPNET.

我关闭了Annon访问,并且仅集成的Windows身份验证已打开.

我的本​​地IIS是5.1,因此没有应用程序池作为单独的对象.

web.config身份验证已设置

<authentication mode="Windows" /> 

预先感谢.

更新 我确实有

<identity impersonate="true" />

现在,但是我的问题最初是棘手的.

外部网络服务调用SSRS Webs服务,现在在浏览器中运行良好. 但是,当我从SSIS内调用外部网络服务时,它不起作用,当我逐步浏览代码时,会发生呼叫,但是当我对SSRS进行呼叫时,我会遇到401身份验证错误.

.

我在HTTP管理器中具有有效的凭据.我在加密敏感withuserkey上有包装保护级别.

再次从个人ASP.NET Web服务器打电话给外部网络服务,即使SSIS也可以正常工作.我只需要每次下载WSDL,因为端口更改,然后我必须重新设置Web服务任务.当我去生产时,我会担心.

(我尚未从代码运行测试以查看WebService如何行动)

更新2

再次在IE中工作,但即使我在webservice

上提供凭据,也不在SSIS和Firefox中使用.

我知道我的身份验证是正确的,因为

User.Identity.Name 

在Web服务中返回我的登录名,但是当我将违约性分配给报告服务服务时,它仍然给我401错误.我什至试图模仿我已登录的日志

Dim win As System.Security.Principal.WindowsIdentity = CType(User.Identity, System.Security.Principal.WindowsIdentity)
Dim context As System.Security.Principal.WindowsImpersonationContext = win.Impersonate()

    reportService.Credentials = System.Net.CredentialCache.DefaultCredentials

推荐答案

这是我从Microsoft收到的答案.

我很高兴早些时候通过电话讨论您的问题.正如我所说的那样,HTTP连接管理器不支持Windows身份验证,请在以下网址查看文章: http://msdn.microsoft.com/en-us/library/ms140114.aspx

Important

The HTTP connection manager supports only anonymous authentication and basic 
authentication. It does not support Windows Authentication.

因此,此时使用脚本任务来调用Web服务将是一个选项,但是您提到,将软件包转移到QA到UAT等会有挑战.我同意您在管理中管理URL代理课是一个挑战.

如果您还有其他问题,请告诉我.


现在甚至这是不正确的,因为我向微软的绅士展示了我们的Web服务确实需要Windows身份验证,但是无效的内容被称为"双跳".那就是凭据不会传递给SSRS服务器.

本文地址:https://www.itbaoku.cn/post/1806906.html

问题描述

I have a webservice that I am testing. When I use the personal asp.net webserver, the one with the random port everything works fine. It uses my credentials when I pass DefaultCredentials to an ssrs server to run a report.

When I tried to move it to my local IIS server, the DefualtCredentials UserName is blank and the ID that gets pass to the SSRS server is ASPNET.

I turned off Annon access and only Integrated Windows Authentication is on.

My local IIS is 5.1, so it doesn't have application pools as a separate object.

In the web.config authentication is set

<authentication mode="Windows" /> 

Thanks in advance.

UPDATE I do have the

<identity impersonate="true" />

now, but my problem is trickier then originally stated.

The outer webservice calls SSRS webservice and now it works fine in the browser. But when I call the outer webservice from within SSIS, it does not work, when I step through the code the call to the outer webservice occurs but when I make the call to SSRS i get a 401 Authentication error.

I have valid credentials in the HTTP Manager. I have the package protection level at EncryptSensitiveWithUserKey.

Again if I call the outer webservice from a personal ASP.net webserver, even the SSIS works fine. I just have to download the wsdl every time because the port changes and then I have to re-setup the webservice task. I am concern when I go to production.

(I have yet to run a test from code to see how the webservice acts)

UPDATE 2

Again the webservice works in IE, but not in SSIS nor Firefox even when I supply my credentials when I hit the webservice

I know I am getting authenticated properly because

User.Identity.Name 

returns my login name in the webservice, but when I assign defaultCredentials to the reporting service service it still gives me 401 error. I even tried to impersonate the log in that I was logged in as

Dim win As System.Security.Principal.WindowsIdentity = CType(User.Identity, System.Security.Principal.WindowsIdentity)
Dim context As System.Security.Principal.WindowsImpersonationContext = win.Impersonate()

    reportService.Credentials = System.Net.CredentialCache.DefaultCredentials

推荐答案

This is the answer I received from Microsoft.

It was my pleasure to discuss your issue over the phone littler earlier. As I was saying that HTTP connection manager does not support Windows Authentication, please have a look at the article at: http://msdn.microsoft.com/en-us/library/ms140114.aspx

Important

The HTTP connection manager supports only anonymous authentication and basic 
authentication. It does not support Windows Authentication.

So, at this point using Script Task to call the Web Services would be an option, however you mentioned that there will be a challenge of moving the package to QA to UAT etc. I agree with you that managing the URL in the proxy class is a challenge.

Please let me know if you have further questions.


Now even this is not true because I showed the gentleman from Microsoft that our web service did require Windows Authentication but what is not working is known as the “double-hop”. That is the credentials do not get passed to the SSRS server.

查看更多