Question
I am creating an MVC application with Forms authentication. I have set the application up to authenticate against Active Directory. This works successfully.
I now need my application to consume a Web Api web service within my Domain. When I use Impersonation, the service is never called and object inspection shows the following: The remote name could not be resolved. This is the case for HttpClient, RestSharp and WebClient. If I remove the Impersonation, the code runs successfully (but not as the logged in user).
This throws up a couple of questions:
Can I perform WindowsIdentity Impersonation in a Forms Auth application if the Forms Auth application authenticates against Active Directory?
What is happening to prevent the code from finding my web service when Impersonation is used and how do I resolve this?
Thanks for any help.
Solution
Found the answer to my question so posting in case others are stuck with the same issue.
To perform Impersonation when Forms Auth is used you need Protocol Transition with Constrained Delegation. This article is excellent at talking you through the steps required to set this up. Once this is correctly implemented, Impersonation works as expected and the Service URL is correctly resolved.
https://stackoverflow.com/questions/19400565
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian