Wednesday, April 04, 2007

Web Services- ASP.Net and Credentials

I have noticed a lot of people getting stuck on some fairly basic stuff when working with ASP.NET web services. Like a lot of things in development, security can quite often trip us up.

If you have configured your ASP.NET web service to use integrated access via IIS you may be experiencing some difficulties in accessing a web service on a corporate intranet. If you are getting the message "Access denied" you most likely have not set the authentication credentials on your web service before making a call to one of its web methods.

Assuming you have an instantiated web service object called ws for our purposes, implement the following code:

ws.Credentials=System.Net.CredentialCache.DefaultCredentials;

This tells the web service who is trying to access it. By default the Credential property is set to null, meaning no credentials are sent through.