2

I have an application with Windows authentication enabled and it works fine. There is a new functionality that calls a web service, and I want to carry the user credentials to that web service as well, so I have enabled impersonation hoping that delegation will work out of the box since both my web app and the web service are under the same Active Directory.

However, when I enabled impersonation, the browser prompts me for user and password when accessing the web app, and even providing a valid one it is not working. Note that without impersonation, the app is picking the Windows user correctly.

What can be the issue? I have been following the documentation selecting Authenticated User for the impersonation, and I don´t think I missed any step. Considering that I have Windows authentication already working, what can make it stop working when enabling impersonation?

vtortola
  • 34,709
  • 29
  • 161
  • 263
  • Is this an app that always requires user impersonation for all features? If so, you want to turn off anonymous access in IIS so you don't get stuck in stupid loops. – Gregory A Beamer Aug 13 '15 at 18:54
  • Right, anonymous authentication is disabled because the app runs in a LAN with AD authentication, so all the users are authenticated. The Windows authentications works well on its own, it is just when I switch the impersonation when stop working. – vtortola Aug 13 '15 at 19:28
  • There is a trust issue somewhere in the chain that is causing the issue. If you have access to physically get on the web server, try accessing the other server with your credentials and make sure there is not a wonky policy in effect. You should also watch the request response traffic so you can see what is actually being passed around. Wish I had an easy, one-stop answer, or the time to get deeper, but I don't – Gregory A Beamer Aug 13 '15 at 19:37
  • Right I guess these kind of things are always very intricate. Even so I still really appreciate clues. – vtortola Aug 13 '15 at 20:15
  • @vtortola Does your web service require basic authentication ? That may be prompting you to provide credentials – Hakunamatata Aug 14 '15 at 03:32

0 Answers0