bugnet icon indicating copy to clipboard operation
bugnet copied to clipboard
verified publisher icon dubeaud

Web Service not working with IIS login

Open gruberr opened this issue 10 years ago • 0 comments

This might be a tie-in with #138 but since I'm trying to connect without the Login/Logout methods I'm getting a different result. It turns out that the Webservices\LogInWebService.cs is broken when used in that way. It will check the server based authentication in the constructor and do nothing (//already authenticated through web app.)

The "UserName" and "IsAuthenticated" properties that the real service implementation uses however don't reflect that information. Either the comment mentioned above needs to use:

            //already authenticated through web app.
            if (!IsAuthenticated)
            {
                // need to set up...
                IsAuthenticated = true;
                UserName = Thread.CurrentPrincipal.Identity.Name;
            }
            else
                    if (UserName != Thread.CurrentPrincipal.Identity.Name) throw new InvalidOperationException("Security breach in session...");

or the property getters need to be changed to use the web-server authorization too.

gruberr avatar Dec 08 '15 02:12 gruberr